X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=vswitchd%2Fvswitch.xml;h=52924ee71304b71b751ab7a8ac967e3205a4eff8;hb=5ea1eab089607de8f87189fe4463364e26576070;hp=e3ea29182e471d97cfe85c013d991ecb7e7ebdfc;hpb=40358701d5d7c8994b36260ed539a4d9c6d20cfe;p=sliver-openvswitch.git

diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index e3ea29182..52924ee71 100644
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -117,6 +117,62 @@
             to <code>false</code> (or remove it entirely from the database).
           </li>
         </ol>
+        <p>
+          The <code>ovs-ctl</code>'s ``restart'' and ``force-reload-kmod''
+          functions use the above config option during hot upgrades.
+        </p>
+      </column>
+
+      <column name="other_config" key="flow-eviction-threshold"
+              type='{"type": "integer", "minInteger": 0}'>
+        <p>
+          A number of flows as a nonnegative integer.  This sets number of
+          flows at which eviction from the datapath flow table will be
+          triggered.  If there are a large number of flows then increasing this
+          value to around the number of flows present can result in reduced CPU
+          usage and packet loss.
+        </p>
+        <p>
+          The default is 2500.  Values below 100 will be rounded up to 100.
+        </p>
+      </column>
+
+      <column name="other_config" key="force-miss-model">
+        <p>
+          Specifies userspace behaviour for handling flow misses. This takes
+          precedence over flow-eviction-threshold.
+        </p>
+        <p>
+          <dl>
+            <dt><code>auto</code></dt>
+            <dd>Handle automatically based on the flow-eviction-threshold and
+            the flow setup governer (default, recommended).</dd>
+            <dt><code>with-facets</code></dt>
+            <dd>Always create facets. Expensive kernel flow creation and
+            statistics tracking is always performed, even on flows with only
+            a small number of packets.</dd>
+            <dt><code>without-facets</code></dt>
+            <dd>Always handle without facets. Forces flow misses to be handled
+            in userspace. May cause an increase in CPU usage and packet loss
+            on high throughput.</dd>
+          </dl>
+        </p>
+      </column>
+
+      <column name="other_config" key="n-handler-threads"
+              type='{"type": "integer", "minInteger": 1}'>
+        <p>
+          Specifies the number of threads for software datapaths to use for
+          handling new flows.  The default is two less than the number of
+          online CPU cores (but at least 1).
+        </p>
+        <p>
+          This configuration is per datapath.  If you have more than one
+          software datapath (e.g. some <code>system</code> bridges and some
+          <code>netdev</code> bridges), then the total number of threads is
+          <code>n-handler-threads</code> times the number of software
+          datapaths.
+        </p>
       </column>
     </group>
 
@@ -594,20 +650,6 @@
         datapath ID.
       </column>
 
-      <column name="other_config" key="flow-eviction-threshold"
-              type='{"type": "integer", "minInteger": 0}'>
-        <p>
-          A number of flows as a nonnegative integer.  This sets number of
-          flows at which eviction from the kernel flow table will be triggered.
-          If there are a large number of flows then increasing this value to
-          around the number of flows present can result in reduced CPU usage
-          and packet loss.
-        </p>
-        <p>
-          The default is 1000.  Values below 100 will be rounded up to 100.
-        </p>
-      </column>
-
       <column name="other_config" key="forward-bpdu"
               type='{"type": "boolean"}'>
         Option to allow forwarding of BPDU frames when NORMAL action is
@@ -1182,6 +1224,12 @@
         on a host.
       </column>
 
+      <column name="ifindex">
+        A positive interface index as defined for SNMP MIB-II in RFCs 1213 and
+        2863, if the interface has one, otherwise 0.  The ifindex is useful for
+        seamless integration with protocols such as SNMP and sFlow.
+      </column>
+
       <column name="mac_in_use">
         The MAC address in use by this interface.
       </column>
@@ -1293,8 +1341,6 @@
 	      An Ethernet tunnel over the experimental, UDP-based VXLAN
 	      protocol described at
 	      <code>http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-03</code>.
-	      VXLAN is currently supported only with the Linux kernel datapath
-	      with kernel version 2.6.26 or later.
 	    </p>
 	    <p>
 	      Open vSwitch uses UDP destination port 4789.  The source port used for
@@ -1306,8 +1352,7 @@
           <dt><code>lisp</code></dt>
           <dd>
             A layer 3 tunnel over the experimental, UDP-based Locator/ID
-            Separation Protocol (RFC 6830). LISP is currently supported only
-            with the Linux kernel datapath with kernel version 2.6.26 or later.
+            Separation Protocol (RFC 6830).
           </dd>
 
           <dt><code>patch</code></dt>
@@ -1798,95 +1843,137 @@
     </group>
 
     <group title="Bidirectional Forwarding Detection (BFD)">
-        <p>
-            BFD, defined in RFC 5880 and RFC 5881, allows point to point
-            detection of connectivity failures by occasional transmission of
-            BFD control messages.  It is implemented in Open vSwitch to serve
-            as a more popular and standards compliant alternative to CFM.
-        </p>
-
-        <p>
-            BFD operates by regularly transmitting BFD control messages at a
-            rate negotiated independently in each direction.  Each endpoint
-            specifies the rate at which it expects to receive control messages,
-            and the rate at which it's willing to transmit them.  Open vSwitch
-            uses a detection multiplier of three, meaning that an endpoint
-            which fails to receive BFD control messages for a period of three
-            times the expected reception rate, will signal a connectivity
-            fault.  In the case of a unidirectional connectivity issue, the
-            system not receiving BFD control messages will signal the problem
-            to its peer in the messages is transmists.
-        </p>
-
-        <p>
-            The Open vSwitch implementation of BFD aims to comply faithfully
-            with the requirements put forth in RFC 5880.  Currently, the only
-            known omission is ``Demand Mode'', which we hope to include in
-            future.  Open vSwitch does not implement the optional
-            Authentication or ``Echo Mode'' features.
-        </p>
-
-      <column name="bfd" key="enable">
-          When <code>true</code> BFD is enabled on this
-          <ref table="Interface"/>, otherwise it's disabled.  Defaults to
-          <code>false</code>.
-      </column>
-
-      <column name="bfd" key="min_rx"
-          type='{"type": "integer", "minInteger": 1}'>
-          The fastest rate, in milliseconds, at which this BFD session is
-          willing to receive BFD control messages.  The actual rate may be
-          slower if the remote endpoint isn't willing to transmit as quickly as
-          specified.  Defaults to <code>1000</code>.
-      </column>
-
-      <column name="bfd" key="min_tx"
-          type='{"type": "integer", "minInteger": 1}'>
-          The fastest rate, in milliseconds, at which this BFD session is
-          willing to transmit BFD control messages.  The actual rate may be
-          slower if the remote endpoint isn't willing to receive as quickly as
-          specified.  Defaults to <code>100</code>.
-      </column>
-
-      <column name="bfd" key="cpath_down" type='{"type": "boolean"}'>
-          Concatenated path down may be used when the local system should not
-          have traffic forwarded to it for some reason other than a connectivty
-          failure on the interface being monitored.  When a controller thinks
-          this may be the case, it may set <code>cpath_down</code> to
-          <code>true</code> which may cause the remote BFD session not to
-          forward traffic to this <ref table="Interface"/>. Defaults to
-          <code>false</code>.
-      </column>
-
-      <column name="bfd_status" key="state"
-          type='{"type": "string",
-          "enum": ["set", ["admin_down", "down", "init", "up"]]}'>
-          State of the BFD session.  The BFD session is fully healthy and
-          negotiated if <code>UP</code>.
-      </column>
+      <p>
+	BFD, defined in RFC 5880 and RFC 5881, allows point-to-point
+	detection of connectivity failures by occasional transmission of
+	BFD control messages.  Open vSwitch implements BFD to serve
+	as a more popular and standards compliant alternative to CFM.
+      </p>
 
-      <column name="bfd_status" key="forwarding" type='{"type": "boolean"}'>
-          True if the BFD session believes this <ref table="Interface"/> may be
-          used to forward traffic.  Typically this means the local session is
-          signaling <code>UP</code>, and the remote system isn't signaling a
-          problem such as concatenated path down.
-      </column>
+      <p>
+	BFD operates by regularly transmitting BFD control messages at a rate
+	negotiated independently in each direction.  Each endpoint specifies
+	the rate at which it expects to receive control messages, and the rate
+	at which it is willing to transmit them.  Open vSwitch uses a detection
+	multiplier of three, meaning that an endpoint signals a connectivity
+	fault if three consecutive BFD control messages fail to arrive.  In the
+	case of a unidirectional connectivity issue, the system not receiving
+	BFD control messages signals the problem to its peer in the messages it
+	transmits.
+      </p>
 
-      <column name="bfd_status" key="diagnostic">
-          A short message indicating what the BFD session thinks is wrong in
-          case of a problem.
-      </column>
+      <p>
+	The Open vSwitch implementation of BFD aims to comply faithfully
+	with RFC 5880 requirements.  Open vSwitch does not implement the
+	optional Authentication or ``Echo Mode'' features.
+      </p>
 
-      <column name="bfd_status" key="remote_state"
-          type='{"type": "string",
-          "enum": ["set", ["admin_down", "down", "init", "up"]]}'>
-          State of the remote endpoint's BFD session.
-      </column>
+      <group title="BFD Configuration">
+	<p>
+	  A controller sets up key-value pairs in the <ref column="bfd"/>
+	  column to enable and configure BFD.
+	</p>
+
+	<column name="bfd" key="enable" type='{"type": "boolean"}'>
+          True to enable BFD on this <ref table="Interface"/>.
+	</column>
+
+	<column name="bfd" key="min_rx"
+		type='{"type": "integer", "minInteger": 1}'>
+          The shortest interval, in milliseconds, at which this BFD session
+          offers to receive BFD control messages.  The remote endpoint may
+          choose to send messages at a slower rate.  Defaults to
+          <code>1000</code>.
+	</column>
+
+	<column name="bfd" key="min_tx"
+		type='{"type": "integer", "minInteger": 1}'>
+          The shortest interval, in milliseconds, at which this BFD session is
+          willing to transmit BFD control messages.  Messages will actually be
+          transmitted at a slower rate if the remote endpoint is not willing to
+          receive as quickly as specified.  Defaults to <code>100</code>.
+	</column>
+
+	<column name="bfd" key="decay_min_rx" type='{"type": "integer"}'>
+	  An alternate receive interval, in milliseconds, that must be greater
+	  than or equal to <ref column="bfd" key="min_rx"/>.  The
+	  implementation switches from <ref column="bfd" key="min_rx"/> to <ref
+	  column="bfd" key="decay_min_rx"/> when there is no obvious incoming
+	  data traffic at the interface, to reduce the CPU and bandwidth cost
+	  of monitoring an idle interface.  This feature may be disabled by
+	  setting a value of 0.  This feature is reset whenever <ref
+	  column="bfd" key="decay_min_rx"/> or <ref column="bfd" key="min_rx"/>
+	  changes.
+	</column>
+
+	<column name="bfd" key="forwarding_if_rx" type='{"type": "boolean"}'>
+          True to consider the interface capable of packet I/O as long as it
+          continues to receive any packets (not just BFD packets).  This
+          prevents link congestion that causes consecutive BFD control packets
+          to be lost from marking the interface down.
+	</column>
+
+	<column name="bfd" key="cpath_down" type='{"type": "boolean"}'>
+	  Set to true to notify the remote endpoint that traffic should not be
+	  forwarded to this system for some reason other than a connectivty
+	  failure on the interface being monitored.  The typical underlying
+	  reason is ``concatenated path down,'' that is, that connectivity
+	  beyond the local system is down.  Defaults to false.
+	</column>
+
+	<column name="bfd" key="check_tnl_key" type='{"type": "boolean"}'>
+          Set to true to make BFD accept only control messages with a tunnel
+          key of zero.  By default, BFD accepts control messages with any
+          tunnel key.
+	</column>
+
+	<column name="bfd" key="bfd_dst_mac">
+	  Set to an Ethernet address in the form
+	  <var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>
+	  to set the MAC used as destination for transmitted BFD packets and
+	  expected as destination for received BFD packets.  The default is
+	  <code>00:23:20:00:00:01</code>.
+	</column>
+      </group>
 
-      <column name="bfd_status" key="remote_diagnostic">
-          A short message indicating what the remote endpoint's BFD session
-          thinks is wrong in case of a problem.
-      </column>
+      <group title="BFD Status">
+	<p>
+	  The switch sets key-value pairs in the <ref column="bfd_status"/>
+	  column to report the status of BFD on this interface.  When BFD is
+	  not enabled, with <ref column="bfd" key="enable"/>, the switch clears
+	  all key-value pairs from <ref column="bfd_status"/>.
+	</p>
+
+	<column name="bfd_status" key="state"
+		type='{"type": "string",
+		      "enum": ["set", ["admin_down", "down", "init", "up"]]}'>
+	  Reports the state of the BFD session.  The BFD session is fully
+	  healthy and negotiated if <code>UP</code>.
+	</column>
+
+	<column name="bfd_status" key="forwarding" type='{"type": "boolean"}'>
+	  Reports whether the BFD session believes this <ref
+	  table="Interface"/> may be used to forward traffic.  Typically this
+	  means the local session is signaling <code>UP</code>, and the remote
+	  system isn't signaling a problem such as concatenated path down.
+	</column>
+
+	<column name="bfd_status" key="diagnostic">
+	  In case of a problem, set to a short message that reports what the
+	  local BFD session thinks is wrong.
+	</column>
+
+	<column name="bfd_status" key="remote_state"
+		type='{"type": "string",
+		      "enum": ["set", ["admin_down", "down", "init", "up"]]}'>
+	  Reports the state of the remote endpoint's BFD session.
+	</column>
+
+	<column name="bfd_status" key="remote_diagnostic">
+	  In case of a problem, set to a short message that reports what the
+	  remote endpoint's BFD session thinks is wrong.
+	</column>
+      </group>
     </group>
 
     <group title="Connectivity Fault Management">
@@ -1922,6 +2009,11 @@
         CFM on this <ref table="Interface"/>.
       </column>
 
+      <column name="cfm_flap_count">
+        Counts the number of cfm fault flapps since boot.  A flap is
+        considered to be a change of the <ref column="cfm_fault"/> value.
+      </column>
+
       <column name="cfm_fault">
         <p>
           Indicates a connectivity fault triggered by an inability to receive
@@ -2064,8 +2156,9 @@
           <ul>
             <li>
               To ensure that ovs-vswitchd has enough time to pull statistics
-              from the datapath, the minimum
-              <ref column="other_config" key="cfm_interval"/> is 500ms.
+              from the datapath, the fault detection interval is set to
+              3.5 * MAX(<ref column="other_config" key="cfm_interval"/>, 500)
+              ms.
             </li>
 
             <li>
@@ -2737,18 +2830,27 @@
         <dl>
           <dt><code>ssl:<var>ip</var></code>[<code>:<var>port</var></code>]</dt>
           <dd>
-            <p>The specified SSL <var>port</var> (default: 6633) on the host at
-            the given <var>ip</var>, which must be expressed as an IP address
-            (not a DNS name).  The <ref table="Open_vSwitch" column="ssl"/>
-            column in the <ref table="Open_vSwitch"/> table must point to a
-            valid SSL configuration when this form is used.</p>
+            <p>The specified SSL <var>port</var> on the host at the
+            given <var>ip</var>, which must be expressed as an IP
+            address (not a DNS name).  The <ref table="Open_vSwitch"
+            column="ssl"/> column in the <ref table="Open_vSwitch"/>
+            table must point to a valid SSL configuration when this form
+            is used.</p>
+            <p>If <var>port</var> is not specified, it currently
+            defaults to 6633.  In the future, the default will change to
+            6653, which is the IANA-defined value.</p>
             <p>SSL support is an optional feature that is not always built as
             part of Open vSwitch.</p>
           </dd>
           <dt><code>tcp:<var>ip</var></code>[<code>:<var>port</var></code>]</dt>
-          <dd>The specified TCP <var>port</var> (default: 6633) on the host at
-          the given <var>ip</var>, which must be expressed as an IP address
-          (not a DNS name).</dd>
+          <dd>
+            <p>The specified TCP <var>port</var> on the host at the
+            given <var>ip</var>, which must be expressed as an IP
+            address (not a DNS name).</p>
+            <p>If <var>port</var> is not specified, it currently
+            defaults to 6633.  In the future, the default will change to
+            6653, which is the IANA-defined value.</p>
+          </dd>
         </dl>
         <p>
           The following connection methods are currently supported for service
@@ -2757,26 +2859,29 @@
         <dl>
           <dt><code>pssl:</code>[<var>port</var>][<code>:<var>ip</var></code>]</dt>
           <dd>
-            <p>
-              Listens for SSL connections on the specified TCP <var>port</var>
-              (default: 6633).  If <var>ip</var>, which must be expressed as an
-              IP address (not a DNS name), is specified, then connections are
-              restricted to the specified local IP address.
-            </p>
-            <p>
-              The <ref table="Open_vSwitch" column="ssl"/> column in the <ref
-              table="Open_vSwitch"/> table must point to a valid SSL
-              configuration when this form is used.
-            </p>
+            <p> Listens for SSL connections on the specified TCP
+            <var>port</var>.  If <var>ip</var>, which must be expressed
+            as an IP address (not a DNS name), is specified, then
+            connections are restricted to the specified local IP
+            address.  The <ref table="Open_vSwitch" column="ssl"/>
+            column in the <ref table="Open_vSwitch"/> table must point
+            to a valid SSL configuration when this form is used.</p>
+            <p>If <var>port</var> is not specified, it currently
+            defaults to 6633.  In the future, the default will change to
+            6653, which is the IANA-defined value.</p>
             <p>SSL support is an optional feature that is not always built as
             part of Open vSwitch.</p>
           </dd>
           <dt><code>ptcp:</code>[<var>port</var>][<code>:<var>ip</var></code>]</dt>
           <dd>
-            Listens for connections on the specified TCP <var>port</var>
-            (default: 6633).  If <var>ip</var>, which must be expressed as an
-            IP address (not a DNS name), is specified, then connections are
-            restricted to the specified local IP address.
+            <p>Listens for connections on the specified TCP
+            <var>port</var>.  If <var>ip</var>, which must be expressed
+            as an IP address (not a DNS name), is specified, then
+            connections are restricted to the specified local IP
+            address.</p>
+            <p>If <var>port</var> is not specified, it currently
+            defaults to 6633.  In the future, the default will change to
+            6653, which is the IANA-defined value.</p>
           </dd>
         </dl>
         <p>When multiple controllers are configured for a single bridge, the
@@ -3048,39 +3153,55 @@
           <dt><code>ssl:<var>ip</var></code>[<code>:<var>port</var></code>]</dt>
           <dd>
             <p>
-              The specified SSL <var>port</var> (default: 6632) on the host at
-              the given <var>ip</var>, which must be expressed as an IP address
-              (not a DNS name).  The <ref table="Open_vSwitch" column="ssl"/>
-              column in the <ref table="Open_vSwitch"/> table must point to a
-              valid SSL configuration when this form is used.
+              The specified SSL <var>port</var> on the host at the given
+              <var>ip</var>, which must be expressed as an IP address
+              (not a DNS name).  The <ref table="Open_vSwitch"
+              column="ssl"/> column in the <ref table="Open_vSwitch"/>
+              table must point to a valid SSL configuration when this
+              form is used.
             </p>
             <p>
-              SSL support is an optional feature that is not always built as
-              part of Open vSwitch.
+              If <var>port</var> is not specified, it currently defaults
+              to 6632.  In the future, the default will change to 6640,
+              which is the IANA-defined value.
+            </p>
+            <p>
+              SSL support is an optional feature that is not always
+              built as part of Open vSwitch.
             </p>
           </dd>
 
           <dt><code>tcp:<var>ip</var></code>[<code>:<var>port</var></code>]</dt>
           <dd>
-            The specified TCP <var>port</var> (default: 6632) on the host at
-            the given <var>ip</var>, which must be expressed as an IP address
-            (not a DNS name).
+            <p>
+              The specified TCP <var>port</var> on the host at the given
+              <var>ip</var>, which must be expressed as an IP address
+              (not a DNS name).
+            </p>
+            <p>
+              If <var>port</var> is not specified, it currently defaults
+              to 6632.  In the future, the default will change to 6640,
+              which is the IANA-defined value.
+            </p>
           </dd>
           <dt><code>pssl:</code>[<var>port</var>][<code>:<var>ip</var></code>]</dt>
           <dd>
             <p>
-              Listens for SSL connections on the specified TCP <var>port</var>
-              (default: 6632).  Specify 0 for <var>port</var> to have the
-              kernel automatically choose an available port.  If <var>ip</var>,
-              which must be expressed as an IP address (not a DNS name), is
-              specified, then connections are restricted to the specified local
-              IP address.
-            </p>
-            <p>
-              The <ref table="Open_vSwitch" column="ssl"/> column in the <ref
+              Listens for SSL connections on the specified TCP
+              <var>port</var>.  Specify 0 for <var>port</var> to have
+              the kernel automatically choose an available port.  If
+              <var>ip</var>, which must be expressed as an IP address
+              (not a DNS name), is specified, then connections are
+              restricted to the specified local IP address.  The <ref
+              table="Open_vSwitch" column="ssl"/> column in the <ref
               table="Open_vSwitch"/> table must point to a valid SSL
               configuration when this form is used.
             </p>
+            <p>
+              If <var>port</var> is not specified, it currently defaults
+              to 6632.  In the future, the default will change to 6640,
+              which is the IANA-defined value.
+            </p>
             <p>
               SSL support is an optional feature that is not always built as
               part of Open vSwitch.
@@ -3088,11 +3209,19 @@
           </dd>
           <dt><code>ptcp:</code>[<var>port</var>][<code>:<var>ip</var></code>]</dt>
           <dd>
-            Listens for connections on the specified TCP <var>port</var>
-            (default: 6632).  Specify 0 for <var>port</var> to have the kernel
-            automatically choose an available port.  If <var>ip</var>, which
-            must be expressed as an IP address (not a DNS name), is specified,
-            then connections are restricted to the specified local IP address.
+            <p>
+              Listens for connections on the specified TCP
+              <var>port</var>.  Specify 0 for <var>port</var> to have
+              the kernel automatically choose an available port.  If
+              <var>ip</var>, which must be expressed as an IP address
+              (not a DNS name), is specified, then connections are
+              restricted to the specified local IP address.
+            </p>
+            <p>
+              If <var>port</var> is not specified, it currently defaults
+              to 6632.  In the future, the default will change to 6640,
+              which is the IANA-defined value.
+            </p>
           </dd>
         </dl>
         <p>When multiple managers are configured, the <ref column="target"/>
@@ -3440,6 +3569,18 @@
       referenced from a <ref table="Flow_Sample_Collector_Set"/>.
     </column>
 
+    <column name="cache_active_timeout">
+      The maximum period in seconds for which an IPFIX flow record is
+      cached and aggregated before being sent.  If not specified,
+      defaults to 0.  If 0, caching is disabled.
+    </column>
+
+    <column name="cache_max_flows">
+      The maximum number of IPFIX flow records that can be cached at a
+      time.  If not specified, defaults to 0.  If 0, caching is
+      disabled.
+    </column>
+
     <group title="Common Columns">
       The overall purpose of these columns is described under <code>Common
       Columns</code> at the beginning of this document.