[ovs-discuss] GRE ipsec tunnels over open vswitch

Chandran, Sugesh sugesh.chandran at intel.com
Tue Apr 26 07:53:16 UTC 2016



Regards
_Sugesh

From: SANKET RAUT [mailto:ssr8055 at g.rit.edu]
Sent: Monday, April 25, 2016 2:50 PM
To: Chandran, Sugesh <sugesh.chandran at intel.com>
Cc: bugs at openvswitch.org
Subject: Re: [ovs-discuss] GRE ipsec tunnels over open vswitch

Hello,
Thanks for your reply.

Could you please tell me that open vswitch package name, so I can download and test Ipsec tunnel between two vm.
[Sugesh] You need to install openvswitch-ipsec debian package. OVS-IPSEC works only on debian machines.
Refer debian/ovs-monitor-ipsec file to know more about how OVS interact with ipsec-tools and how SA, SP configurations are made in the kernel.

Thanks,
-Sanket

On Mon, Apr 25, 2016 at 4:24 AM, Chandran, Sugesh <sugesh.chandran at intel.com<mailto:sugesh.chandran at intel.com>> wrote:


Regards
_Sugesh

From: discuss [mailto:discuss-bounces at openvswitch.org<mailto:discuss-bounces at openvswitch.org>] On Behalf Of SANKET RAUT
Sent: Thursday, April 21, 2016 7:37 PM
To: bugs at openvswitch.org<mailto:bugs at openvswitch.org>
Subject: [ovs-discuss] GRE ipsec tunnels over open vswitch

Hello,

I would like to know more about How I can setup GRE ipsec tunnel between vm using open vswitch.
[Sugesh] The ipsec tunnel setup is similar to normal tunnel setup except that you need to install all the necessary kernel ipsec + openvswitch-ipsec packages. An eg; for creating an ipsec-tunnel port is given below.
    sudo ovs-vsctl --timeout 10 add-port br0 gre1 -- \
    set interface gre1 type=ipsec_gre \
    options:remote_ip=100.0.0.2 options:psk=test
The port creation will be successful if all the prerequisites met.

Thanks,
-sanket

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20160426/15044010/attachment-0002.html>


More information about the discuss mailing list