[ovs-discuss] OVS in debug mode
Motonori Shindo
motonori at shin.do
Thu Nov 21 05:04:10 UTC 2013
Abhishek,
Did you try "Decode As" feature on Wireshark? Because Wireshark has no knowledge that 6633/tcp is running atop SSL, it won't dissect the packets as SSL by default. If you explicitly specify so that Wireshark dissects the packets as SSL, then the packets will be dissected accordingly.
Regards,
---
Motonori Shindo
2013/11/21 13:35、abhishek jain <ashujain9727 at gmail.com> のメール:
> Hi Ben,
>
> Thanks for guidance.The SSL connection worked.The OVS is showing "connected true".
> However when I capture wireshark packets between OVS and controller,I'm not able to capture ssl packets between OVS and controller.
> Can you help regarding this?
>
>
>
> On Wed, Nov 20, 2013 at 10:46 PM, Ben Pfaff <blp at nicira.com> wrote:
> The log messages are as clear I can make them. You need to configure a
> certificate and a private key. However you are doing it, you are doing
> it wrong. The Open vSwitch automatic tests manage to do this just fine
> whenever someone runs "make check" so I know that it works.
>
> On Wed, Nov 20, 2013 at 02:24:19PM +0530, sonia verma wrote:
> > Hi Ben
> >
> > I have performed all the configuration described in OVS.Is there anything
> > else which I need to configure?
> > I'm using OVS versioon 1-11 for this.
> >
> >
> >
> > On Wed, Nov 20, 2013 at 12:21 PM, Ben Pfaff <blp at nicira.com> wrote:
> >
> > > It looks like you didn't configure a private key and a certificate.
> > >
> > > On Wed, Nov 20, 2013 at 12:15:46PM +0530, abhishek jain wrote:
> > > > Hi Ben
> > > >
> > > > I have followed the same process as described in INSTALL.SSL but still
> > > the
> > > > result is same.
> > > > Can you help regarding this?
> > > >
> > > >
> > > >
> > > > On Wed, Nov 20, 2013 at 11:19 AM, Ben Pfaff <blp at nicira.com> wrote:
> > > >
> > > > > On Wed, Nov 20, 2013 at 11:08:34AM +0530, abhishek jain wrote:
> > > > > > Thanks for your help.
> > > > > > I'm getting following error when configuring OVS for ssl.
> > > > > >
> > > > > > stream_ssl|ERR|Certificate must be configured to use SSL
> > > > > > 2013-11-20T05:29:49Z|00598|rconn|WARN|br0<->ssl:192.168.6.129:6633:
> > > > > > connection failed (Protocol not available)
> > > > > > 2013-11-20T05:29:57Z|00599|stream_ssl|ERR|Private key must be
> > > configured
> > > > > to
> > > > > > use SSL
> > > > > > 2013-11-20T05:29:57Z|00600|stream_ssl|ERR|Certificate must be
> > > configured
> > > > > to
> > > > > > use SSL
> > > > > > 2013-11-20T05:29:57Z|00601|rconn|WARN|br0<->ssl:192.168.6.129:6633:
> > > > > > connection failed (Protocol not available)
> > > > > > 2013-11-20T05:30:05Z|00602|stream_ssl|ERR|Private key must be
> > > configured
> > > > > to
> > > > > > use SSL
> > > > > > 2013-11-20T05:30:05Z|00603|stream_ssl|ERR|Certificate must be
> > > configured
> > > > > to
> > > > > > use SSL
> > > > > > 2013-11-20T05:30:05Z|00604|rconn|WARN|br0<->ssl:192.168.6.129:6633:
> > > > > > connection failed (Protocol not available)
> > > > > > 2013-11-20T05:30:13Z|00605|stream_ssl|ERR|Private key must be
> > > configured
> > > > > to
> > > > > > use SSL
> > > > > > 2013-11-20T05:30:13Z|00606|stream_ssl|ERR|Certificate must be
> > > configured
> > > > > to
> > > > > > use SSL
> > > > > > 2013-11-20T05:30:13Z|00607|rconn|WARN|br0<->ssl:192.168.6.129:6633:
> > > > > > connection failed (Protocol not available)
> > > > > > 2013-11-20T05:30:21Z|00608|stream_ssl|ERR|Private key must be
> > > configured
> > > > > to
> > > > > > use SSL
> > > > > > 2013-11-20T05:30:21Z|00609|stream_ssl|ERR|Certificate must be
> > > configured
> > > > > to
> > > > > > use SSL
> > > > > > 2013-11-20T05:30:21Z|00610|rconn|WARN|br0<->ssl:192.168.6.129:6633:
> > > > > > connection failed (Protocol not available)
> > > > > > 2013-11-20T05:30:21Z|00611|fail_open|INFO|Still in fail-open mode
> > > after
> > > > > > 1479 seconds disconnected from controller
> > > > > >
> > > > > > Do you know how to deal with that.
> > > > >
> > > > > I would start by reading INSTALL.SSL.
> > > > >
> > > _______________________________________________
> > > discuss mailing list
> > > discuss at openvswitch.org
> > > http://openvswitch.org/mailman/listinfo/discuss
> > >
>
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
---
Motonori Shindo
More information about the discuss
mailing list