Satish, We are using the Mellanox Connect X6 card / possibly we can use bluefield2 card to do IPSEC hardware offload . So somehow we could build a tunnel to a server with StrongSwan IPSEC . The key thing is to tie this IPSEC interface into the OVN/OVS setup and somehow associate it with a customer's virtual router.
Am I even thinking off this the correct way? Gav On Tue, Feb 14, 2023 at 7:15 AM Satish Patel <satish....@gmail.com> wrote: > Seems like OVN does support IPsec tunnel based on doc but may need to > figure out how to integrate with your use case [1] > > [1] https://docs.ovn.org/en/latest/tutorials/ovn-ipsec.html > <https://docs.ovn.org/en/latest/tutorials/ovn-ipsec.html> > > > On Tue, Feb 14, 2023 at 8:20 AM Gavin McKee via discuss < > ovs-discuss@openvswitch.org> wrote: > >> Hi , >> >> Is it possible to connect an IPSEC tunnel from a Public cloud provider >> such as Azure, AWS / GCP to an OVN logical router ? >> >> I need to be able to route between a subnet in Azure / GCP and a subnet >> in OVN? >> >> Has anyone been able to achieve this , and if so can you provide an >> example configuration ? >> >> Gav >> >> >> *Disclaimer* >> >> The information contained in this communication from the sender is >> confidential. It is intended solely for use by the recipient and others >> authorized to receive it. If you are not the recipient, you are hereby >> notified that any disclosure, copying, distribution or taking action in >> relation of the contents of this information is strictly prohibited and may >> be unlawful. >> _______________________________________________ >> discuss mailing list >> disc...@openvswitch.org >> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss >> <https://mail.openvswitch.org/mailman/listinfo/ovs-discuss> >> > Disclaimer The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation of the contents of this information is strictly prohibited and may be unlawful. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast, a leader in email security and cyber resilience. Mimecast integrates email defenses with brand protection, security awareness training, web security, compliance and other essential capabilities. Mimecast helps protect large and small organizations from malicious activity, human error and technology failure; and to lead the movement toward building a more resilient world. To find out more, visit our website.
_______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
