[ovs-discuss] Ipsec tunnel is not encrypted
Ben Pfaff
blp at ovn.org
Fri Jul 5 19:59:15 UTC 2019
I don't think OVS 2.10 supports IPsec tunnels, although 2.11 and later
does.
On Fri, Jul 05, 2019 at 07:26:18PM +0000, marcosabreu at inf.ufg.br wrote:
> I try to create a Ipsec tunnel between 2 hosts. The tunnel was create and i
> can communicate between hosts. But, when i capture packets using tcpdump, i
> see that the traffic is not encrypted.
>
> My topology:
>
> +--------------+ +--------------+
> | vm0 | 10.250.204.11/24 | vm1 |
> 10.250.204.21/24
> +--------------+ +--------------+
> (vm_port0) (vm_port0)
> | |
> | |
> | |
> | |
> 10.250.204.10/24 10.250.204.20/24
> +--------------+ +--------------+
> | remibr0 | | remibr0 |
> +--------------+ +---------------+
> | eth1 |----------------------------------| eth1 |
> +--------------+ +---------------+
> 10.16.0.138/16 10.16.0.247/16
>
> The commands that i run:
>
> ovs-vsctl add-br remibr0
> ovs-vsctl add-port remibr0 vxlan0 -- set Interface vxlan0 type=vxlan
> options:remote_ip=10.16.0.247 options:psk=test123
> ovs-vsctl add-port remibr0 vi0 -- set Interface vi0 type=internal
> ifconfig vi0 10.250.204.20/24 up
>
> My ovs-vsctl show:
>
> Bridge "remibr0"
> Port "vxlan0"
> Interface "vxlan0"
> type: vxlan
> options: {key="test123", remote_ip="10.16.0.247"}
> Port "sw1-p1"
> Interface "sw1-p1"
> Port "remibr0"
> Interface "remibr0"
> type: internal
> ovs_version: "2.10.1"
>
> Someone knows if i messed up in some steep or i'm confused about concepts?
>
> Thanks!
>
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
More information about the discuss
mailing list