Hi, Now i am able to configure the GRE over IPSEC, but not able to establish the tunnel. I have checked in the backend, ovs-monitor-ipsec daemon is running , but no racoon binary is running, even the secrets and policies were not seen in /etc/racoon/racoon.conf and /etc/racoon/psk.txt.
Here is the configuration Host1 : # ovs-vsctl add-br br0 # ovs-vsctl add-br br1 # ovs-vsctl add-port br0 eth0 # ifconfig eth0 0 && ifconfig br0 192.168.122.7 netmask 255.255.255.0 # ifconfig br1 10.1.2.1 netmask 255.255.255.0 # ovs-vsctl add-port br1 gre1 -- set interface gre1 type=ipsec_gre options:remote_ip=192.168.122.151 options:psk=testing Host2 : # ovs-vsctl add-br br0 # ovs-vsctl add-br br1 # ovs-vsctl add-port br0 eth0 # ifconfig eth0 0 && ifconfig br0 192.168.122.151 netmask 255.255.255.0 # ifconfig br1 10.1.2.2 netmask 255.255.255.0 # ovs-vsctl add-port br1 gre1 -- set interface gre1 type=ipsec_gre options:remote_ip=192.168.122.7 options:psk=testing Can anyone help, why racoon is not being invoked ..? Regards, Venkata Santhosh On Thu, Aug 25, 2016 at 5:15 PM, santhu vaddepally < santhuvaddepa...@gmail.com> wrote: > Hi , > > Now i am able to run ovs-monitor-ipsec. > > # /usr/bin/python /usr/share/openvswitch/scripts/ovs-monitor-ipsec > --pidfile=/var/run/openvswitch/ovs-monitor-ipsec.pid > \ --log-gile --detach --monitor > unix:/var/run/openvswitch/db.sock > > But still facing issue on executing below command > > # ovs-vsctl add-port br1 gre1 -- set interface gre1 type=ipsec_gre > options:remot_ip=15.15.15.15 optioins:psk=secret > > Error Log : > --------------- > > IPsec requires the ovs-monitor-ipsec daemon. > > > Thanks, > Venkata Santhosh > > On Thu, Aug 25, 2016 at 2:30 PM, santhu vaddepally < > santhuvaddepa...@gmail.com> wrote: > >> Hi, >> >> I am trying to establish GRE over IPSEC , but with the following command >> getting error logs. >> >> # ovs-vsctl add-port br1 gre1 -- set interface gre1 type=ipsec_gre >> options:remot_ip=15.15.15.15 optioins:psk=secret >> >> Error Log : >> --------------- >> >> IPsec requires the ovs-monitor-ipsec daemon. >> >> >> >> I tried to run ovs-monitor-ipsec script with following command , >> >> # /usr/share/openvswitch/scripts/ovs-monitor-ipsec >> /etc/openvswitch/conf.db >> >> Logs : >> -------- >> >> Connecting ... >> Connection attempt failed (address family not supported by protocol) >> >> >> Can anyone please tell me the exact command to run ovs-monitor-ipsec with >> proper arguments ? >> >> Thanks in Advance .. >> >> Regards, >> Venkata Santhosh >> > > _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev