diff --git a/SOURCES/openvswitch-2.16.0.patch b/SOURCES/openvswitch-2.16.0.patch
index ac1fd48..17514ec 100644
--- a/SOURCES/openvswitch-2.16.0.patch
+++ b/SOURCES/openvswitch-2.16.0.patch
@@ -598,6 +598,46 @@ index 95e52e3587..045dce8f5f 100644
  bool mf_is_pipeline_field(const struct mf_field *);
  bool mf_is_set(const struct mf_field *, const struct flow *);
  void mf_mask_field(const struct mf_field *, struct flow_wildcards *);
+diff --git a/ipsec/ovs-monitor-ipsec.in b/ipsec/ovs-monitor-ipsec.in
+index 89a36fe17b..a8b0705d9f 100755
+--- a/ipsec/ovs-monitor-ipsec.in
++++ b/ipsec/ovs-monitor-ipsec.in
+@@ -202,18 +202,18 @@ conn prevent_unencrypted_vxlan
+ """
+ 
+     auth_tmpl = {"psk": Template("""\
+-    left=0.0.0.0
++    left=%any
+     right=$remote_ip
+     authby=psk"""),
+                  "pki_remote": Template("""\
+-    left=0.0.0.0
++    left=%any
+     right=$remote_ip
+     leftid=$local_name
+     rightid=$remote_name
+     leftcert=$certificate
+     rightcert=$remote_cert"""),
+                  "pki_ca": Template("""\
+-    left=0.0.0.0
++    left=%any
+     right=$remote_ip
+     leftid=$local_name
+     rightid=$remote_name
+@@ -299,11 +299,11 @@ conn prevent_unencrypted_vxlan
+ 
+     def config_tunnel(self, tunnel):
+         if tunnel.conf["psk"]:
+-            self.secrets_file.write('0.0.0.0 %s : PSK "%s"\n' %
++            self.secrets_file.write('%%any %s : PSK "%s"\n' %
+                             (tunnel.conf["remote_ip"], tunnel.conf["psk"]))
+             auth_section = self.auth_tmpl["psk"].substitute(tunnel.conf)
+         else:
+-            self.secrets_file.write("0.0.0.0 %s : RSA %s\n" %
++            self.secrets_file.write("%%any %s : RSA %s\n" %
+                                         (tunnel.conf["remote_ip"],
+                                         tunnel.conf["private_key"]))
+             if tunnel.conf["remote_cert"]:
 diff --git a/lib/db-ctl-base.c b/lib/db-ctl-base.c
 index 77cc76a9f6..7074561588 100644
 --- a/lib/db-ctl-base.c
diff --git a/SPECS/openvswitch2.16.spec b/SPECS/openvswitch2.16.spec
index c97c1bd..1205bb5 100644
--- a/SPECS/openvswitch2.16.spec
+++ b/SPECS/openvswitch2.16.spec
@@ -57,7 +57,7 @@ Summary: Open vSwitch
 Group: System Environment/Daemons daemon/database/utilities
 URL: http://www.openvswitch.org/
 Version: 2.16.0
-Release: 39%{?dist}
+Release: 40%{?dist}
 
 # Nearly all of openvswitch is ASL 2.0.  The bugtool is LGPLv2+, and the
 # lib/sflow*.[ch] files are SISSL
@@ -699,6 +699,12 @@ exit 0
 %endif
 
 %changelog
+* Fri Jan 21 2022 Open vSwitch CI <ovs-ci@redhat.com> - 2.16.0-40
+- Merging upstream branch-2.16 [RH git: 60b19f443c]
+    Commit list:
+    07a115f7d9 ovs-monitor-ipsec: Fix generated strongSwan ipsec.conf for IPv6.
+
+
 * Thu Jan 20 2022 Open vSwitch CI <ovs-ci@redhat.com> - 2.16.0-39
 - Merging upstream branch-2.16 [RH git: 349d687673]
     Commit list: