<group title="Version Reporting">
<p>
- These columns report the types and versions of the hardware and
- software running Open vSwitch. We recommend in general that software
- should test whether specific features are supported instead of relying
- on version number checks. These values are primarily intended for
- reporting to human administrators.
+ These columns report the types and versions of the hardware and
+ software running Open vSwitch. We recommend in general that software
+ should test whether specific features are supported instead of relying
+ on version number checks. These values are primarily intended for
+ reporting to human administrators.
</p>
<column name="ovs_version">
- The Open vSwitch version number, e.g. <code>1.1.0pre2</code>.
- If Open vSwitch was configured with a build number, then it is
- also included, e.g. <code>1.1.0pre2+build4948</code>.
+ The Open vSwitch version number, e.g. <code>1.1.0pre2</code>.
+ If Open vSwitch was configured with a build number, then it is
+ also included, e.g. <code>1.1.0pre2+build4948</code>.
</column>
<column name="db_version">
- <p>
The database schema version number in the form
<code><var>major</var>.<var>minor</var>.<var>tweak</var></code>,
e.g. <code>1.2.3</code>. Whenever the database schema is changed in
<column name="system_type">
<p>
- An identifier for the type of system on top of which Open vSwitch
- runs, e.g. <code>XenServer</code> or <code>KVM</code>.
- </p>
- <p>
- System integrators are responsible for choosing and setting an
- appropriate value for this column.
- </p>
+ An identifier for the type of system on top of which Open vSwitch
+ runs, e.g. <code>XenServer</code> or <code>KVM</code>.
+ </p>
+ System integrators are responsible for choosing and setting an
+ appropriate value for this column.
+ </p>
</column>
<column name="system_version">
<p>
- The version of the system identified by <ref column="system_type"/>,
- e.g. <code>5.5.0-24648p</code> on XenServer 5.5.0 build 24648.
- </p>
- <p>
- System integrators are responsible for choosing and setting an
- appropriate value for this column.
- </p>
- </column>
-
+ The version of the system identified by <ref column="system_type"/>,
+ e.g. <code>5.5.0-24648p</code> on XenServer 5.5.0 build 24648.
+ </p>
+ System integrators are responsible for choosing and setting an
+ appropriate value for this column.
+ </p>
+ </column>
+
</group>
<group title="Database Configuration">
</group>
<group title="Bonding Configuration">
- <p>A port that has more than one interface is a ``bonded port.''
- Bonding allows for load balancing and fail-over. Open vSwitch
- supports ``source load balancing'' (SLB) bonding, which
- assigns flows to slaves based on source MAC address and output VLAN,
- with periodic rebalancing as traffic patterns change. This form of
- bonding does not require 802.3ad or other special support from the
- upstream switch to which the slave devices are connected.</p>
+ <p>A port that has more than one interface is a ``bonded port.'' Bonding
+ allows for load balancing and fail-over. Open vSwitch supports
+ ``source load balancing'' (SLB) and "active backup" bonding. SLB
+ bonding assigns flows to slaves based on source MAC address and output
+ VLAN, with periodic rebalancing as traffic patterns change. Active
+ backup bonding assigns all flows to one slave, failing over to a backup
+ slave when the active slave is disabled. Neither form of bonding
+ require 802.3ad or other special support from the upstream switch to
+ which the slave devices are connected.</p>
<p>These columns apply only to bonded ports. Their values are
otherwise ignored.</p>
+ <column name="bond_type">
+ <p>The type of bonding used for a bonded port. Currently supported
+ values are <code>slb</code> and <code>active-backup</code>. Defaults
+ to SLB if unset.</p>
+ </column>
+
<column name="bond_updelay">
<p>For a bonded port, the number of milliseconds for which carrier must
stay up on an interface before the interface is considered to be up.
<dd>An Ethernet address in the form
<code><var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var></code>.</dd>
<dt><code>bond-rebalance-interval</code></dt>
- <dd>For a bonded port, the number of milliseconds between
+ <dd>For an SLB bonded port, the number of milliseconds between
successive attempts to rebalance the bond, that is, to
move source MACs and their flows from one interface on
the bond to another in an attempt to keep usage of each
</dl>
</dd>
<dt><code>ipsec_gre</code></dt>
- <dd>An Ethernet over RFC 2890 Generic Routing Encapsulation over
- IPv4 IPsec tunnel. Each tunnel (including those of type
- <code>gre</code>) must be uniquely identified by the
- combination of <code>remote_ip</code> and
- <code>local_ip</code>. Note that if two ports are defined
- that are the same except one has an optional identifier and
- the other does not, the more specific one is matched first.
- The following options may be specified in the
- <ref column="options"/> column:
+ <dd>An Ethernet over RFC 2890 Generic Routing Encapsulation
+ over IPv4 IPsec tunnel. Each tunnel (including those of type
+ <code>gre</code>) must be uniquely identified by the
+ combination of <code>remote_ip</code> and
+ <code>local_ip</code>. Note that if two ports are defined
+ that are the same except one has an optional identifier and
+ the other does not, the more specific one is matched first.
+ An authentication method of <code>peer_cert</code> or
+ <code>psk</code> must be defined. The following options may
+ be specified in the <ref column="options"/> column:
<dl>
<dt><code>remote_ip</code></dt>
<dd>Required. The tunnel endpoint.</dd>
match. Default is to match all addresses.</dd>
</dl>
<dl>
- <dt><code>ipsec_psk</code></dt>
- <dd>Required. Specifies a pre-shared key for authentication
- that must be identical on both sides of the tunnel.</dd>
+ <dt><code>peer_cert</code></dt>
+ <dd>Required for certificate authentication. A string
+ containing the peer's certificate in PEM format.
+ Additionally the host's certificate must be specified
+ with the <code>certificate</code> option.</dd>
+ </dl>
+ <dl>
+ <dt><code>certificate</code></dt>
+ <dd>Required for certificate authentication. The name of a
+ PEM file containing a certificate that will be presented
+ to the peer during authentication.</dd>
+ </dl>
+ <dl>
+ <dt><code>private_key</code></dt>
+ <dd>Optional for certificate authentication. The name of
+ a PEM file containing the private key associated with
+ <code>certificate</code>. If <code>certificate</code>
+ contains the private key, this option may be omitted.</dd>
+ </dl>
+ <dl>
+ <dt><code>psk</code></dt>
+ <dd>Required for pre-shared key authentication. Specifies a
+ pre-shared key for authentication that must be identical on
+ both sides of the tunnel.</dd>
</dl>
<dl>
<dt><code>in_key</code></dt>
Key-value pairs that report port status. Supported status
values are <code>type</code>-dependent.
</p>
- <p>The only currently defined key-value pair is:</p>
+ <p>The currently defined key-value pairs are:</p>
<dl>
<dt><code>source_ip</code></dt>
<dd>The source IP address used for an IPv4 tunnel end-point,
such as <code>gre</code> or <code>capwap</code>. Not
supported by all implementations.</dd>
</dl>
+ <dl>
+ <dt><code>tunnel_egress_iface</code></dt>
+ <dd>Egress interface for tunnels. Currently only relevant for GRE
+ and CAPWAP tunnels. On Linux systems, this column will show
+ the name of the interface which is responsible for routing
+ traffic destined for the configured <code>remote_ip</code>.
+ This could be an internal interface such as a bridge port.</dd>
+ </dl>
</column>
</group>
git://git.onelab.eu / sliver-openvswitch.git / blobdiff