-----------------------
The requirements and procedure for building, installing, and
-configuring Open vSwitch are the same as those given in INSTALL.Linux.
+configuring Open vSwitch are the same as those given in INSTALL.
You may omit configuring, building, and installing the kernel module,
and the related requirements.
then create /dev/net (if necessary) with "mkdir /dev/net", then create
/dev/net/tun with "mknod /dev/net/tun c 10 200".
+On FreeBSD, the userspace switch additionally requires the kernel
+tap(4) driver to be available, either built into the kernel or loaded
+as a module.
+
Using the Userspace Datapath with ovs-vswitchd
----------------------------------------------
named the same as the bridge, as well as for each configured internal
interface.
-Using the Userspace Datapath with ovs-openflowd
------------------------------------------------
-
-To use ovs-openflowd in userspace mode, specify a datapath name that
-begins with "netdev@", and specify --ports with the names of the ports
-that should be included in the datapath as argument. For example:
+Firewall Rules
+--------------
- ovs-openflowd netdev@br0 --ports=eth0,eth1,eth2
+On Linux, when a physical interface is in use by the userspace
+datapath, packets received on the interface still also pass into the
+kernel TCP/IP stack. This can cause surprising and incorrect
+behavior. You can use "iptables" to avoid this behavior, by using it
+to drop received packets. For example, to drop packets received on
+eth0:
-ovs-openflowd will create a TAP device as the bridge's local
-interface, named the same as the bridge minus the "netdev@" prefix.
+ iptables -A INPUT -i eth0 -j DROP
+ iptables -A FORWARD -i eth0 -j DROP
Bug Reporting
-------------