>>unique problem is that when i use gre/vxlan i should >>set mtu 1432 on the bridge itself or the trasfer between >>gre's will be slow yes,make sense because of overhead of gre/vxlan headers
>>I'll write the patch for using OVSTunnel and if present >>i'll add even the ipsec option Thanks ! ----- Mail original ----- De: "Diaolin" <[email protected]> À: "Alexandre DERUMIER" <[email protected]> Cc: "pve-user pve.proxmox.com" <[email protected]> Envoyé: Mercredi 12 Mars 2014 08:09:11 Objet: Re: [PVE-User] Proxmox VE 3.2 released! Il 2014-03-12 02:03 Alexandre DERUMIER ha scritto: >>> This does work for you? > > I don't have tested it myself. > > I thinked it should work > > see doc here: > http://blog.scottlowe.org/2013/05/07/using-gre-tunnels-with-open-vswitch/ > > ovs-vsctl add-port vmbr0 gre0 -- set interface gre0 type=gre > options:remote_ip=<GRE tunnel endpoint on other hypervisor> yeah, me even, i've used this link for the same reason and this did not work due to the problem explained in the rest of your mail > > > But I just notice that in > /etc/network/if-pre-up.d/openvswitch > > so my config,it's doing > > ovs-vsctl add-port vmbr0 gre0 -- set interface gre0 type=internal -- > set interface gre0 type=gre options:remote_ip=<GRE tunnel endpoint on > other hypervisor> > > that's why it doesn't work clear... > > Does that works for you ? > Yes, tested even in MESH mode A->B A->C B->A B->C with stp enabled on the bridge and wotks like a charme.... unique problem is that when i use gre/vxlan i should set mtu 1432 on the bridge itself or the trasfer between gre's will be slow I'll write the patch for using OVSTunnel and if present i'll add even the ipsec option Ciao and tx, Diaolin > > ----- Mail original ----- > > De: "Diaolin" <[email protected]> > À: "Alexandre DERUMIER" <[email protected]> > Envoyé: Mardi 11 Mars 2014 15:55:16 > Objet: Re: [PVE-User] Proxmox VE 3.2 released! > > Il 2014-03-11 11:19 Alexandre DERUMIER ha scritto: >>>> the use of a simple gre tunnel does not mean "it's crypted" >>>> it's only encapsulated. >>>> >>>> My goal is to add ipsec_gre to the interface >>>> or vxlan and gre as simple ipip tunnels >> >> I think you can defined it using ovs_extra section in >> /etc/network/interface >> >> >> iface gre1 inet static >> address X.X.X.X >> netmask 255.255.255.0 >> ovs_type OVSIntPort >> ovs_bridge vmbr0 >> ovs_extra set interface gre1 type=gre options:remote_ip=X.X.X.X >> >> >> or for vxlan >> >> iface vxlan1 inet static >> address X.X.X.X >> netmask 255.255.255.0 >> ovs_type OVSIntPort >> ovs_bridge vmbr0 >> ovs_extra set interface vxlan1 type=vxlan >> options:remote_ip=X.X.X.X >> >> > > This does work for you? > > I've tested it but the tunnel does not work if i use > OVSIntPort instead of OVSTunnel > > Diaolin > > > > --- > S’à destacà l’ultima föia dal bósch nét > crodàda l’ei, solàgna, ‘n mèzz ai sàssi > e ‘ntant fis-ciava ‘n zìfol de oseleti > a tegnìr vìo ‘l pensér che vèn matìna > [Diaolin] --- S’à destacà l’ultima föia dal bósch nét crodàda l’ei, solàgna, ‘n mèzz ai sàssi e ‘ntant fis-ciava ‘n zìfol de oseleti a tegnìr vìo ‘l pensér che vèn matìna [Diaolin] _______________________________________________ pve-user mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
