New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
IPSec on OpenVZ
I have read that OpenVZ does not support IPSec, but I've also read some documentation that suggests it's possible with the right modules enabled on the host node. Are any other OpenVZ hosts able to successfully enable IPSec for their containers? What modules need to be enabled if so?
We tried installing a few modules and running "ipsec verify" inside a container. The script reported that ipsec should work, but it doesn't seem to be so far.
Comments
Have you read this: http://wiki.openvz.org/VPN_using_IPsec ?
What is the point of using IPSec rather than just TUN/TAP? Just curious.
Someone wanted to use Openswan and IPSec on our containers.
@AsadHaider yes
What's the point of getting openvz when you can get xen/KVM at the same price or just $1-2 more.
Oh boy, please don't take this thread in that direction
@cosmicgate: it depends on what you use it for.
@Nick_A Yeah what's the problem? Just buy him a new node and plan this one for KVM allotments. You can write a new business plan in like an hour right?
Welcome to LET
Nick_A 10:36AM
Oh boy, please don't take this thread in that direction
Didn't mean to be offensive. Didn't know you are a provider. Your comment didn't show while I was posting that.
No problem - just didn't want this thread to turn into a KVM vs Xen vs OpenVZ debate.
I'm so sorry to bump this 1 year old thread, but has anyone got it working on OpenVz? @Nick_A?
No, I think it'll be a: "We can get OpenVZ for $7 for 4GB, you should be able to do KVM for $7 for 3GB and also $12/year for KVM 256/MB. Give me the plan now!".
Had plenty of these received.
A year ago?
Like constantly. Get something like "I'm currently with provider x, but always down. Would like to try you. I demand a 7 day trial of your service and for you to offer it at the same price but not go down."
I think we all get those @concerto49
Hey Nick, Francisco did this in BuyVM. How about contacting him?
you mean buyvm support l2tp ipsec in their ovz vps?
We're just finalizing things and getting a guide cleaned up but yes
Francisco
Oh great! that's then another reason to stay with buyvm.
i just want to have a try if you r ready for this.
IpSec is network layer, includes headers, and spans between packets.
This:
Rolled this out earlier tonight Please check our guide at http://wiki.buyvm.net/doku.php/ipsec
IPSec works on openvz; Doesn't it?
I personally haven't seen any clients raising any issues, An have quite few clients using varations of vpn services.
Just have to say this.
Motherfucker, you do good work. I hope you continue.
Not without work on the node side.
Francisco
Word to your mother.
Francisco
only support 64bit system? install ipsec openswan directly and the kernel already support ipsec? do we need to reinstall OS to get kernel support?
Correct it will only work on the same architecture as the host node (so 64bit).
Right. If you're on 64bit you're fine. I've heard the xl2tpd (1.2.8) on ubuntu is partially broken so it may cause you issues. There isn't any reboots or tickets needed for ipsec support.
Francisco
It hurts me