From 4cbaf956f6d711d5ec39b7e62bf0ee1085d96a16 Mon Sep 17 00:00:00 2001
From: Gaurav Goyal <gaurav.goyal@4rf.com>
Date: Thu, 11 Mar 2021 13:46:37 +1300
Subject: nhrpd: Retry IPSec if NHRP is repeatedly failing

This prevents a failed IPSec connection from preventing DMVPN from working.
A failure situation can be reproduced using a Cisco peer, and and disabling then
re-enabling the tunnel IPSec protection (after the IPSec connection has
already been established).

Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
---
 nhrpd/nhrpd.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'nhrpd/nhrpd.h')

diff --git a/nhrpd/nhrpd.h b/nhrpd/nhrpd.h
index a36d0c445..37a9e338c 100644
--- a/nhrpd/nhrpd.h
+++ b/nhrpd/nhrpd.h
@@ -125,6 +125,7 @@ enum nhrp_notify_type {
 struct nhrp_vc {
 	struct notifier_list notifier_list;
 	uint32_t ipsec;
+	uint32_t ike_uniqueid;
 	uint8_t updating;
 	uint8_t abort_migration;
 
@@ -399,6 +400,7 @@ void nhrp_vc_reset(void);
 
 void vici_init(void);
 void vici_terminate(void);
+void vici_terminate_vc(unsigned int ike_id);
 void vici_request_vc(const char *profile, union sockunion *src,
 		     union sockunion *dst, int prio);
 
-- 
cgit v1.2.3