7 .TH ovs\-controller 8 "March 2009" "Open vSwitch" "Open vSwitch Manual"
11 ovs\-controller \- simple OpenFlow controller reference implementation
15 [\fIoptions\fR] \fImethod\fR \fB[\fImethod\fR]\&...
18 \fBovs\-controller\fR manages any number of remote switches over OpenFlow
19 protocol, causing them to function as L2 MAC-learning switches or hub.
21 \fBovs\-controller\fR controls one or more OpenFlow switches, specified as
22 one or more of the following OpenFlow connection methods:
25 .so lib/vconn-passive.man
26 .so lib/vconn-active.man
31 .IQ "\fB\-\-noflow\fR"
32 By default, \fBovs\-controller\fR sets up a flow in each OpenFlow switch
33 whenever it receives a packet whose destination is known due through
34 MAC learning. This option disables flow setup, so that every packet
35 in the network passes through the controller.
37 This option is most useful for debugging. It reduces switching
38 performance, so it should not be used in production.
41 \fB\-\-max\-idle=\fIsecs\fR|\fBpermanent\fR
42 Sets \fIsecs\fR as the number of seconds that a flow set up by the
43 controller will remain in the switch's flow table without any matching
44 packets being seen. If \fBpermanent\fR is specified, which is not
45 recommended, flows will never expire. The default is 60 seconds.
47 This option affects only flows set up by the OpenFlow controller. In
48 some configurations, the switch can set up some flows
49 on its own. To set the idle time for those flows, pass
50 \fB\-\-max\-idle\fR to \fBovs\-openflowd\fR (on the switch).
52 This option has no effect when \fB\-n\fR (or \fB\-\-noflow\fR) is in use
53 (because the controller does not set up flows in that case).
57 By default, the controller acts as an L2 MAC-learning switch. This
58 option changes its behavior to that of a hub that floods packets on
59 all but the incoming port.
61 If \fB\-H\fR (or \fB\-\-hub\fR) and \fB\-n\fR (or \fB\-\-noflow\fR) are used
62 together, then the cumulative effect is that every packet passes
63 through the controller and every packet is flooded.
65 This option is most useful for debugging. It reduces switching
66 performance, so it should not be used in production.
69 .IQ "\fB\-\-wildcard\fR"
70 By default, \fBovs\-controller\fR sets up exact-match flows. This
71 option allows it to set up wildcarded flows, which may reduce
72 flow-setup latency by causing less traffic to be sent up to the
75 This option has no effect when \fB\-n\fR (or \fB\-\-noflow\fR) is in use
76 (because the controller does not set up flows in that case).
79 .IQ "\fB\-\-normal\fR"
80 By default, \fBovs\-controller\fR directs packets to a particular port
81 or floods them. This option causes it to direct non-flooded packets
82 to the OpenFlow \fBOFPP_NORMAL\fR port. This allows the switch itself
83 to make decisions about packet destinations. Support for
84 \fBOFPP_NORMAL\fR is optional in OpenFlow, so this option may not well
85 with some non-Open vSwitch switches.
88 Prevents ovs\-controller from replying to any OpenFlow messages sent
91 This option is only for debugging the Open vSwitch implementation of
92 ``fail open'' mode. It must not be used in production.
95 .IQ "\fB\-\-queue=\fIid\fR"
96 By default, \fBovs\-controller\fR uses the default OpenFlow queue for
97 sending packets and setting up flows. Use one of these options,
98 supplying \fIid\fR as an OpenFlow queue ID as a decimal number, to
99 instead use that specific queue.
101 This option may be useful for debugging quality of service setups.
103 .IP "\fB\-\-with\-flows \fIfile\fR"
104 When a switch connects, push the flow entries as described in
105 \fIfile\fR. Each line in \fIfile\fR is a flow entry in the format
106 described for the \fBadd\-flows\fR command in the \fBFlow Syntax\fR
107 section of the \fBovs\-ofctl\fR(8) man page.
109 .SS "Public Key Infrastructure Options"
111 .so lib/ssl-peer-ca-cert.man
119 To bind locally to port 6633 (the default) and wait for incoming
120 connections from OpenFlow switches:
122 \fB% ovs\-controller ptcp:\fR
125 Configuring a Citrix XenServer to connect to a particular controller
126 only points the remote OVSDB management connection to that controller.
127 It does not also configure OpenFlow connections, because the manager
128 is expected to do that over the management protocol.
129 \fBovs\-controller\fR is not an Open vSwitch manager and does not know
132 As a stopgap workaround, \fBovs\-vsctl\fR can wait for an OVSDB
133 connection and set the controller, e.g.:
135 \fB% ovs\-vsctl \-t0 \-\-db=pssl: \-\-certificate=cert.pem
136 \-\-ca\-cert=none \-\-private\-key=privkey.pem
137 \-\-peer\-ca\-cert=cacert.pem set\-controller ssl:\fIip\fR
140 .BR ovs\-openflowd (8),