On 25 August 2016 at 07:15, santhu vaddepally <santhuvaddepa...@gmail.com> wrote:
> Hi, > > Now i am able to configure the GRE over IPSEC, but not able to establish > the tunnel. I have checked in the backend, ovs-monitor-ipsec daemon is > running , but no racoon binary is running, even the secrets and policies > were not seen in /etc/racoon/racoon.conf and /etc/racoon/psk.txt. > You will have to run racoon. If this is important, I suggest reading ovs-monitor-ipsec daemon. It is straight-forward. > > Here is the configuration > > Host1 : > > # ovs-vsctl add-br br0 > # ovs-vsctl add-br br1 > # ovs-vsctl add-port br0 eth0 > # ifconfig eth0 0 && ifconfig br0 192.168.122.7 netmask 255.255.255.0 > # ifconfig br1 10.1.2.1 netmask 255.255.255.0 > # ovs-vsctl add-port br1 gre1 -- set interface gre1 type=ipsec_gre > options:remote_ip=192.168.122.151 options:psk=testing > > > Host2 : > > > # ovs-vsctl add-br br0 > # ovs-vsctl add-br br1 > # ovs-vsctl add-port br0 eth0 > # ifconfig eth0 0 && ifconfig br0 192.168.122.151 netmask 255.255.255.0 > # ifconfig br1 10.1.2.2 netmask 255.255.255.0 > # ovs-vsctl add-port br1 gre1 -- set interface gre1 type=ipsec_gre > options:remote_ip=192.168.122.7 options:psk=testing > > Can anyone help, why racoon is not being invoked ..? > > Regards, > Venkata Santhosh > > > On Thu, Aug 25, 2016 at 5:15 PM, santhu vaddepally < > santhuvaddepa...@gmail.com> wrote: > > > Hi , > > > > Now i am able to run ovs-monitor-ipsec. > > > > # /usr/bin/python /usr/share/openvswitch/scripts/ovs-monitor-ipsec > > --pidfile=/var/run/openvswitch/ovs-monitor-ipsec.pid > > \ --log-gile --detach --monitor > > unix:/var/run/openvswitch/db.sock > > > > But still facing issue on executing below command > > > > # ovs-vsctl add-port br1 gre1 -- set interface gre1 type=ipsec_gre > > options:remot_ip=15.15.15.15 optioins:psk=secret > > > > Error Log : > > --------------- > > > > IPsec requires the ovs-monitor-ipsec daemon. > > > > > > Thanks, > > Venkata Santhosh > > > > On Thu, Aug 25, 2016 at 2:30 PM, santhu vaddepally < > > santhuvaddepa...@gmail.com> wrote: > > > >> Hi, > >> > >> I am trying to establish GRE over IPSEC , but with the following command > >> getting error logs. > >> > >> # ovs-vsctl add-port br1 gre1 -- set interface gre1 type=ipsec_gre > >> options:remot_ip=15.15.15.15 optioins:psk=secret > >> > >> Error Log : > >> --------------- > >> > >> IPsec requires the ovs-monitor-ipsec daemon. > >> > >> > >> > >> I tried to run ovs-monitor-ipsec script with following command , > >> > >> # /usr/share/openvswitch/scripts/ovs-monitor-ipsec > >> /etc/openvswitch/conf.db > >> > >> Logs : > >> -------- > >> > >> Connecting ... > >> Connection attempt failed (address family not supported by protocol) > >> > >> > >> Can anyone please tell me the exact command to run ovs-monitor-ipsec > with > >> proper arguments ? > >> > >> Thanks in Advance .. > >> > >> Regards, > >> Venkata Santhosh > >> > > > > > _______________________________________________ > dev mailing list > dev@openvswitch.org > http://openvswitch.org/mailman/listinfo/dev > _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
