___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
- Original Message -
> From: "Aaron Conole"
> To: "Bala Sankaran"
> Cc: "Tiago Lam" , d...@openvswitch.org
> Sent: Wednesday, 29 August, 2018 5:14:41 PM
> Subject: Re: [ovs-dev] [PATCH v3 6/6] system-dpdk: Connect network namespaces
> via dpdkvhostuser ports
>
> Bala Sankaran writes:
>
Bala Sankaran writes:
> - Original Message -
>> From: "Tiago Lam"
>> To: "Bala Sankaran" , d...@openvswitch.org
>> Sent: Wednesday, 29 August, 2018 1:36:13 PM
>> Subject: Re: [ovs-dev] [PATCH v3 6/6] system-dpdk: Connect network
>> namespaces via dpdkvhostuser ports
>>
>> Hi Bala,
>>
>
- Original Message -
> From: "Tiago Lam"
> To: "Bala Sankaran" , d...@openvswitch.org
> Sent: Wednesday, 29 August, 2018 1:36:13 PM
> Subject: Re: [ovs-dev] [PATCH v3 6/6] system-dpdk: Connect network namespaces
> via dpdkvhostuser ports
>
> Hi Bala,
>
> Thanks to both you and Aaron
On Sun, 19 Aug 2018 at 20:31, Qiuyu Xiao wrote:
>
> On Mon, Aug 13, 2018 at 2:33 AM, Ansis Atteka wrote:
> > On Tue, 7 Aug 2018 at 09:43, Qiuyu Xiao wrote:
> >>
> >> This patch reintroduces ovs-monitor-ipsec daemon that
> >> was previously removed by commit 2b02d770 ("openvswitch:
> >> Allow ext
Thanks for the fix.
Tested-by: Yifeng Sun
Reviewed-by: Yifeng Sun
On Tue, Aug 28, 2018 at 7:54 PM Darrell Ball wrote:
> On older kernels, for example 3.19, the function rt6_get_cookie() is
> not available and used with ipv6 config enabled; it was introduced in
> 4.2. Put back the replaceme
Hi Bala,
Thanks to both you and Aaron for working on this. Seems to be a great
addition.
As a general comment I agree with Ian that running everything on v17.11
would be preferable, as this would enable us to run this test on any
given system, and not only when v18.11 is installed. But after read
---
Este correo electrónico ha sido comprobado en busca de virus por AVG.
http://www.avg.com
___
dev mailing list
d...@openvswitch.org
https
Two main issues remain to be resolved.
1) The GENEVE and VXLAN IPsec tunnel configuration don't work in
LibreSwan. I reported this bug to the LibreSwan mailing list, which is
confirmed by the maintainer.
(https://lists.libreswan.org/pipermail/swan/2018/002700.html).
2) In order to match XFRM polic
tutorials/index.rst gives a step-by-setp guide to set up OVS IPsec
tunnel.
tutorials/ipsec.rst gives detailed explanation on the IPsec tunnel
configuration methods and forwarding modes.
Signed-off-by: Qiuyu Xiao
Signed-off-by: Ansis Atteka
Co-authored-by: Ansis Atteka
---
Documentation/automa
This patch adds step-by-step guide for configuring OVN Role-Based Access
Control and IPsec.
Signed-off-by: Qiuyu Xiao
---
Documentation/automake.mk | 2 +
Documentation/index.rst | 4 +-
Documentation/tutorials/index.rst | 2 +
Documentation/tutorials/ovn-ipse
This patch reintroduces ovs-monitor-ipsec daemon that
was previously removed by commit 2b02d770 ("openvswitch:
Allow external IPsec tunnel management.")
After this patch, there are no IPsec flavored tunnels anymore.
IPsec is enabled by setting up the right values in:
1. OVSDB:Interface:options col
This patch adds IPsec support for OVN tunnel. Basically, OVN offers a
binary option to its user for encryption configuration. If the IPsec
option is turned on, all tunnels will be encrypted. Otherwise, no tunnel
will be encrypted.
The changes are summarized as below:
1) Added a ipsec column on the
Added rules and files to create debian and rpm ovs-ipsec packages.
Signed-off-by: Qiuyu Xiao
Signed-off-by: Ansis Atteka
Co-authored-by: Ansis Atteka
---
debian/automake.mk | 3 +
debian/control | 21 +++
debian/openvswitch
This patch adds transport ports information for route lookup so that
IPsec can select geneve tunnel traffic to do encryption.
Signed-off-by: Qiuyu Xiao
Reviewed-by: Greg Rose
Tested-by: Greg Rose
---
datapath/linux/compat/geneve.c | 29 +++--
1 file changed, 19 insertio
This patch series reintroduce IPsec support for OVS tunneling and enable
OVN to
use IPsec tunnels. GRE, VXLAN, GENEVE, and STT IPsec tunnels are
supported.
StrongSwan and LibreSwan IKE daemons are supported.
Changes from v1 to v2
-
1. Merge the ovs-monitor-ipsec code to a singl
Bonjour,l'entreprise METAPRO.fr intervient dans toute la Région ParisienneParis
+ 77 + 78 + 91 + 92 + 93 + 94 + 957 jours sur 7 et 24h sur 24Promotion forfait
dépannage incluant déplacement + main d'oeuvre + petites fournitures =
159€/TTCPour tous vos dépannages (et installations) CHAUFFAG
nat_clean has a defunct optimization for calculating a hash outside the
scope of a bucket lock which can lead to a race in referencing a freed
conntrack entry. Adjust to avoid this. Needs backporting to 2.8.
Reported-at:
https://mail.openvswitch.org/pipermail/ovs-dev/2018-August/351629.html
Fix
Ephemeral port fallback is being done for DNAT and the code could be hit in
some special cases, with some test challenges. This is incorrect at any rate,
so filter this out.
Also, rename the variable used for checking whether ephemeral ports
need to be checked.
Needs backporting to 2.8.
Reported-a
19 matches
Mail list logo
