X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=INSTALL.userspace;h=296f0771c6f4cf3adaa3ab5d5fc35951c5788a61;hb=eb857b4824d2a62e1cc1b85c30a3da007d4942c9;hp=a0c6a266c3b022ecd265a8afa937d6abea8e79de;hpb=d377243b8557ae8e6c1d374d76b6ee29fd61ceb4;p=sliver-openvswitch.git diff --git a/INSTALL.userspace b/INSTALL.userspace index a0c6a266c..296f0771c 100644 --- a/INSTALL.userspace +++ b/INSTALL.userspace @@ -17,7 +17,7 @@ Building and Installing ----------------------- The requirements and procedure for building, installing, and -configuring Open vSwitch are the same as those given in INSTALL.Linux. +configuring Open vSwitch are the same as those given in INSTALL. You may omit configuring, building, and installing the kernel module, and the related requirements. @@ -31,19 +31,38 @@ The tun device must also exist as /dev/net/tun. If it does not exist, then create /dev/net (if necessary) with "mkdir /dev/net", then create /dev/net/tun with "mknod /dev/net/tun c 10 200". -Using the Userspace Datapath ----------------------------- +On FreeBSD, the userspace switch additionally requires the kernel +tap(4) driver to be available, either built into the kernel or loaded +as a module. -To use ovs-vswitchd in userspace mode, give the bridge a name that -begins with "netdev:" in the configuration file. For example: +Using the Userspace Datapath with ovs-vswitchd +---------------------------------------------- - bridge.netdev:br0.port=eth0 - bridge.netdev:br0.port=eth1 - bridge.netdev:br0.port=eth2 +To use ovs-vswitchd in userspace mode, create a bridge with datapath_type +"netdev" in the configuration database. For example: + + ovs-vsctl add-br br0 + ovs-vsctl set bridge br0 datapath_type=netdev + ovs-vsctl add-port br0 eth0 + ovs-vsctl add-port br0 eth1 + ovs-vsctl add-port br0 eth2 ovs-vswitchd will create a TAP device as the bridge's local interface, -named the same as the bridge minus the "netdev:" prefix, as well as -for each configured internal interface. +named the same as the bridge, as well as for each configured internal +interface. + +Firewall Rules +-------------- + +On Linux, when a physical interface is in use by the userspace +datapath, packets received on the interface still also pass into the +kernel TCP/IP stack. This can cause surprising and incorrect +behavior. You can use "iptables" to avoid this behavior, by using it +to drop received packets. For example, to drop packets received on +eth0: + + iptables -A INPUT -i eth0 -j DROP + iptables -A FORWARD -i eth0 -j DROP Bug Reporting -------------