On Thu, May 5, 2011 at 11:21 AM, Rajesh Kumar G wrote:
> Hi Jesse,
>
> I was trying to see if the performance degrade that is observed with
> GRE+IPSec as mentioned in this mail thread
>
> http://www.mail-archive.com/discuss@openvswitch.org/msg00915.html
>
> can be overcome by trying CAPWAP tunnel
Hi Jesse,
I was trying to see if the performance degrade that is observed with
GRE+IPSec as mentioned in this mail thread
http://www.mail-archive.com/discuss@openvswitch.org/msg00915.html
can be overcome by trying CAPWAP tunnel instead. Is there any fix for the
GRE+IPSec performance degrade yet?
On Thu, May 5, 2011 at 7:39 AM, Rajesh Kumar G wrote:
> Hi,
>
> Greetings,
>
> I would like to know if it is possible to protect an OVS CAPWAP tunnel using
> IPSec? If Yes, what should be the SA, SP created to make the traffic hit
> that?
When Open vSwitch sets up IPsec tunnels itself it changes
On Thu, May 5, 2011 at 4:20 AM, Sam Gaw wrote:
> Thanks Gregor.
>
> That's what I thought but if I configure the bridge, either with ovs-vsctl or
> brctl, and do an ifup the box kernel panics. If I follow the cookbook example
> and then join the veth interface to it I can't see the container but
On May 5, 2011, at 4:03 AM, Kristoffer Egefelt wrote:
> From the pool master i get:
>
> #ovs-vsctl get-controller xapi5
> ssl:10.10.3.250:6633
>
> Probably because I tried the Citrix controller at some point - should it work
> if I delete it with:
>
> #ovs-vsctl del-controller xapi5
>
> is i
Hi,
Greetings,
I would like to know if it is possible to protect an OVS CAPWAP tunnel using
IPSec? If Yes, what should be the SA, SP created to make the traffic hit
that?
My setup is,
Host
A
Host B
OVS - VPORT-CAPWAP
<---> VPORT-CAPWAP -
OVS
Thanks Gregor.
That's what I thought but if I configure the bridge, either with ovs-vsctl or
brctl, and do an ifup the box kernel panics. If I follow the cookbook example
and then join the veth interface to it I can't see the container but get a
response from pings; if I assign an IP to the bri
>From the pool master i get:
#ovs-vsctl get-controller xapi5
ssl:10.10.3.250:6633
Probably because I tried the Citrix controller at some point - should it
work if I delete it with:
#ovs-vsctl del-controller xapi5
is it safe?
Running:
ovs-vsctl get-fail-mode xapi5
returns nothing...
Thanks
On
With brcompat, you should be able to set things up as they were before...
However - beware two issues I personally stumbled across:
1) if you don't start with a blank ovs configuration database at boot time,
you'll end up with redundant entries in it, because the debian startup scripts
will add
I've been experimenting with OVS (1.1.0pre2) alongside OpenVZ running on Debian
Squeeze (2.6.32-5) and was wondering if anyone had any experience or advice
with this sort of setup?
Normally with OpenVZ I would create a bridge and add the containers' veth
interfaces to the bridge. The config in
I think Ben is suggesting that you may have a controller configured, even if
you're not running one. Do you see anything when you run the following?
ovs-vsctl get-controller xapi5
I don't know that the behavior changed, but you can change the fail mode to not
"fail open" by running the
Ah, that could be the problem.
I don't have a controller - I think the fail-open default changed from xcp
0.5 to 1.0.
Anybody using a controller for xcp/xenserver which is pool-aware and capable
of setting up antispoofing rules? Any ideas or suggestions would be
appreciated.
Thanks :-)
Regards
K
12 matches
Mail list logo
