On 2/17/21 7:00 PM, Mark Gray wrote: > On 17/02/2021 15:17, Balazs Nemeth wrote: >> Signed-off-by: Balazs Nemeth <bnem...@redhat.com> >> --- >> Documentation/tutorials/ipsec.rst | 21 ++++++++++++++++++++- >> 1 file changed, 20 insertions(+), 1 deletion(-) >> >> diff --git a/Documentation/tutorials/ipsec.rst >> b/Documentation/tutorials/ipsec.rst >> index 3b3e42c59..b6cc1c3a8 100644 >> --- a/Documentation/tutorials/ipsec.rst >> +++ b/Documentation/tutorials/ipsec.rst >> @@ -273,7 +273,26 @@ external IP is 1.1.1.1, and `host_2`'s external IP is >> 2.2.2.2. Make sure >> authenticated; otherwise, any certificate signed by the CA would be >> accepted. >> >> -3. Test IPsec tunnel. >> +3. Set the `local_ip` field in the Interface table (Optional) >> + >> + Make sure that the `local_ip` field in the Interface table is set to the >> + NIC used for egress traffic. >> + >> + On `host 1`:: >> + >> + # ovs-vsctl set Interface tun options:local_ip=$ip_1 >> + >> + Similarly, on `host 2`:: >> + >> + # ovs-vsctl set Interface tun options:local_ip=$ip_2 >> + >> + .. note:: >> + >> + It is not strictly necessary to set the `local_ip` field if your >> system >> + only has one NIC or the default gateway interface is set to the NIC >> + used for egress traffic. >> + >> +4. Test IPsec tunnel. >> >> Now you should have an IPsec GRE tunnel running between two hosts. To >> verify >> it, in `host_1`:: >> -- >> 2.29.2 >> > Acked-by: Mark Gray <mark.d.g...@redhat.com> > > I also ran make docs-check to check that it renders correctly - it does. > Thanks for the patch Balazs.
Thanks! Applied to master. Best regards, Ilya Maximets. _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev