[ovs-discuss] Port number is not appear on ovs-ofctl show

Diego Rivero riverod9 at gmail.com
Tue Dec 18 08:51:01 UTC 2012


Sorry to bother you. I just solved the issue now. I am working on Ubuntu
12.04 with ovs-monitor-ipsec version 1.6.1.

The thing is that I made mistake on ipsec_gre configuration.
ovs-vswitch.log says..

2012-12-18T08:26:31Z|00142|netdev_vport|ERR|gre1: IPsec requires an
'peer_cert' or psk' argument

Meanwhile I configured the interface with peer_cert AND psk like following

ovs-vsctl set interface gre1 type=ipsec_gre options:peer_cert=peer.pem
options:certificate=cert.pem options:psk=testpsk

After I omitted peer_cert to leave only options:certificate and
options:psk, it worked well.


Thanks,


On Tue, Dec 18, 2012 at 5:29 PM, Justin Pettit <jpettit at nicira.com> wrote:

> What platform are you using?  Are you running ovs-monitor-ipsec?  What
> does "ovs-dpctl show br1" say when ipsec_gre is configured?  Do you see any
> errors in ovs-vswitchd.log?
>
> --Justin
>
>
> On Dec 18, 2012, at 12:05 AM, Diego Rivero <riverod9 at gmail.com> wrote:
>
> > Hi,
> >
> > I am now facing some problem while working on GRE over IPsec with Open
> vSwitch version 1.6.1. "ovs-ofctl show br1" does not show any port number
> for ipsec_gre, so I cannot set up flows for ipsec packets. Only tap1 that
> is activated for a kvm instance is shown on the prompt. Does anybody know
> how to make it through?
> >
> >
> >
> > # ovs-vsctl add-br br1
> > # ovs-vsctl add-port br1 tap1
> > # ovs-vsctl add-port br1 gre1
> > # ovs-vsctl set interface gre1 type=gre options:remote_ip=192.168.2.25
> > # ovs-ofctl show br1
> > OFPT_FEATURES_REPLY (xid=0x1): ver:0x1, dpid:0000aea6970c5149
> > n_tables:255, n_buffers:256
> > features: capabilities:0xc7, actions:0xfff
> >  3(tap1): addr:9e:59:be:c9:f5:a6
> >      config:     0
> >      state:      0
> >      current:    10MB-FD COPPER
> >  9(gre1): addr:de:25:2e:36:dc:55
> >      config:     0
> >      state:      0
> >  LOCAL(br1): addr:ae:a6:97:0c:51:49
> >      config:     0
> >      state:      0
> > OFPT_GET_CONFIG_REPLY (xid=0x3): frags=normal miss_send_len=0
> >
> >
> >
> >
> > # ovs-vsctl set interface gre1 type=ipsec_gre options:peer_cert=peer.pem
> options:certificate=cert.pem options:psk=testpsk
> > # ovs-ofctl show br1
> > OFPT_FEATURES_REPLY (xid=0x1): ver:0x1, dpid:0000aea6970c5149
> > n_tables:255, n_buffers:256
> > features: capabilities:0xc7, actions:0xfff
> >  3(tap1): addr:9e:59:be:c9:f5:a6
> >      config:     0
> >      state:      0
> >      current:    10MB-FD COPPER
> >  LOCAL(br1): addr:ae:a6:97:0c:51:49
> >      config:     0
> >      state:      0
> > OFPT_GET_CONFIG_REPLY (xid=0x3): frags=normal miss_send_len=0
> >
> >
> >
> >
> >
> > # ovs-vsctl set interface gre1 type=capwap
> > root at zenra:~/ovs# ovs-ofctl show br1
> > OFPT_FEATURES_REPLY (xid=0x1): ver:0x1, dpid:0000aea6970c5149
> > n_tables:255, n_buffers:256
> > features: capabilities:0xc7, actions:0xfff
> >  3(tap1): addr:9e:59:be:c9:f5:a6
> >      config:     0
> >      state:      0
> >      current:    10MB-FD COPPER
> >  10(gre1): addr:aa:70:f5:39:4b:2c
> >      config:     0
> >      state:      0
> >  LOCAL(br1): addr:ae:a6:97:0c:51:49
> >      config:     0
> >      state:      0
> > OFPT_GET_CONFIG_REPLY (xid=0x3): frags=normal miss_send_len=0
> >
> >
> >
> > # ovs-vsctl add-port br1 tap2
> > # ovs-ofctl show br1
> > OFPT_FEATURES_REPLY (xid=0x1): ver:0x1, dpid:0000aea6970c5149
> > n_tables:255, n_buffers:256
> > features: capabilities:0xc7, actions:0xfff
> >  3(tap1): addr:9e:59:be:c9:f5:a6
> >      config:     0
> >      state:      0
> >      current:    10MB-FD COPPER
> >  LOCAL(br1): addr:ae:a6:97:0c:51:49
> >      config:     0
> >      state:      0
> > OFPT_GET_CONFIG_REPLY (xid=0x3): frags=normal miss_send_len=0
> >
> >
> >
> >
> > Thanks,
> > _______________________________________________
> > discuss mailing list
> > discuss at openvswitch.org
> > http://openvswitch.org/mailman/listinfo/discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20121218/c0af5305/attachment.html>


More information about the discuss mailing list