[ovs-discuss] OVS in debug mode

abhishek jain ashujain9727 at gmail.com
Thu Nov 21 09:01:20 UTC 2013


Hi Motonori

Thanks for replying.Your suggestion has worked.
Also there is another method i.e by specifying  port no-443 instead of
6633,We can directly capture ssl packets.

Regards..
Abhishek Jain


On Thu, Nov 21, 2013 at 10:34 AM, Motonori Shindo <motonori at shin.do> wrote:

> Abhishek,
>
> Did you try "Decode As" feature on Wireshark? Because Wireshark has no
> knowledge that 6633/tcp is running atop SSL, it won't dissect the packets
> as SSL by default. If you explicitly specify so that Wireshark dissects the
> packets as SSL, then the packets will be dissected accordingly.
>
> Regards,
>
> ---
> Motonori Shindo
>
> 2013/11/21 13:35、abhishek jain <ashujain9727 at gmail.com> のメール:
>
> > Hi Ben,
> >
> > Thanks for guidance.The SSL connection worked.The OVS is showing
> "connected true".
> > However when I capture wireshark packets between OVS and controller,I'm
> not able to capture ssl packets between OVS and controller.
> > Can you help regarding this?
> >
> >
> >
> > On Wed, Nov 20, 2013 at 10:46 PM, Ben Pfaff <blp at nicira.com> wrote:
> > The log messages are as clear I can make them.  You need to configure a
> > certificate and a private key.  However you are doing it, you are doing
> > it wrong.  The Open vSwitch automatic tests manage to do this just fine
> > whenever someone runs "make check" so I know that it works.
> >
> > On Wed, Nov 20, 2013 at 02:24:19PM +0530, sonia verma wrote:
> > > Hi Ben
> > >
> > > I have performed all the configuration described in OVS.Is there
> anything
> > > else which I need to configure?
> > > I'm using OVS versioon 1-11 for this.
> > >
> > >
> > >
> > > On Wed, Nov 20, 2013 at 12:21 PM, Ben Pfaff <blp at nicira.com> wrote:
> > >
> > > > It looks like you didn't configure a private key and a certificate.
> > > >
> > > > On Wed, Nov 20, 2013 at 12:15:46PM +0530, abhishek jain wrote:
> > > > > Hi Ben
> > > > >
> > > > > I have followed the same process as described in INSTALL.SSL but
> still
> > > > the
> > > > > result is same.
> > > > > Can you help regarding this?
> > > > >
> > > > >
> > > > >
> > > > > On Wed, Nov 20, 2013 at 11:19 AM, Ben Pfaff <blp at nicira.com>
> wrote:
> > > > >
> > > > > > On Wed, Nov 20, 2013 at 11:08:34AM +0530, abhishek jain wrote:
> > > > > > > Thanks for your help.
> > > > > > > I'm getting following error when configuring OVS for ssl.
> > > > > > >
> > > > > > > stream_ssl|ERR|Certificate must be configured to use SSL
> > > > > > > 2013-11-20T05:29:49Z|00598|rconn|WARN|br0<->ssl:
> 192.168.6.129:6633:
> > > > > > > connection failed (Protocol not available)
> > > > > > > 2013-11-20T05:29:57Z|00599|stream_ssl|ERR|Private key must be
> > > > configured
> > > > > > to
> > > > > > > use SSL
> > > > > > > 2013-11-20T05:29:57Z|00600|stream_ssl|ERR|Certificate must be
> > > > configured
> > > > > > to
> > > > > > > use SSL
> > > > > > > 2013-11-20T05:29:57Z|00601|rconn|WARN|br0<->ssl:
> 192.168.6.129:6633:
> > > > > > > connection failed (Protocol not available)
> > > > > > > 2013-11-20T05:30:05Z|00602|stream_ssl|ERR|Private key must be
> > > > configured
> > > > > > to
> > > > > > > use SSL
> > > > > > > 2013-11-20T05:30:05Z|00603|stream_ssl|ERR|Certificate must be
> > > > configured
> > > > > > to
> > > > > > > use SSL
> > > > > > > 2013-11-20T05:30:05Z|00604|rconn|WARN|br0<->ssl:
> 192.168.6.129:6633:
> > > > > > > connection failed (Protocol not available)
> > > > > > > 2013-11-20T05:30:13Z|00605|stream_ssl|ERR|Private key must be
> > > > configured
> > > > > > to
> > > > > > > use SSL
> > > > > > > 2013-11-20T05:30:13Z|00606|stream_ssl|ERR|Certificate must be
> > > > configured
> > > > > > to
> > > > > > > use SSL
> > > > > > > 2013-11-20T05:30:13Z|00607|rconn|WARN|br0<->ssl:
> 192.168.6.129:6633:
> > > > > > > connection failed (Protocol not available)
> > > > > > > 2013-11-20T05:30:21Z|00608|stream_ssl|ERR|Private key must be
> > > > configured
> > > > > > to
> > > > > > > use SSL
> > > > > > > 2013-11-20T05:30:21Z|00609|stream_ssl|ERR|Certificate must be
> > > > configured
> > > > > > to
> > > > > > > use SSL
> > > > > > > 2013-11-20T05:30:21Z|00610|rconn|WARN|br0<->ssl:
> 192.168.6.129:6633:
> > > > > > > connection failed (Protocol not available)
> > > > > > > 2013-11-20T05:30:21Z|00611|fail_open|INFO|Still in fail-open
> mode
> > > > after
> > > > > > > 1479 seconds disconnected from controller
> > > > > > >
> > > > > > > Do you know how to deal with that.
> > > > > >
> > > > > > I would start by reading INSTALL.SSL.
> > > > > >
> > > > _______________________________________________
> > > > discuss mailing list
> > > > discuss at openvswitch.org
> > > > http://openvswitch.org/mailman/listinfo/discuss
> > > >
> >
> > _______________________________________________
> > discuss mailing list
> > discuss at openvswitch.org
> > http://openvswitch.org/mailman/listinfo/discuss
>
> ---
> Motonori Shindo
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20131121/145e7a24/attachment.html>


More information about the discuss mailing list