vpn_agent.ini

updated: 2020-02-12 15:07

vpn_agent.ini

This is a configuration file for the VPNaaS L3 agent extension of the neutron l3-agent.

ipsec

config_base_dir
Type:string
Default:$state_path/ipsec

Location to store ipsec server config files

ipsec_status_check_interval
Type:integer
Default:60

Interval for checking ipsec status

enable_detailed_logging
Type:boolean
Default:false

Enable detail logging for ipsec pluto process. If the flag set to True, the detailed logging will be written into config_base_dir/<pid>/log. Note: This setting applies to OpenSwan and LibreSwan only. StrongSwan logs to syslog.

pluto

shutdown_check_timeout
Type:integer
Default:1

Initial interval in seconds for checking if pluto daemon is shutdown

Deprecated Variations
Group Name
libreswan shutdown_check_timeout
shutdown_check_retries
Type:integer
Default:5

The maximum number of retries for checking for pluto daemon shutdown

Deprecated Variations
Group Name
libreswan shutdown_check_retries
shutdown_check_back_off
Type:floating point
Default:1.5

A factor to increase the retry interval for each retry

Deprecated Variations
Group Name
libreswan shutdown_check_back_off
restart_check_config
Type:boolean
Default:false

Enable this flag to avoid from unnecessary restart

Deprecated Variations
Group Name
libreswan restart_check_config

strongswan

ipsec_config_template
Type:string
Default:/home/zuul/src/opendev.org/openstack/neutron-vpnaas/neutron_vpnaas/services/vpn/device_drivers/template/strongswan/ipsec.conf.template

Template file for ipsec configuration.

strongswan_config_template
Type:string
Default:/home/zuul/src/opendev.org/openstack/neutron-vpnaas/neutron_vpnaas/services/vpn/device_drivers/template/strongswan/strongswan.conf.template

Template file for strongswan configuration.

ipsec_secret_template
Type:string
Default:/home/zuul/src/opendev.org/openstack/neutron-vpnaas/neutron_vpnaas/services/vpn/device_drivers/template/strongswan/ipsec.secret.template

Template file for ipsec secret configuration.

default_config_area
Type:string
Default:/etc/strongswan.d

The area where default StrongSwan configuration files are located.

vpnagent

vpn_device_driver
Type:multi-valued
Default:neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver, neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver, neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver

The vpn device drivers Neutron will use

updated: 2020-02-12 15:07
Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.

found an error? report a bug questions?