[ovs-discuss] Replacing IPsec-GRE tunnel ports
Bolesław Tokarski
boleslaw.tokarski at gmail.com
Tue Nov 29 10:34:37 UTC 2016
Hi,
Just to close the topic - the problem itself looks like related to the
kernel. To solve it, I updated to 4.4 kernel, and along the route I updated
openSUSE to 42.2, which has the kernel. No problems experienced.
I am keeping the StrongSwan patch from Ansis, as I find it valuable for
debugging of the interconnections, Racoon is barely documented and doesn't
provide helper tools to tell the connection state.
I learned a lot along the way, so thanks to everybody, especially to Ansis.
Regarding the opening question, I managed to learn how to set a transport
connection on IPsec with StrongSwan, although not ideal - I did not manage
to get packet marking right - but working. Thus I should be able to manage
in OVS 2.7 when that hits the Linux distribution I am working on. I am
still hopeful ipsec_gre will return in another way in subsequent OVS
versions, as it's a really nice feature.
Best regards,
Bolesław Tokarski
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20161129/d5e3ade1/attachment.html>
More information about the discuss
mailing list