[ovs-discuss] tunnel between open vswitch on xenservers

terryxing xingtianyi at gmail.com
Sun Oct 9 23:38:32 UTC 2011


Thanks very much Jesse,

I want to tunnel two openvsiwtch on two physical xenserver  behind the
firewall. Only two firewalls at each site have the public ip.  If there any
way I can make that work ?

I heard that the GRE is using port 47 and I enable the NAT on the firewall
for port 47. But It does not work. Any idea ?

Thanks very much.

On Sun, Oct 2, 2011 at 2:38 PM, Jesse Gross <jesse at nicira.com> wrote:

> On Oct 2, 2011 1:24 PM, "terryxing" <xingtianyi at gmail.com> wrote:
> >
> > Thanks very much.
> >
> > So you mean, we can not setup the tunnel between two host residing in two
> private network behind the gateway (gw has public ip not the xenserver
> itself.)
> >
> > Since right now, our xenserver hosts are all within the private network
> behind the GW, every traffic must go through the gateway which does the NAT
> port forward to all traffic coming in and out.
> >
> > As you just said, the xenserver host must have no choice but to have
> public ip and connect to the internet not behind the gateway to establish
> the tunnel  ?
>
> You just need IP connectivity between the hosts that are the tunnel
> endpoints. It doesn't matter whether the addresses are public or private.
> Can they ping each other?  If yes, it should be fine.
>



-- 
Best regards,

Tianyi Xing (邢天翼)

PhD Student, Research & Teaching Associate
SNAC:Secure Networking and Computing group
School of Computing, Informatics, and Decision Systems Engineering
Ira A. Fulton School of Engineering,
Arizona State University
Tempe, AZ 85281, USA
Cell: (+1) 480-678-3090
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20111009/7832a4e1/attachment-0001.html>


More information about the discuss mailing list