Ben Pfaff <[email protected]> writes: > On Wed, Jun 27, 2018 at 04:00:00PM -0400, Aaron Conole wrote: >> Thanks for the patch. It's really cool to see IPSec being >> re-integrated. Just a few quick comments inline. >> >> Qiuyu Xiao <[email protected]> writes: >> >> > From: Ansis Atteka <[email protected]> >> > >> > This patch reintroduces ovs-monitor-ipsec daemon that >> > was previously removed by commit 2b02d770 ("openvswitch: >> > Allow external IPsec tunnel management.") >> > >> > The reason for removal at the time was that there were IPsec >> > flavoured tunnel types, like ipsec_gre, that consumed for >> > themselves the least significant bit of SKB mark irrelevant >> > whether Open vSwitch users were using IPsec or not. >> > >> > After this patch, there are no IPsec flavored tunnels anymore. >> > IPsec is enabled by setting up the right values in: >> > 1. OVSDB:Interface:options column; >> > 2. OVSDB:Open_vSwitch:other_config column; >> > 3. OpenFlow pipeline. >> > >> > Signed-off-by: Ansis Atteka <[email protected]> >> > --- >> >> Have you looked into what it would take to support other systems (for >> instance, BSDs, Fedora/RHEL, CentOS)? > > I've asked Qiuyu to look at RHEL/Fedora support soon. It will take > extra work because Red Hat flavored systems use libreswan instead of > strongswan, and libreswan configuration works differently.
Thanks Ben, and Qiuyu. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
