This fixes a problem that Jesse pointed out, whereby as I sent it out before VXLAN and VXLAN-over-IPsec weren't both supported to a single host simultaneously.
This patch series takes advantage of patches that Justin wrote earlier for a different purpose. I've described my modifications in brief comments in the commit log but retained his authorship. I've only written unit tests for the IPSEC support, not actually tested it. I did do (really simple) tests of plaintext VXLAN. Ben Pfaff (1): Implement draft VXLAN L2-over-L3 tunneling protocol. Justin Pettit (4): vxlan: Add support for VXLAN-over-IPsec. datapath: Backport XFRM constants. datapath: Backport sec_path functions. stt: Support simultaneous encrypted and unencrypted to same host NEWS | 4 + README | 2 +- datapath/Modules.mk | 3 +- datapath/linux/.gitignore | 1 + datapath/linux/Modules.mk | 1 + datapath/linux/compat/include/linux/skbuff.h | 14 ++ datapath/linux/compat/include/net/xfrm.h | 14 ++ datapath/tunnel.c | 9 +- datapath/tunnel.h | 11 + datapath/vport-capwap.c | 2 + datapath/vport-vxlan.c | 280 ++++++++++++++++++++++++++ datapath/vport.c | 1 + datapath/vport.h | 1 + debian/control | 4 +- debian/openvswitch-ipsec.init | 3 +- debian/openvswitch-switch.init | 2 + debian/ovs-monitor-ipsec | 115 +++++++---- include/linux/openvswitch.h | 1 + include/openflow/nicira-ext.h | 9 +- lib/netdev-vport.c | 53 ++++-- rhel/etc_init.d_openvswitch | 2 + tests/ovs-monitor-ipsec.at | 67 ++++++ vswitchd/vswitch.xml | 59 +++++- xenserver/etc_init.d_openvswitch | 2 + 24 files changed, 580 insertions(+), 80 deletions(-) create mode 100644 datapath/linux/compat/include/net/xfrm.h create mode 100644 datapath/vport-vxlan.c -- 1.7.4.4 _______________________________________________ dev mailing list [email protected] http://openvswitch.org/mailman/listinfo/dev
