Why VDE-VDE connection --------------------------------------- With the implementation of IP sockets, if at all a need arises to tether multiple VDE switches, say we want to connect two different topologies, we can burn a port on each VDE switch and establish connection using ip sockets. If one wants secure connectivity, of course legacy method using SSH tunnel is still there.
Implementation ----------------------- The patch is taken against vde-550 and I have attached a writeup on this feature. $ patch -p1 < vde.vdebr.patch. This needs to be applied on top of patch for supporting ip sockets. Please let me know if you have any questions. Thanks, Shesha
With this patch, one can connect two VDE switches directly using ip sockets without using vdeplug. Off course this assumes that the VDE switch already supports IP sockets. To achieve this, two new ds commands are implemented in the vde_switch. ds/connectvde/ip server:port connect to remote switch ds/connectvde/ctl ctrl filename connect to remote switch Either control port and server information or the control file that contains this information can be specified. This file is created during the creation of the vde_switch. vde$ ds/connectvde/ip 192.168.106.66:40696 Once connected it is shown as follows at the vde command line. vde$ port/print 1 0000 DATA END WITH '.' Port 0001 untagged_vlan=0000 ACTIVE - Unnamed Allocatable Current User: root Access Control: (User: NONE - Group: NONE) -- endpoint ID 0004 module unix prog : * VDE-SWITCH user=root PID=14761 IP=192.168.106.66 PORT=59088 RVDE=192.168.106.66:40696 . 1000 Success Testing -------- This feature is being used for more than 2 years with an average of 2500 switches running and at least 300 switch killed and instantiated daily. As a sanity test just before sending out the patch, I instantiated vde-switch1 on server-1 and vde-switch2 on server-2. I instantiated vm1 on server-2 and vm2 on server-1. Pinged between vm1 and vm2 and ensured they are not reachable, as expected. Connected the two vde_switches using ds/connect/ip command and ensured that the two VMs are now pingable.
vde.vdebr.patch
Description: Binary data
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ vde-users mailing list vde-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/vde-users
