X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=vswitchd%2Fvswitch.xml;h=47b13d2194b9e7923048b4723064b02de72d58bb;hb=90967e953f5019299b5b5e2d70f440d82c32e2f1;hp=0cd9b30cb7c60be65db3bef9ec07377c8fced151;hpb=749ae9504293dbb695dd67402acbd47acbcbeb83;p=sliver-openvswitch.git
diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index 0cd9b30cb..47b13d219 100644
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -340,7 +340,11 @@
+ The maximum number of MAC addresses to learn. The default is
+ currently 2048. The value, if specified, is forced into a reasonable
+ range, currently 10 to 1,000,000.
+ A port that has more than one interface is a ``bonded port.'' Bonding
- allows for load balancing and fail-over. Some kinds of bonding will
- work with any kind of upstream switch:switch3 in room 3120
.
+ true
, disable in-band control on the bridge
@@ -453,6 +463,12 @@
QoS configured, or if the port does not have a queue with the specified
ID, the default queue is used instead.
OpenFlow10
will be used if this column is empty.
+ true
to enable.
+
+ The following destination MAC addresss will not be forwarded when this
+ option is enabled.
+
+
01:80:c2:00:00:00
01:80:c2:00:00:01
01:80:c2:00:00:0x
00:e0:2b:00:00:00
00:e0:2b:00:00:04
and 00:e0:2b:00:00:06
+ 01:00:0c:cc:cc:cc
01:00:0c:cc:cc:cd
01:00:0c:cd:cd:cd
01:00:0c:00:00:00
01:00:0c:cc:cc:cx
+ The following types of bonding will work with any kind of upstream + switch. On the upstream switch, do not configure the interfaces as a + bond: +
balance-slb
active-backup
stable
Attempts to always assign a given flow to the same slave
- consistently. In an effort to maintain stability, no load
- balancing is done. Uses a similar hashing strategy to
- balance-tcp
, always taking into account L3 and L4
- fields even if LACP negotiations are unsuccessful.
Slave selection decisions are made based on if set. Otherwise,
- OpenFlow port number is used. Decisions are consistent across all
- ovs-vswitchd
instances with equivalent
-
- values.
These columns apply only to bonded ports. Their values are
@@ -850,7 +906,7 @@
- The number of milliseconds for which carrier must stay up on an
+ The number of milliseconds for which the link must stay up on an
interface before the interface is considered to be up. Specify
These settings control behavior when a bond is in
- Ethernet address to set for this interface. If unset then the
default MAC address is used:0
to enable the interface immediately.
0
to disable the interface immediately.
balance-slb
mode, regardless of whether the bond was
- intentionally configured in SLB mode or it fell back to SLB mode
- because LACP negotiation failed.
+ balance-slb
or balance-tcp
mode.
When is not set, Open vSwitch picks + an appropriate value for this column and then tries to keep the value + constant across restarts.
+ + +Requested OpenFlow port number for this interface. The port + number must be between 1 and 65279, inclusive. Some datapaths + cannot satisfy all requests for particular port numbers. When + this column is empty or the request cannot be fulfilled, the + system will choose a free port. The + column reports the assigned OpenFlow port number.
+The port number must be requested in the same transaction + that creates the port.
gre
ipsec_gre
capwap
gre64
ipsec_gre64
vxlan
+ An Ethernet tunnel over the experimental, UDP-based VXLAN
+ protocol described at
+ http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-03
.
+ VXLAN is currently supported only with the Linux kernel datapath
+ with kernel version 2.6.26 or later.
+
+ Open vSwitch uses UDP destination port 4789. The source port used for + VXLAN traffic varies on a per-flow basis and is in the ephemeral port + range. +
+lisp
null
These options apply to interfaces with of
- gre
, ipsec_gre
, and capwap
.
+ gre
, ipsec_gre
, gre64
,
+ ipsec_gre64
, vxlan
, and lisp
.
@@ -1193,22 +1294,67 @@
- Required. The tunnel endpoint. Unicast and multicast endpoints are - both supported. -
+Required. The remote tunnel endpoint, one of:
+ +192.168.0.123
.
+ Only unicast endpoints are supported.
+ flow
. The tunnel accepts packets from any
+ remote tunnel endpoint. To process only packets from a specific
+ remote tunnel endpoint, the flow entries may match on the
+ tun_src
field. When sending packets to a
+ remote_ip=flow
tunnel, the flow actions must
+ explicitly set the tun_dst
field to the IP address of
+ the desired remote tunnel endpoint, e.g. with a
+ set_field
action.
+
- When a multicast endpoint is specified, a routing table lookup occurs
- only when the tunnel is created. Following a routing change, delete
- and then re-create the tunnel to force a new routing table lookup.
+ The remote tunnel endpoint for any packet received from a tunnel
+ is available in the tun_src
field for matching in the
+ flow table.
+ Optional. The tunnel destination IP that received packets must + match. Default is to match all addresses. If specified, may be one + of: +
+ +192.168.12.3
.
+ flow
. The tunnel accepts packets sent to any
+ of the local IP addresses of the system running OVS. To process
+ only packets sent to a specific IP address, the flow entries may
+ match on the tun_dst
field. When sending packets to a
+ local_ip=flow
tunnel, the flow actions may
+ explicitly set the tun_src
field to the desired IP
+ address, e.g. with a set_field
action. However, while
+ routing the tunneled packet out, the local system may override the
+ specified address with the local IP address configured for the
+ outgoing system interface.
+
+
+ This option is valid only for tunnels also configured with the
+ remote_ip=flow
option.
+
+ The tunnel destination IP address for any packet received from a
+ tunnel is available in the tun_dst
field for matching in
+ the flow table.
+
flow
. The tunnel accepts packets with any
@@ -1247,8 +1394,9 @@
key="out_key"/> at all.
flow
. Packets sent through the tunnel will
@@ -1281,48 +1429,13 @@
system default, typically 64). Default is the system default TTL.
true
to
- enable.
- df_inherit
option is not set, or if
- the encapsulated packet is not IP. Default is enabled; set to
- false
to disable.
- false
to disable.
+ Optional. If enabled, the Don't Fragment bit will be set on tunnel
+ outer headers to allow path MTU discovery. Default is enabled; set
+ to false
to disable.
- Only gre
interfaces support these options.
-
iptables
) and it may be useful to disable it if these
- features are required or as a debugging measure. Default is enabled,
- set to false
to disable.
-
Only gre
and ipsec_gre
interfaces support
@@ -1482,15 +1595,15 @@
gre
or capwap
.
+ gre
.
+ BFD, defined in RFC 5880 and RFC 5881, allows point to point + detection of connectivity failures by occasional transmission of + BFD control messages. It is implemented in Open vSwitch to serve + as a more popular and standards compliant alternative to CFM. +
+ ++ BFD operates by regularly transmitting BFD control messages at a + rate negotiated independently in each direction. Each endpoint + specifies the rate at which it expects to receive control messages, + and the rate at which it's willing to transmit them. Open vSwitch + uses a detection multiplier of three, meaning that an endpoint + which fails to receive BFD control messages for a period of three + times the expected reception rate, will signal a connectivity + fault. In the case of a unidirectional connectivity issue, the + system not receiving BFD control messages will signal the problem + to its peer in the messages is transmists. +
+ ++ The Open vSwitch implementation of BFD aims to comply faithfully + with the requirements put forth in RFC 5880. Currently, the only + known omission is ``Demand Mode'', which we hope to include in + future. Open vSwitch does not implement the optional + Authentication or ``Echo Mode'' features. +
+ +true
BFD is enabled on this
+ , otherwise it's disabled. Defaults to
+ false
.
+ 1000
.
+ 100
.
+ cpath_down
to
+ true
which may cause the remote BFD session not to
+ forward traffic to this . Defaults to
+ false
.
+ UP
.
+ UP
, and the remote system isn't signaling a
+ problem such as concatenated path down.
+ 802.1ag Connectivity Fault Management (CFM) allows a group of @@ -1656,6 +1861,12 @@ faulted otherwise.
+
+ When operating over tunnels which have no in_key
, or an
+ in_key
of flow
. CFM will only accept CCMs
+ with a tunnel key of zero.
+
When in extended mode, indicates the operational state of the
+ remote endpoint as either up
or down
. See
+ .
+
false
.
+ When true
, and
+ is true, the CFM
+ module operates in demand mode. When in demand mode, traffic
+ received on the is used to indicate
+ liveness. CCMs are still transmitted and received, but if the
+ is receiving traffic, their absence does not
+ cause a connectivity fault.
+
+ Demand mode has a couple of caveats: +
down
, the CFM module marks all CCMs it generates as
@@ -1809,7 +2059,7 @@
stable
bond mode to make slave
- selection decisions. Allocating values consistently across interfaces
- participating in a bond will guarantee consistent slave selection
- decisions across ovs-vswitchd
instances when using
- stable
bonding mode.
- active
means that
this is the active
instance within a single hypervisor, not in a broader scope.
+ There is one exception: some hypervisors support ``migration'' from a
+ given hypervisor to itself (most often for test purposes). During
+ such a ``migration,'' two instances of a single might both be briefly marked
+ active
on a single hypervisor.
The eviction process only considers flows that have an idle timeout or a hard timeout. That is, eviction never deletes permanent flows. - (Permanent flows do count against . + (Permanent flows do count against .)
@@ -2315,36 +2560,12 @@ sent out an implicit VLAN port, the frame will not be tagged. This type of mirroring is sometimes called RSPAN.
- The following destination MAC addresses will not be mirrored to a - VLAN to avoid confusing switches that interpret the protocols that - they represent: + See the documentation for + in the + table for a list of destination MAC + addresses which will not be mirrored to a VLAN to avoid confusing + switches that interpret the protocols that they represent.
-01:80:c2:00:00:00
01:80:c2:00:00:01
01:80:c2:00:00:0x
01:00:0c:cc:cc:cc
01:00:0c:cc:cc:cd
01:00:0c:cd:cd:cd
01:00:0c:00:00:00
Please note: Mirroring to a VLAN can disrupt a network that contains unmanaged switches. Consider an unmanaged physical switch with two ports: port 1, connected to an end host, and port 2, @@ -2735,10 +2956,9 @@ Service (QoS) on IP networks. The DSCP value specified here is used when establishing the connection - between the controller and the Open vSwitch. The connection must be - reset for the new DSCP values to take effect. If no value is - specified, a default value of 48 is chosen. Valid DSCP values must be - in the range 0 to 63. + between the controller and the Open vSwitch. If no value is specified, + a default value of 48 is chosen. Valid DSCP values must be in the + range 0 to 63.
Listens for SSL connections on the specified TCP port - (default: 6632). If ip, which must be expressed as an - IP address (not a DNS name), is specified, then connections are - restricted to the specified local IP address. + (default: 6632). Specify 0 for port to have the + kernel automatically choose an available port. If ip, + which must be expressed as an IP address (not a DNS name), is + specified, then connections are restricted to the specified local + IP address.
The column in the When multiple managers are configured, the
@@ -2966,6 +3189,14 @@
chosen connection.
ptcp:
[port][:ip
]
ptcp:
or
+ pssl:
, this is the TCP port on which the OVSDB server is
+ listening. (This is is particularly useful when specifies a port of 0, allowing the kernel to
+ choose any available port.)
+