On Sep 26, 2016 7:02 PM, <mrityunjay.kum...@wipro.com> wrote: > > Hi all , > > I have been trying to test IPSEC over GRE on Centos7.3 . I am able to test on ubuntu14.04 .
The ovs-monitor-ipsec daemon never was packaged (ie had *.rpm package) for CentOS. Just for debain/ubuntu. However, now we just removed debian package as well. See latest Pravin's patch for more details that he sent a day ago. The history behind this is that skb mark was taken away from IPsec. I will try to think about it if it it still somehow possible to salvage the situation and have IPsec work properly without havin least significant skb mark bit assigned to IPsec. > > I wanted to know whether this feature is supported on Centos . > > > If not supported, please let me know how to achieve IPSEC over GRE on Centos . > > > thanks > MJ > ------------- > > We did integration on Debian, but it shouldn't be hard to port to CentOS. It uses racoon and ipsec-tools, and is managed by the "debian/ovs-monitor-ipsec". I'm not 100% happy with our solution, but it works. I'd start by looking there. > > --Justin > > > On Dec 14, 2012, at 1:49 AM, Diego Rivero <riverod9 at gmail.com< http://openvswitch.org/mailman/listinfo/dev>> wrote: > > > How can I achieve GRE over IPsec on CentOS 6.3 instead of debian? > > > > So far what I've understood is the following.. > > > > # ovs-vsctl add-port br0 gre0 > > # ovs-vsctl set interface gre0 type=ipsec_gre \ > > options:remote_ip=192.168.2.xxx \ > > options:psk=testtest \ > > options:certificate=cert.pem \ > > options:peer_cert='"-----BEGIN CERTIFICATE-----(not a real peer certificate)-----END CERTIFICATE----- \ > > > > > > But I don't know how to move it forward. Do I need to install openswan for encryption? How can I configure to tell open vswitch the existance of openswan? Does open vswitch have an encription module on its own? > > > > Thanks in advance. > > > > Diego > > _______________________________________________ > > dev mailing list > > dev at openvswitch.org<http://openvswitch.org/mailman/listinfo/dev> > > http://openvswitch.org/mailman/listinfo/dev > > > > The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com > _______________________________________________ > dev mailing list > d...@openvswitch.org > http://openvswitch.org/mailman/listinfo/dev
_______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
