Hi all,
In OVN, NB and SB databases run on TCP 6641 and 6642 by default.
I've noticed in many docs[1], the SSL configs are to set SSL on 6641/6642.
Personally, this is unlike many protocols which will use a different
port for SSL traffic. For example HTTP/HTTPS, IMAP/IMAPS.
I'm wondering if there is a reason this was not recommended?
In our setup, we have set our SSL ports to 6645/6656. This has the
advantage of also allowing ptcp:6641/6642, so clients can connect either
way.
I am wondering if we might be missing anything by setting it up this way.
Regards,
Jake
[1]
https://github.com/ovn-org/ovn-kubernetes/blob/master/docs/INSTALL.SSL.md
--
Jake Yip
DevOps Engineer, ARDC Nectar Research Cloud
_______________________________________________
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
