Hello Ansis,
Thank you for your answer!
Le 13/09/2019 à 19:52, Ansis a écrit :
On Fri, 13 Sep 2019 at 01:26, Benjamin <[email protected]> wrote:
Hello,
Is it possible to have multiple bridges using IPSEC/GRE tunnels with
same configuration?
IIRC, it is not possible to create multiple IPsec tunnels of same
flavor (in your case GRE) between the same two endpoints.
This limitation kinda comes from Linux IPsec stack. While ip-xfrm man
page mentions that it is possible for IPsec stack to match on GRE key,
there is not way to match on Geneve, VXLAN, STT and other protocols
the same way. So since we could not implement this in uniform manner
across all transport protocols, then we did not bother to implement
that for GRE either.
For now, creating one works fine but as soon as I create a 2nd none
works, there's no active connections and no error in logs.
I'm using `options:key` to allow having multiple GRE tunnels with same
configuration.
Thanks
Benjamin Reis
_______________________________________________
discuss mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
_______________________________________________
discuss mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
