<p>
The following modes require the upstream switch to support 802.3ad with
- successful LACP negotiation:
+ successful LACP negotiation. If LACP negotiation fails and
+ other-config:lacp-fallback-ab is true, then <code>active-backup</code>
+ mode is used:
</p>
<dl>
in LACP negotiations initiated by a remote switch, but not allowed to
initiate such negotiations themselves. If LACP is enabled on a port
whose partner switch does not support LACP, the bond will be
- disabled. Defaults to <code>off</code> if unset.
+ disabled, unless other-config:lacp-fallback-ab is set to true.
+ Defaults to <code>off</code> if unset.
</column>
<column name="other_config" key="lacp-system-id">
rate of once every 30 seconds.
</p>
</column>
+
+ <column name="other_config" key="lacp-fallback-ab"
+ type='{"type": "boolean"}'>
+ <p>
+ Determines the behavior of openvswitch bond in LACP mode. If
+ the partner switch does not support LACP, setting this option
+ to <code>true</code> allows openvswitch to fallback to
+ active-backup. If the option is set to <code>false</code>, the
+ bond will be disabled. In both the cases, once the partner switch
+ is configured to LACP mode, the bond will use LACP.
+ </p>
+ </column>
</group>
<group title="Rebalancing Configuration">
address.</p>
</column>
- <column name="ofport">
- <p>OpenFlow port number for this interface. Unlike most columns, this
- column's value should be set only by Open vSwitch itself. Other
- clients should set this column to an empty set (the default) when
- creating an <ref table="Interface"/>.</p>
- <p>Open vSwitch populates this column when the port number becomes
- known. If the interface is successfully added,
- <ref column="ofport"/> will be set to a number between 1 and 65535
- (generally either in the range 1 to 65279, inclusive, or 65534, the
- port number for the OpenFlow ``local port''). If the interface
- cannot be added then Open vSwitch sets this column
- to -1.</p>
- <p>When <ref column="ofport_request"/> is not set, Open vSwitch picks
- an appropriate value for this column and then tries to keep the value
- constant across restarts.</p>
- </column>
-
- <column name="ofport_request">
- <p>Requested OpenFlow port number for this interface. The port
- number must be between 1 and 65279, inclusive. Some datapaths
- cannot satisfy all requests for particular port numbers. When
- this column is empty or the request cannot be fulfilled, the
- system will choose a free port. The <ref column="ofport"/>
- column reports the assigned OpenFlow port number.</p>
- <p>The port number must be requested in the same transaction
- that creates the port.</p>
- </column>
+ <group title="OpenFlow Port Number">
+ <p>
+ When a client adds a new interface, Open vSwitch chooses an OpenFlow
+ port number for the new port. If the client that adds the port fills
+ in <ref column="ofport_request"/>, then Open vSwitch tries to use its
+ value as the OpenFlow port number. Otherwise, or if the requested
+ port number is already in use or cannot be used for another reason,
+ Open vSwitch automatically assigns a free port number. Regardless of
+ how the port number was obtained, Open vSwitch then reports in <ref
+ column="ofport"/> the port number actually assigned.
+ </p>
+
+ <p>
+ Open vSwitch limits the port numbers that it automatically assigns to
+ the range 1 through 32,767, inclusive. Controllers therefore have
+ free use of ports 32,768 and up.
+ </p>
+
+ <column name="ofport">
+ <p>
+ OpenFlow port number for this interface. Open vSwitch sets this
+ column's value, so other clients should treat it as read-only.
+ </p>
+ <p>
+ The OpenFlow ``local'' port (<code>OFPP_LOCAL</code>) is 65,534.
+ The other valid port numbers are in the range 1 to 65,279,
+ inclusive. Value -1 indicates an error adding the interface.
+ </p>
+ </column>
+
+ <column name="ofport_request"
+ type='{"type": "integer", "minInteger": 1, "maxInteger": 65279}'>
+ <p>
+ Requested OpenFlow port number for this interface.
+ </p>
+
+ <p>
+ Open vSwitch currently assigns the OpenFlow port number for an
+ interface once, when the client first adds the interface. It does
+ not change the port number later if the client sets or changes or
+ clears <ref column="ofport_request"/>. Therefore, to ensure that
+ <ref column="ofport_request"/> takes effect, the client should set
+ it in the same database transaction that creates the interface.
+ (Future versions of Open vSwitch might honor changes to <ref
+ column="ofport_request"/>.)
+ </p>
+ </column>
+ </group>
</group>
<group title="System-Specific Details">
<dt><code>lisp</code></dt>
<dd>
- A layer 3 tunnel over the experimental, UDP-based Locator/ID
- Separation Protocol (RFC 6830).
+ <p>
+ A layer 3 tunnel over the experimental, UDP-based Locator/ID
+ Separation Protocol (RFC 6830).
+ </p>
+ <p>
+ Only IPv4 and IPv6 packets are supported by the protocol, and
+ they are sent and received without an Ethernet header. Traffic
+ to/from LISP ports is expected to be configured explicitly, and
+ the ports are not intended to participate in learning based
+ switching. As such, they are always excluded from packet
+ flooding.
+ </p>
</dd>
<dt><code>patch</code></dt>
</group>
<group title="Bidirectional Forwarding Detection (BFD)">
- <p>
- BFD, defined in RFC 5880 and RFC 5881, allows point to point
- detection of connectivity failures by occasional transmission of
- BFD control messages. It is implemented in Open vSwitch to serve
- as a more popular and standards compliant alternative to CFM.
- </p>
-
- <p>
- BFD operates by regularly transmitting BFD control messages at a
- rate negotiated independently in each direction. Each endpoint
- specifies the rate at which it expects to receive control messages,
- and the rate at which it's willing to transmit them. Open vSwitch
- uses a detection multiplier of three, meaning that an endpoint
- which fails to receive BFD control messages for a period of three
- times the expected reception rate, will signal a connectivity
- fault. In the case of a unidirectional connectivity issue, the
- system not receiving BFD control messages will signal the problem
- to its peer in the messages it transmits.
- </p>
-
- <p>
- The Open vSwitch implementation of BFD aims to comply faithfully
- with the requirements put forth in RFC 5880. Currently, the only
- known omission is ``Demand Mode'', which we hope to include in
- future. Open vSwitch does not implement the optional
- Authentication or ``Echo Mode'' features.
- </p>
-
- <column name="bfd" key="enable">
- When <code>true</code> BFD is enabled on this
- <ref table="Interface"/>, otherwise it's disabled. Defaults to
- <code>false</code>.
- </column>
-
- <column name="bfd" key="min_rx"
- type='{"type": "integer", "minInteger": 1}'>
- The fastest rate, in milliseconds, at which this BFD session is
- willing to receive BFD control messages. The actual rate may be
- slower if the remote endpoint isn't willing to transmit as quickly as
- specified. Defaults to <code>1000</code>.
- </column>
-
- <column name="bfd" key="min_tx"
- type='{"type": "integer", "minInteger": 1}'>
- The fastest rate, in milliseconds, at which this BFD session is
- willing to transmit BFD control messages. The actual rate may be
- slower if the remote endpoint isn't willing to receive as quickly as
- specified. Defaults to <code>100</code>.
- </column>
-
- <column name="bfd" key="decay_min_rx" type='{"type": "integer"}'>
- <code>decay_min_rx</code> is used to set the <code>min_rx</code>,
- when there is no obvious incoming data traffic at the interface.
- It cannot be set less than the <code>min_rx</code>. The decay feature
- is disabled by setting the <code>decay_min_rx</code> to 0. And the
- feature is reset everytime itself or <code>min_rx</code> is
- reconfigured.
- </column>
-
- <column name="bfd" key="forwarding_if_rx" type='{"type": "boolean"}'>
- When <code>forwarding_if_rx</code> is true the interface will be
- considered capable of packet I/O as long as there is packet
- received at interface. This is important in that when link becomes
- temporarily conjested, consecutive BFD control packets can be lost.
- And the <code>forwarding_if_rx</code> can prevent link failover by
- detecting non-control packets received at interface.
- </column>
-
- <column name="bfd" key="cpath_down" type='{"type": "boolean"}'>
- Concatenated path down may be used when the local system should not
- have traffic forwarded to it for some reason other than a connectivty
- failure on the interface being monitored. When a controller thinks
- this may be the case, it may set <code>cpath_down</code> to
- <code>true</code> which may cause the remote BFD session not to
- forward traffic to this <ref table="Interface"/>. Defaults to
- <code>false</code>.
- </column>
-
- <column name="bfd" key="check_tnl_key" type='{"type": "boolean"}'>
- When set to true, Check Tunnel Key will make BFD only accept control
- messages with an <code>in_key</code> of zero. Defaults to
- <code>false</code>.
- </column>
-
- <column name="bfd" key="bfd_dst_mac">
- An Ethernet address in the form
- <var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>
- to set the destination mac address of the bfd packet. If this
- field is set, it is assumed that all the bfd packets destined to this
- interface also has the same destination mac address. If not set, a
- default value of <code>00:23:20:00:00:01</code> is used.
- </column>
-
- <column name="bfd_status" key="state"
- type='{"type": "string",
- "enum": ["set", ["admin_down", "down", "init", "up"]]}'>
- State of the BFD session. The BFD session is fully healthy and
- negotiated if <code>UP</code>.
- </column>
+ <p>
+ BFD, defined in RFC 5880 and RFC 5881, allows point-to-point
+ detection of connectivity failures by occasional transmission of
+ BFD control messages. Open vSwitch implements BFD to serve
+ as a more popular and standards compliant alternative to CFM.
+ </p>
- <column name="bfd_status" key="forwarding" type='{"type": "boolean"}'>
- True if the BFD session believes this <ref table="Interface"/> may be
- used to forward traffic. Typically this means the local session is
- signaling <code>UP</code>, and the remote system isn't signaling a
- problem such as concatenated path down.
- </column>
+ <p>
+ BFD operates by regularly transmitting BFD control messages at a rate
+ negotiated independently in each direction. Each endpoint specifies
+ the rate at which it expects to receive control messages, and the rate
+ at which it is willing to transmit them. Open vSwitch uses a detection
+ multiplier of three, meaning that an endpoint signals a connectivity
+ fault if three consecutive BFD control messages fail to arrive. In the
+ case of a unidirectional connectivity issue, the system not receiving
+ BFD control messages signals the problem to its peer in the messages it
+ transmits.
+ </p>
- <column name="bfd_status" key="diagnostic">
- A short message indicating what the BFD session thinks is wrong in
- case of a problem.
- </column>
+ <p>
+ The Open vSwitch implementation of BFD aims to comply faithfully
+ with RFC 5880 requirements. Open vSwitch does not implement the
+ optional Authentication or ``Echo Mode'' features.
+ </p>
- <column name="bfd_status" key="remote_state"
- type='{"type": "string",
- "enum": ["set", ["admin_down", "down", "init", "up"]]}'>
- State of the remote endpoint's BFD session.
- </column>
+ <group title="BFD Configuration">
+ <p>
+ A controller sets up key-value pairs in the <ref column="bfd"/>
+ column to enable and configure BFD.
+ </p>
+
+ <column name="bfd" key="enable" type='{"type": "boolean"}'>
+ True to enable BFD on this <ref table="Interface"/>.
+ </column>
+
+ <column name="bfd" key="min_rx"
+ type='{"type": "integer", "minInteger": 1}'>
+ The shortest interval, in milliseconds, at which this BFD session
+ offers to receive BFD control messages. The remote endpoint may
+ choose to send messages at a slower rate. Defaults to
+ <code>1000</code>.
+ </column>
+
+ <column name="bfd" key="min_tx"
+ type='{"type": "integer", "minInteger": 1}'>
+ The shortest interval, in milliseconds, at which this BFD session is
+ willing to transmit BFD control messages. Messages will actually be
+ transmitted at a slower rate if the remote endpoint is not willing to
+ receive as quickly as specified. Defaults to <code>100</code>.
+ </column>
+
+ <column name="bfd" key="decay_min_rx" type='{"type": "integer"}'>
+ An alternate receive interval, in milliseconds, that must be greater
+ than or equal to <ref column="bfd" key="min_rx"/>. The
+ implementation switches from <ref column="bfd" key="min_rx"/> to <ref
+ column="bfd" key="decay_min_rx"/> when there is no obvious incoming
+ data traffic at the interface, to reduce the CPU and bandwidth cost
+ of monitoring an idle interface. This feature may be disabled by
+ setting a value of 0. This feature is reset whenever <ref
+ column="bfd" key="decay_min_rx"/> or <ref column="bfd" key="min_rx"/>
+ changes.
+ </column>
+
+ <column name="bfd" key="forwarding_if_rx" type='{"type": "boolean"}'>
+ True to consider the interface capable of packet I/O as long as it
+ continues to receive any packets (not just BFD packets). This
+ prevents link congestion that causes consecutive BFD control packets
+ to be lost from marking the interface down.
+ </column>
+
+ <column name="bfd" key="cpath_down" type='{"type": "boolean"}'>
+ Set to true to notify the remote endpoint that traffic should not be
+ forwarded to this system for some reason other than a connectivty
+ failure on the interface being monitored. The typical underlying
+ reason is ``concatenated path down,'' that is, that connectivity
+ beyond the local system is down. Defaults to false.
+ </column>
+
+ <column name="bfd" key="check_tnl_key" type='{"type": "boolean"}'>
+ Set to true to make BFD accept only control messages with a tunnel
+ key of zero. By default, BFD accepts control messages with any
+ tunnel key.
+ </column>
+
+ <column name="bfd" key="bfd_dst_mac">
+ Set to an Ethernet address in the form
+ <var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>
+ to set the MAC used as destination for transmitted BFD packets and
+ expected as destination for received BFD packets. The default is
+ <code>00:23:20:00:00:01</code>.
+ </column>
+ </group>
- <column name="bfd_status" key="remote_diagnostic">
- A short message indicating what the remote endpoint's BFD session
- thinks is wrong in case of a problem.
- </column>
+ <group title="BFD Status">
+ <p>
+ The switch sets key-value pairs in the <ref column="bfd_status"/>
+ column to report the status of BFD on this interface. When BFD is
+ not enabled, with <ref column="bfd" key="enable"/>, the switch clears
+ all key-value pairs from <ref column="bfd_status"/>.
+ </p>
+
+ <column name="bfd_status" key="state"
+ type='{"type": "string",
+ "enum": ["set", ["admin_down", "down", "init", "up"]]}'>
+ Reports the state of the BFD session. The BFD session is fully
+ healthy and negotiated if <code>UP</code>.
+ </column>
+
+ <column name="bfd_status" key="forwarding" type='{"type": "boolean"}'>
+ Reports whether the BFD session believes this <ref
+ table="Interface"/> may be used to forward traffic. Typically this
+ means the local session is signaling <code>UP</code>, and the remote
+ system isn't signaling a problem such as concatenated path down.
+ </column>
+
+ <column name="bfd_status" key="diagnostic">
+ In case of a problem, set to a short message that reports what the
+ local BFD session thinks is wrong.
+ </column>
+
+ <column name="bfd_status" key="remote_state"
+ type='{"type": "string",
+ "enum": ["set", ["admin_down", "down", "init", "up"]]}'>
+ Reports the state of the remote endpoint's BFD session.
+ </column>
+
+ <column name="bfd_status" key="remote_diagnostic">
+ In case of a problem, set to a short message that reports what the
+ remote endpoint's BFD session thinks is wrong.
+ </column>
+ </group>
</group>
<group title="Connectivity Fault Management">
CFM on this <ref table="Interface"/>.
</column>
+ <column name="cfm_flap_count">
+ Counts the number of cfm fault flapps since boot. A flap is
+ considered to be a change of the <ref column="cfm_fault"/> value.
+ </column>
+
<column name="cfm_fault">
<p>
Indicates a connectivity fault triggered by an inability to receive
<dl>
<dt><code>ssl:<var>ip</var></code>[<code>:<var>port</var></code>]</dt>
<dd>
- <p>The specified SSL <var>port</var> (default: 6633) on the host at
- the given <var>ip</var>, which must be expressed as an IP address
- (not a DNS name). The <ref table="Open_vSwitch" column="ssl"/>
- column in the <ref table="Open_vSwitch"/> table must point to a
- valid SSL configuration when this form is used.</p>
+ <p>The specified SSL <var>port</var> on the host at the
+ given <var>ip</var>, which must be expressed as an IP
+ address (not a DNS name). The <ref table="Open_vSwitch"
+ column="ssl"/> column in the <ref table="Open_vSwitch"/>
+ table must point to a valid SSL configuration when this form
+ is used.</p>
+ <p>If <var>port</var> is not specified, it currently
+ defaults to 6633. In the future, the default will change to
+ 6653, which is the IANA-defined value.</p>
<p>SSL support is an optional feature that is not always built as
part of Open vSwitch.</p>
</dd>
<dt><code>tcp:<var>ip</var></code>[<code>:<var>port</var></code>]</dt>
- <dd>The specified TCP <var>port</var> (default: 6633) on the host at
- the given <var>ip</var>, which must be expressed as an IP address
- (not a DNS name).</dd>
+ <dd>
+ <p>The specified TCP <var>port</var> on the host at the
+ given <var>ip</var>, which must be expressed as an IP
+ address (not a DNS name).</p>
+ <p>If <var>port</var> is not specified, it currently
+ defaults to 6633. In the future, the default will change to
+ 6653, which is the IANA-defined value.</p>
+ </dd>
</dl>
<p>
The following connection methods are currently supported for service
<dl>
<dt><code>pssl:</code>[<var>port</var>][<code>:<var>ip</var></code>]</dt>
<dd>
- <p>
- Listens for SSL connections on the specified TCP <var>port</var>
- (default: 6633). If <var>ip</var>, which must be expressed as an
- IP address (not a DNS name), is specified, then connections are
- restricted to the specified local IP address.
- </p>
- <p>
- The <ref table="Open_vSwitch" column="ssl"/> column in the <ref
- table="Open_vSwitch"/> table must point to a valid SSL
- configuration when this form is used.
- </p>
+ <p> Listens for SSL connections on the specified TCP
+ <var>port</var>. If <var>ip</var>, which must be expressed
+ as an IP address (not a DNS name), is specified, then
+ connections are restricted to the specified local IP
+ address. The <ref table="Open_vSwitch" column="ssl"/>
+ column in the <ref table="Open_vSwitch"/> table must point
+ to a valid SSL configuration when this form is used.</p>
+ <p>If <var>port</var> is not specified, it currently
+ defaults to 6633. In the future, the default will change to
+ 6653, which is the IANA-defined value.</p>
<p>SSL support is an optional feature that is not always built as
part of Open vSwitch.</p>
</dd>
<dt><code>ptcp:</code>[<var>port</var>][<code>:<var>ip</var></code>]</dt>
<dd>
- Listens for connections on the specified TCP <var>port</var>
- (default: 6633). If <var>ip</var>, which must be expressed as an
- IP address (not a DNS name), is specified, then connections are
- restricted to the specified local IP address.
+ <p>Listens for connections on the specified TCP
+ <var>port</var>. If <var>ip</var>, which must be expressed
+ as an IP address (not a DNS name), is specified, then
+ connections are restricted to the specified local IP
+ address.</p>
+ <p>If <var>port</var> is not specified, it currently
+ defaults to 6633. In the future, the default will change to
+ 6653, which is the IANA-defined value.</p>
</dd>
</dl>
<p>When multiple controllers are configured for a single bridge, the
<dt><code>ssl:<var>ip</var></code>[<code>:<var>port</var></code>]</dt>
<dd>
<p>
- The specified SSL <var>port</var> (default: 6632) on the host at
- the given <var>ip</var>, which must be expressed as an IP address
- (not a DNS name). The <ref table="Open_vSwitch" column="ssl"/>
- column in the <ref table="Open_vSwitch"/> table must point to a
- valid SSL configuration when this form is used.
+ The specified SSL <var>port</var> on the host at the given
+ <var>ip</var>, which must be expressed as an IP address
+ (not a DNS name). The <ref table="Open_vSwitch"
+ column="ssl"/> column in the <ref table="Open_vSwitch"/>
+ table must point to a valid SSL configuration when this
+ form is used.
</p>
<p>
- SSL support is an optional feature that is not always built as
- part of Open vSwitch.
+ If <var>port</var> is not specified, it currently defaults
+ to 6632. In the future, the default will change to 6640,
+ which is the IANA-defined value.
+ </p>
+ <p>
+ SSL support is an optional feature that is not always
+ built as part of Open vSwitch.
</p>
</dd>
<dt><code>tcp:<var>ip</var></code>[<code>:<var>port</var></code>]</dt>
<dd>
- The specified TCP <var>port</var> (default: 6632) on the host at
- the given <var>ip</var>, which must be expressed as an IP address
- (not a DNS name).
+ <p>
+ The specified TCP <var>port</var> on the host at the given
+ <var>ip</var>, which must be expressed as an IP address
+ (not a DNS name).
+ </p>
+ <p>
+ If <var>port</var> is not specified, it currently defaults
+ to 6632. In the future, the default will change to 6640,
+ which is the IANA-defined value.
+ </p>
</dd>
<dt><code>pssl:</code>[<var>port</var>][<code>:<var>ip</var></code>]</dt>
<dd>
<p>
- Listens for SSL connections on the specified TCP <var>port</var>
- (default: 6632). Specify 0 for <var>port</var> to have the
- kernel automatically choose an available port. If <var>ip</var>,
- which must be expressed as an IP address (not a DNS name), is
- specified, then connections are restricted to the specified local
- IP address.
- </p>
- <p>
- The <ref table="Open_vSwitch" column="ssl"/> column in the <ref
+ Listens for SSL connections on the specified TCP
+ <var>port</var>. Specify 0 for <var>port</var> to have
+ the kernel automatically choose an available port. If
+ <var>ip</var>, which must be expressed as an IP address
+ (not a DNS name), is specified, then connections are
+ restricted to the specified local IP address. The <ref
+ table="Open_vSwitch" column="ssl"/> column in the <ref
table="Open_vSwitch"/> table must point to a valid SSL
configuration when this form is used.
</p>
+ <p>
+ If <var>port</var> is not specified, it currently defaults
+ to 6632. In the future, the default will change to 6640,
+ which is the IANA-defined value.
+ </p>
<p>
SSL support is an optional feature that is not always built as
part of Open vSwitch.
</dd>
<dt><code>ptcp:</code>[<var>port</var>][<code>:<var>ip</var></code>]</dt>
<dd>
- Listens for connections on the specified TCP <var>port</var>
- (default: 6632). Specify 0 for <var>port</var> to have the kernel
- automatically choose an available port. If <var>ip</var>, which
- must be expressed as an IP address (not a DNS name), is specified,
- then connections are restricted to the specified local IP address.
+ <p>
+ Listens for connections on the specified TCP
+ <var>port</var>. Specify 0 for <var>port</var> to have
+ the kernel automatically choose an available port. If
+ <var>ip</var>, which must be expressed as an IP address
+ (not a DNS name), is specified, then connections are
+ restricted to the specified local IP address.
+ </p>
+ <p>
+ If <var>port</var> is not specified, it currently defaults
+ to 6632. In the future, the default will change to 6640,
+ which is the IANA-defined value.
+ </p>
</dd>
</dl>
<p>When multiple managers are configured, the <ref column="target"/>