[ovs-dev] GRE over IPSEC , facing issues on running ovs-monitor-ipsec

santhu vaddepally santhuvaddepally at gmail.com
Thu Aug 25 14:15:51 UTC 2016 

Hi,

Now i am able to configure the GRE over IPSEC, but not able to establish
the tunnel. I have checked in the backend, ovs-monitor-ipsec daemon is
running , but no racoon binary is running, even the secrets and policies
were not seen in /etc/racoon/racoon.conf and /etc/racoon/psk.txt.

Here is the configuration

Host1 :

# ovs-vsctl add-br br0
# ovs-vsctl add-br br1
# ovs-vsctl add-port br0 eth0
# ifconfig eth0 0 && ifconfig br0 192.168.122.7 netmask 255.255.255.0
# ifconfig br1 10.1.2.1 netmask 255.255.255.0
# ovs-vsctl add-port br1 gre1 -- set interface gre1 type=ipsec_gre
options:remote_ip=192.168.122.151 options:psk=testing


Host2 :


# ovs-vsctl add-br br0
# ovs-vsctl add-br br1
# ovs-vsctl add-port br0 eth0
# ifconfig eth0 0 && ifconfig br0 192.168.122.151 netmask 255.255.255.0
# ifconfig br1 10.1.2.2 netmask 255.255.255.0
# ovs-vsctl add-port br1 gre1 -- set interface gre1 type=ipsec_gre
options:remote_ip=192.168.122.7 options:psk=testing

Can anyone help, why racoon is not being invoked ..?

Regards,
Venkata Santhosh


On Thu, Aug 25, 2016 at 5:15 PM, santhu vaddepally <
santhuvaddepally at gmail.com> wrote:

> Hi ,
>
> Now i am able to run ovs-monitor-ipsec.
>
> # /usr/bin/python /usr/share/openvswitch/scripts/ovs-monitor-ipsec
> --pidfile=/var/run/openvswitch/ovs-monitor-ipsec.pid
>                               \ --log-gile --detach --monitor
> unix:/var/run/openvswitch/db.sock
>
> But still facing issue on executing below command
>
> # ovs-vsctl add-port br1 gre1 --  set interface gre1 type=ipsec_gre
> options:remot_ip=15.15.15.15 optioins:psk=secret
>
> Error Log :
> ---------------
>
> IPsec requires the ovs-monitor-ipsec daemon.
>
>
> Thanks,
> Venkata Santhosh
>
> On Thu, Aug 25, 2016 at 2:30 PM, santhu vaddepally <
> santhuvaddepally at gmail.com> wrote:
>
>> Hi,
>>
>> I am trying to establish GRE over IPSEC , but with the following command
>> getting error logs.
>>
>> # ovs-vsctl add-port br1 gre1 --  set interface gre1 type=ipsec_gre
>> options:remot_ip=15.15.15.15 optioins:psk=secret
>>
>> Error Log :
>> ---------------
>>
>> IPsec requires the ovs-monitor-ipsec daemon.
>>
>>
>>
>> I tried to run ovs-monitor-ipsec script with following command ,
>>
>> # /usr/share/openvswitch/scripts/ovs-monitor-ipsec
>> /etc/openvswitch/conf.db
>>
>> Logs :
>> --------
>>
>> Connecting ...
>> Connection attempt failed (address family not supported by protocol)
>>
>>
>> Can anyone please tell me the exact command to run ovs-monitor-ipsec with
>> proper arguments ?
>>
>> Thanks in Advance ..
>>
>> Regards,
>> Venkata Santhosh
>>
>
>

More information about the dev mailing list