</p>
<column name="options" key="remote_ip">
- Required. The tunnel endpoint. Only unicast endpoints are supported.
+ <p>Required. The remote tunnel endpoint, one of:</p>
+
+ <ul>
+ <li>
+ An IPv4 address (not a DNS name), e.g. <code>192.168.0.123</code>.
+ Only unicast endpoints are supported.
+ </li>
+ <li>
+ The word <code>flow</code>. The tunnel accepts packets from any
+ remote tunnel endpoint. To process only packets from a specific
+ remote tunnel endpoint, the flow entries may match on the
+ <code>tun_src</code> field. When sending packets to a
+ <code>remote_ip=flow</code> tunnel, the flow actions must
+ explicitly set the <code>tun_dst</code> field to the IP address of
+ the desired remote tunnel endpoint, e.g. with a
+ <code>set_field</code> action.
+ </li>
+ </ul>
+
+ <p>
+ The remote tunnel endpoint for any packet received from a tunnel
+ is available in the <code>tun_src</code> field for matching in the
+ flow table.
+ </p>
</column>
<column name="options" key="local_ip">
- Optional. The destination IP that received packets must match.
- Default is to match all addresses.
+ <p>
+ Optional. The tunnel destination IP that received packets must
+ match. Default is to match all addresses. If specified, may be one
+ of:
+ </p>
+
+ <ul>
+ <li>
+ An IPv4 address (not a DNS name), e.g. <code>192.168.12.3</code>.
+ </li>
+ <li>
+ The word <code>flow</code>. The tunnel accepts packets sent to any
+ of the local IP addresses of the system running OVS. To process
+ only packets sent to a specific IP address, the flow entries may
+ match on the <code>tun_dst</code> field. When sending packets to a
+ <code>local_ip=flow</code> tunnel, the flow actions may
+ explicitly set the <code>tun_src</code> field to the desired IP
+ address, e.g. with a <code>set_field</code> action. However, while
+ routing the tunneled packet out, the local system may override the
+ specified address with the local IP address configured for the
+ outgoing system interface.
+
+ <p>
+ This option is valid only for tunnels also configured with the
+ <code>remote_ip=flow</code> option.
+ </p>
+ </li>
+ </ul>
+
+ <p>
+ The tunnel destination IP address for any packet received from a
+ tunnel is available in the <code>tun_dst</code> field for matching in
+ the flow table.
+ </p>
</column>
<column name="options" key="in_key">
</column>
</group>
+ <group title="Bidirectional Forwarding Detection (BFD)">
+ <p>
+ BFD, defined in RFC 5880 and RFC 5881, allows point to point
+ detection of connectivity failures by occasional transmission of
+ BFD control messages. It is implemented in Open vSwitch to serve
+ as a more popular and standards compliant alternative to CFM.
+ </p>
+
+ <p>
+ BFD operates by regularly transmitting BFD control messages at a
+ rate negotiated independently in each direction. Each endpoint
+ specifies the rate at which it expects to receive control messages,
+ and the rate at which it's willing to transmit them. Open vSwitch
+ uses a detection multiplier of three, meaning that an endpoint
+ which fails to receive BFD control messages for a period of three
+ times the expected reception rate, will signal a connectivity
+ fault. In the case of a unidirectional connectivity issue, the
+ system not receiving BFD control messages will signal the problem
+ to its peer in the messages is transmists.
+ </p>
+
+ <p>
+ The Open vSwitch implementation of BFD aims to comply faithfully
+ with the requirements put forth in RFC 5880. Currently, the only
+ known omission is ``Demand Mode'', which we hope to include in
+ future. Open vSwitch does not implement the optional
+ Authentication or ``Echo Mode'' features.
+ </p>
+
+ <column name="bfd" key="enable">
+ When <code>true</code> BFD is enabled on this
+ <ref table="Interface"/>, otherwise it's disabled. Defaults to
+ <code>false</code>.
+ </column>
+
+ <column name="bfd" key="min_rx"
+ type='{"type": "integer", "minInteger": 1}'>
+ The fastest rate, in milliseconds, at which this BFD session is
+ willing to receive BFD control messages. The actual rate may be
+ slower if the remote endpoint isn't willing to transmit as quickly as
+ specified. Defaults to <code>1000</code>.
+ </column>
+
+ <column name="bfd" key="min_tx"
+ type='{"type": "integer", "minInteger": 1}'>
+ The fastest rate, in milliseconds, at which this BFD session is
+ willing to transmit BFD control messages. The actual rate may be
+ slower if the remote endpoint isn't willing to receive as quickly as
+ specified. Defaults to <code>100</code>.
+ </column>
+
+ <column name="bfd" key="cpath_down" type='{"type": "boolean"}'>
+ Concatenated path down may be used when the local system should not
+ have traffic forwarded to it for some reason other than a connectivty
+ failure on the interface being monitored. When a controller thinks
+ this may be the case, it may set <code>cpath_down</code> to
+ <code>true</code> which may cause the remote BFD session not to
+ forward traffic to this <ref table="Interface"/>. Defaults to
+ <code>false</code>.
+ </column>
+
+ <column name="bfd_status" key="state"
+ type='{"type": "string",
+ "enum": ["set", ["admin_down", "down", "init", "up"]]}'>
+ State of the BFD session. The BFD session is fully healthy and
+ negotiated if <code>UP</code>.
+ </column>
+
+ <column name="bfd_status" key="forwarding" type='{"type": "boolean"}'>
+ True if the BFD session believes this <ref table="Interface"/> may be
+ used to forward traffic. Typically this means the local session is
+ signaling <code>UP</code>, and the remote system isn't signaling a
+ problem such as concatenated path down.
+ </column>
+
+ <column name="bfd_status" key="diagnostic">
+ A short message indicating what the BFD session thinks is wrong in
+ case of a problem.
+ </column>
+
+ <column name="bfd_status" key="remote_state"
+ type='{"type": "string",
+ "enum": ["set", ["admin_down", "down", "init", "up"]]}'>
+ State of the remote endpoint's BFD session.
+ </column>
+
+ <column name="bfd_status" key="remote_diagnostic">
+ A short message indicating what the remote endpoint's BFD session
+ thinks is wrong in case of a problem.
+ </column>
+ </group>
+
<group title="Connectivity Fault Management">
<p>
802.1ag Connectivity Fault Management (CFM) allows a group of