ipip: Multi-point interface

[vpp.git] / src / vnet / ipsec / ipsec_cli.c

diff --git a/src/vnet/ipsec/ipsec_cli.c b/src/vnet/ipsec/ipsec_cli.c
index 630e60a..b054155 100644 (file)
--- a/src/vnet/ipsec/ipsec_cli.c
+++ b/src/vnet/ipsec/ipsec_cli.c
@@ -89,6 +89,7 @@ ipsec_sa_add_del_command_fn (vlib_main_t * vm,
   u32 id, spi, salt;
   int is_add, rv;
 
+  salt = 0;
   error = NULL;
   is_add = 0;
   flags = IPSEC_SA_FLAG_NONE;
@@ -840,8 +841,9 @@ create_ipsec_tunnel_command_fn (vlib_main_t * vm,
       /* create an ip-ip tunnel, then the two SA, then bind them */
       rv =
        ipip_add_tunnel (ipv6_set ? IPIP_TRANSPORT_IP6 : IPIP_TRANSPORT_IP4,
-                        instance, &local_ip, &remote_ip, fib_index, 0,
-                        &sw_if_index);
+                        instance, &local_ip, &remote_ip, fib_index,
+                        TUNNEL_ENCAP_DECAP_FLAG_NONE, IP_DSCP_CS0,
+                        TUNNEL_MODE_P2P, &sw_if_index);
       rv |=
        ipsec_sa_add_and_lock (ipsec_tun_mk_local_sa_id (sw_if_index),
                               local_spi, IPSEC_PROTOCOL_ESP, crypto_alg,
@@ -869,11 +871,8 @@ create_ipsec_tunnel_command_fn (vlib_main_t * vm,
     case 0:
       break;
     case VNET_API_ERROR_INVALID_VALUE:
-      if (is_add)
-       error = clib_error_return (0,
-                                  "IPSec tunnel interface already exists...");
-      else
-       error = clib_error_return (0, "IPSec tunnel interface not exists...");
+      error = clib_error_return (0,
+                                "IPSec tunnel interface already exists...");
       goto done;
     default:
       error = clib_error_return (0, "ipsec_register_interface returned %d",