[ovs-discuss] tunnel between open vswitch on xenservers

terryxing xingtianyi at gmail.com
Mon Oct 10 01:01:35 UTC 2011

Yes, I made it work.

For iptable rule, you do not have to specify the port number since it does
not go with TCP or UPD.  Try to use the -p gre parameter.


On Sun, Oct 9, 2011 at 5:54 PM, Justin Pettit <jpettit at nicira.com> wrote:

> On Oct 9, 2011, at 4:38 PM, terryxing wrote:
> > I want to tunnel two openvsiwtch on two physical xenserver  behind the
> firewall. Only two firewalls at each site have the public ip.  If there any
> way I can make that work ?
> >
> > I heard that the GRE is using port 47 and I enable the NAT on the
> firewall for port 47. But It does not work. Any idea ?
> It's using IP protocol 47, not a TCP or UDP port.  So, you will need to
> write the appropriate rule to allow it to pass.  If you're using NAT, you'd
> also need to configure forwarding for that as well.
> --Justin

Best regards,

Tianyi Xing (邢天翼)

PhD Student, Research & Teaching Associate
SNAC:Secure Networking and Computing group
School of Computing, Informatics, and Decision Systems Engineering
Ira A. Fulton School of Engineering,
Arizona State University
Tempe, AZ 85281, USA
Cell: (+1) 480-678-3090
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20111009/cadadf37/attachment.html>

More information about the discuss mailing list