On Mon, Jun 8, 2015 at 12:19 AM, Harsh Jain <[email protected]> wrote: > Hi, > > > While trying to encrypt(IPsec policy) packets based on GRE key > received in packets. kernel didn't encrypted the packets received from > OVS bridge. The packets forwarded to Desination unencrypted. > Kernel treats packet having different keys as same flow type.
It seems that you are not using ovs-monitor-ipsec to install IPsec policies for you? > > > Kernel Version used : 3.18.14 > ovs-vswitchd (Open vSwitch) 2.0.1 > Compiled Apr 16 2014 14:19:17 > OpenFlow versions 0x1:0x1 > > Fix Applied : Find attached initial patch. > > Please confirm if it is bug?. I think this could be classified as bug for those use cases when one wants to install such fine grained IPsec policies based on GRE key. BTW I looked in ip-xfrm man page and it has more fields in SELECTOR. > > > Regards > Harsh Jain > > _______________________________________________ > discuss mailing list > [email protected] > http://openvswitch.org/mailman/listinfo/discuss > _______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
