[openstack-dev] [neutron] Cannot setup IPSEC transport mode between VMS
Yitao Jiang
jiangyt.cn at gmail.com
Thu Jun 16 15:00:16 UTC 2016
Hi all,
In Liberty, i want to setup a IPSEC between VMS using transport mode with
ESP protocol,
Just as the diagram above descried, only 10.0.0.4 access 10.0.0.5/10.0.0.6.
If i setup the IPSEC using manually configured key management,
ipsec-tools(setkey) under ubuntu, the vm of 10.0.0.4 cannot reach to
10.0.0.5, neither do 10.0.0.6. But if 10.0.0.5/10.0.0.6 first send request
to 10.0.0.4, such using ping, the 10.0.0.4 can reach them
here's the related OpenStack info
OpenStack: Liberty
Neutron: ML2 LinuxBridge with VxLAN encapsulation.
And if i setup the same topology of above under VirtualBox on my laptop
with the same IPSEC configuration, there's no such issue.
--
Regards,
Yitao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160616/dae80706/attachment.html>
More information about the OpenStack-dev
mailing list