From a9b4a41ae4608eec6c700b3c50e450c07581d4a8 Mon Sep 17 00:00:00 2001 From: Ben Pfaff Date: Wed, 24 Feb 2010 13:42:43 -0800 Subject: [PATCH] Fix excessive white space in manpages. In nroff manpages, a blank line adds vertical white space. When this is followed by another command that also starts a new paragraph, the result is a vertical skip twice as big as the normal inter-paragraph gap. The solution is to use a line that contains just "." for white space within the manpage, instead of a blank line. The resulting manpages look better. --- lib/common.man | 2 +- lib/daemon.man | 10 +- lib/dpif.man | 3 +- lib/ssl.man | 4 +- lib/vconn-active.man | 4 +- lib/vconn-passive.man | 6 +- lib/vlog.man | 16 +-- utilities/ovs-appctl.8.in | 57 +++++----- utilities/ovs-controller.8.in | 38 +++---- utilities/ovs-dpctl.8.in | 70 ++++++------ utilities/ovs-ofctl.8.in | 205 +++++++++++++++++----------------- utilities/ovs-openflowd.8.in | 139 ++++++++++++----------- 12 files changed, 274 insertions(+), 280 deletions(-) diff --git a/lib/common.man b/lib/common.man index 84e81c2ce..ad165d7c1 100644 --- a/lib/common.man +++ b/lib/common.man @@ -1,7 +1,7 @@ .TP \fB-h\fR, \fB--help\fR Prints a brief help message to the console. - +. .TP \fB-V\fR, \fB--version\fR Prints version information to the console. diff --git a/lib/daemon.man b/lib/daemon.man index c23937747..046f9eadb 100644 --- a/lib/daemon.man +++ b/lib/daemon.man @@ -4,21 +4,21 @@ Causes a file (by default, \fB\*(PN.pid\fR) to be created indicating the PID of the running process. If \fIpidfile\fR is not specified, or if it does not begin with \fB/\fR, then it is created in \fB@RUNDIR@\fR. - +. .TP \fB--overwrite-pidfile\fR By default, when \fB--pidfile\fR is specified and the specified pidfile already exists and is locked by a running process, \fB\*(PN\fR refuses to start. Specify \fB--overwrite-pidfile\fR to cause it to instead overwrite the pidfile. - +.IP When \fB--pidfile\fR is not specified, this option has no effect. - +. .TP \fB--detach\fR Causes \fB\*(PN\fR to detach itself from the foreground session and run as a background process. - +. .TP \fB--monitor\fR Creates an additional process to monitor the \fB\*(PN\fR daemon. If @@ -29,7 +29,7 @@ monitor process exits. .IP This option is normally used with \fB--detach\fR, but it also functions without it. - +. .TP \fB--no-chdir\fR By default, when \fB--detach\fR is specified, \fB\*(PN\fR diff --git a/lib/dpif.man b/lib/dpif.man index 63e172fca..775ec585f 100644 --- a/lib/dpif.man +++ b/lib/dpif.man @@ -4,10 +4,11 @@ Datapath number \fIN\fR, where \fIN\fR is a number between 0 and 255, inclusive. If \fItype\fR is given, it specifies the datapath provider of \fBdp\fIN\fR, otherwise the default provider \fBsystem\fR is assumed. - +. .TP [\fItype\fB@\fR]\fIname\fR The name of the network device associated with the datapath's local port. (\fB\*(PN\fR internally converts this into a datapath number, as above.) If \fItype\fR is given, it specifies the datapath provider of \fIname\fR, otherwise the default provider \fBsystem\fR is assumed. +.RE diff --git a/lib/ssl.man b/lib/ssl.man index 8e530f45d..29e3db04f 100644 --- a/lib/ssl.man +++ b/lib/ssl.man @@ -3,14 +3,14 @@ .IQ "\fB\-\-private\-key=\fIprivkey.pem\fR" Specifies a PEM file containing the private key used as \fB\*(PN\fR's identity for outgoing SSL connections. - +. .IP "\fB\-c\fR \fIcert.pem\fR" .IQ "\fB\-\-certificate=\fIcert.pem\fR" Specifies a PEM file containing a certificate that certifies the private key specified on \fB\-p\fR or \fB\-\-private\-key\fR to be trustworthy. The certificate must be signed by the certificate authority (CA) that the peer in SSL connections will use to verify it. - +. .IP "\fB\-C\fR \fIswitch\-cacert.pem\fR" .IQ "\fB\-\-ca\-cert=\fIswitch\-cacert.pem\fR" Specifies a PEM file containing the CA certificate that \fB\*(PN\fR diff --git a/lib/vconn-active.man b/lib/vconn-active.man index ef86f739b..be96ca813 100644 --- a/lib/vconn-active.man +++ b/lib/vconn-active.man @@ -3,11 +3,11 @@ The specified SSL \fIport\fR (default: 6633) on the host at the given \fIip\fR, which must be expressed as an IP address (not a DNS name). The \fB\-\-private\-key\fR, \fB\-\-certificate\fR, and \fB\-\-ca\-cert\fR options are mandatory when this form is used. - +. .IP "\fBtcp:\fIip\fR[\fB:\fIport\fR]" The specified TCP \fIport\fR (default: 6633) on the host at the given \fIip\fR, which must be expressed as an IP address (not a DNS name). - +. .TP \fBunix:\fIfile\fR The Unix domain server socket named \fIfile\fR. diff --git a/lib/vconn-passive.man b/lib/vconn-passive.man index 4b7f4923b..80e70845a 100644 --- a/lib/vconn-passive.man +++ b/lib/vconn-passive.man @@ -5,13 +5,13 @@ The \fB\-\-private\-key\fR, \fB\-\-certificate\fR, and default, \fB\*(PN\fR listens for connections to any local IP address, but \fIip\fR may be specified to listen only for connections to the given \fIip\fR. - +. .IP "\fBptcp:\fR[\fIport\fR][\fB:\fIip\fR]" Listens for OpenFlow TCP connections on \fIport\fR (default: 6633). By default, \fB\*(PN\fR listens for connections to any local IP address, but \fIip\fR may be specified to listen only for connections -to the given \fIip\fR. - +to the given \fIip\Ar. +. .IP "\fBpunix:\fIfile\fR" Listens for OpenFlow connections on the Unix domain server socket named \fIfile\fR. diff --git a/lib/vlog.man b/lib/vlog.man index 882793164..ca895b15a 100644 --- a/lib/vlog.man +++ b/lib/vlog.man @@ -1,42 +1,42 @@ .TP \fB-v\fImodule\fR[\fB:\fIfacility\fR[\fB:\fIlevel\fR]], \fB--verbose=\fImodule\fR[\fB:\fIfacility\fR[\fB:\fIlevel\fR]] - +. Sets the logging level for \fImodule\fR in \fIfacility\fR to \fIlevel\fR: - +. .RS .IP \(bu \fImodule\fR may be any valid module name (as displayed by the \fB--list\fR action on \fBovs\-appctl\fR(8)), or the special name \fBANY\fR to set the logging levels for all modules. - +. .IP \(bu \fIfacility\fR may be \fBsyslog\fR, \fBconsole\fR, or \fBfile\fR to set the levels for logging to the system log, the console, or a file respectively, or \fBANY\fR to set the logging levels for both facilities. If it is omitted, \fIfacility\fR defaults to \fBANY\fR. - +.IP Regardless of the log levels set for \fBfile\fR, logging to a file will not take place unless \fB--log-file\fR is also specified (see below). - +. .IP \(bu \fIlevel\fR must be one of \fBemer\fR, \fBerr\fR, \fBwarn\fR, \fBinfo\fR, or \fBdbg\fR, designating the minimum severity of a message for it to be logged. If it is omitted, \fIlevel\fR defaults to \fBdbg\fR. .RE - +. .TP \fB-v\fR, \fB--verbose\fR Sets the maximum logging verbosity level, equivalent to \fB--verbose=ANY:ANY:dbg\fR. - +. .TP \fB-vPATTERN:\fIfacility\fB:\fIpattern\fR, \fB--verbose=PATTERN:\fIfacility\fB:\fIpattern\fR Sets the log pattern for \fIfacility\fR to \fIpattern\fR. Refer to \fBovs\-appctl\fR(8) for a description of the valid syntax for \fIpattern\fR. - +. .TP \fB--log-file\fR[\fB=\fIfile\fR] Enables logging to a file. If \fIfile\fR is specified, then it is diff --git a/utilities/ovs-appctl.8.in b/utilities/ovs-appctl.8.in index 4ad20f255..3248e2cd7 100644 --- a/utilities/ovs-appctl.8.in +++ b/utilities/ovs-appctl.8.in @@ -6,10 +6,10 @@ .. .TH ovs\-appctl 8 "November 2009" "Open vSwitch" "Open vSwitch Manual" .ds PN ovs\-appctl - +. .SH NAME ovs\-appctl \- utility for configuring running Open vSwitch daemons - +. .SH SYNOPSIS \fBovs\-appctl\fR [\fB--target=\fItarget\fR | \fB-t\fR \fItarget\fR] \fIcommand \fR[\fIarg\fR...] @@ -24,14 +24,13 @@ commands for querying and adjusting its logging settings documented under \fBLOGGING COMMANDS\fR below, and \fBovs\-vswitchd\fR in particular accepts a number of additional commands documented in \fBovs\-vswitchd\fR(8). - +.PP The \fBovs\-appctl\fR program provides a simple way to invoke these commands. The command to be sent is specified on \fBovs\-appctl\fR's command line as non-option arguments. \fBovs\-appctl\fR sends the command and prints the daemon's response on standard output. - +.PP In normal use only a single option is accepted: - .IP "\fB\-t \fItarget\fR" .IQ "\fB\-\-target=\fItarget\fR" Tells \fBovs\-appctl\fR which daemon to contact. @@ -81,90 +80,90 @@ message is logged to \fIfacility\fR, \fIpattern\fR determines the message's formatting. Most characters in \fIpattern\fR are copied literally to the log, but special escapes beginning with \fB%\fR are expanded as follows: - +. .RS .IP \fB%A\fR The name of the application logging the message, e.g. \fBovs-vswitchd\fR. - +. .IP \fB%c\fR The name of the module (as shown by \fBovs\-appctl --list\fR) logging the message. - +. .IP \fB%d\fR The current date and time in ISO 8601 format (YYYY-MM-DD HH:MM:SS). - +. .IP \fB%d{\fIformat\fB}\fR The current date and time in the specified \fIformat\fR, which takes the same format as the \fItemplate\fR argument to \fBstrftime\fR(3). - +. .IP \fB%m\fR The message being logged. - +. .IP \fB%N\fR A serial number for this message within this run of the program, as a decimal number. The first message a program logs has serial number 1, the second one has serial number 2, and so on. - +. .IP \fB%n\fR A new-line. - +. .IP \fB%p\fR The level at which the message is logged, e.g. \fBDBG\fR. - +. .IP \fB%P\fR The program's process ID (pid), as a decimal number. - +. .IP \fB%r\fR The number of milliseconds elapsed from the start of the application to the time the message was logged. - +. .IP \fB%%\fR A literal \fB%\fR. .RE - +. .IP A few options may appear between the \fB%\fR and the format specifier character, in this order: - +. .RS .IP \fB-\fR Left justify the escape's expansion within its field width. Right justification is the default. - +. .IP \fB0\fR Pad the field to the field width with \fB0\fRs. Padding with spaces is the default. - +. .IP \fIwidth\fR A number specifies the minimum field width. If the escape expands to fewer characters than \fIwidth\fR then it is padded to fill the field width. (A field wider than \fIwidth\fR is not truncated to fit.) .RE - +. .IP The default pattern for console output is \fB%d{%b %d %H:%M:%S}|%05N|%c|%p|%m\fR; for syslog output, \fB%05N|%c|%p|%m\fR. - +. .IP "\fBvlog/reopen\fR" Causes the daemon to close and reopen its log file. (This is useful after rotating log files, to cause a new log file to be used.) - +.IP This has no effect if the target application was not invoked with the \fB--log-file\fR option. - +. .SH OPTIONS - +. .so lib/common.man - +. .SH BUGS - +. The protocol used to speak to Open vSwitch daemons does not contain a quoting mechanism, so command arguments should not generally contain white space. - +. .SH "SEE ALSO" - +. \fBovs\-appctl\fR can control the following daemons: .BR ovs\-vswitchd (8), .BR ovs\-openflowd (8), diff --git a/utilities/ovs-controller.8.in b/utilities/ovs-controller.8.in index f4a388821..c71a02505 100644 --- a/utilities/ovs-controller.8.in +++ b/utilities/ovs-controller.8.in @@ -1,59 +1,59 @@ .TH ovs\-controller 8 "March 2009" "Open vSwitch" "Open vSwitch Manual" .ds PN ovs\-controller - +. .SH NAME ovs\-controller \- simple OpenFlow controller reference implementation - +. .SH SYNOPSIS .B ovs\-controller [\fIoptions\fR] \fImethod\fR \fB[\fImethod\fR]\&... - +. .SH DESCRIPTION \fBovs\-controller\fR manages any number of remote switches over OpenFlow protocol, causing them to function as L2 MAC-learning switches or hub. - +.PP \fBovs\-controller\fR controls one or more OpenFlow switches, specified as one or more of the following OpenFlow connection methods: - +. .RS .so lib/vconn-passive.man .so lib/vconn-active.man .RE - +. .SH OPTIONS .IP "\fB-n\fR, \fB--noflow\fR" By default, \fBovs\-controller\fR sets up a flow in each OpenFlow switch whenever it receives a packet whose destination is known due through MAC learning. This option disables flow setup, so that every packet in the network passes through the controller. - +.IP This option is most useful for debugging. It reduces switching performance, so it should not be used in production. - +. .TP \fB--max-idle=\fIsecs\fR|\fBpermanent\fR Sets \fIsecs\fR as the number of seconds that a flow set up by the controller will remain in the switch's flow table without any matching packets being seen. If \fBpermanent\fR is specified, which is not recommended, flows will never expire. The default is 60 seconds. - +.IP This option affects only flows set up by the OpenFlow controller. In some configurations, the switch can set up some flows on its own. To set the idle time for those flows, pass \fB--max-idle\fR to \fBovs\-openflowd\fR (on the switch). - +.IP This option has no effect when \fB-n\fR (or \fB--noflow\fR) is in use (because the controller does not set up flows in that case). - +. .IP "\fB-H\fR, \fB--hub\fR" By default, the controller acts as an L2 MAC-learning switch. This option changes its behavior to that of a hub that floods packets on all but the incoming port. - +.IP If \fB-H\fR (or \fB--hub\fR) and \fB-n\fR (or \fB--noflow\fR) are used together, then the cumulative effect is that every packet passes through the controller and every packet is flooded. - +.IP This option is most useful for debugging. It reduces switching performance, so it should not be used in production. . @@ -80,22 +80,22 @@ to it by switches. .IP This option is only for debugging the Open vSwitch implementation of ``fail open'' mode. It must not be used in production. - +. .so lib/ssl.man .so lib/ssl-peer-ca-cert.man .so lib/daemon.man .so lib/vlog.man .so lib/common.man - +. .SH EXAMPLES - +. .TP To bind locally to port 6633 (the default) and wait for incoming connections from OpenFlow switches: - +.PP .B % ovs\-controller ptcp: - +. .SH "SEE ALSO" - +. .BR ovs\-openflowd (8), .BR ovs\-appctl (8), .BR ovs\-dpctl (8) diff --git a/utilities/ovs-dpctl.8.in b/utilities/ovs-dpctl.8.in index dc4d45681..752a4473d 100644 --- a/utilities/ovs-dpctl.8.in +++ b/utilities/ovs-dpctl.8.in @@ -1,61 +1,57 @@ .TH ovs\-dpctl 8 "August 2009" "Open vSwitch" "Open vSwitch Manual" .ds PN ovs\-dpctl - +. .SH NAME ovs\-dpctl \- administer Open vSwitch datapaths - +. .SH SYNOPSIS .B ovs\-dpctl [\fIoptions\fR] \fIcommand \fR[\fIswitch\fR] [\fIargs\fR\&...] - +. .SH DESCRIPTION - +.PP The \fBovs\-dpctl\fR program can create, modify, and delete Open vSwitch datapaths. A single machine may host up to 256 datapaths (numbered 0 to 255). - +.PP A newly created datapath is associated with only one network device, a virtual network device sometimes called the datapath's ``local port''. A newly created datapath is not, however, associated with any of the host's other network devices. To intercept and process traffic on a given network device, use the \fBadd\-if\fR command to explicitly add that network device to the datapath. - +.PP Do not use \fBovs\-dpctl\fR commands to modify datapaths if \fBovs\-vswitchd\fR(8) is in use. Instead, modify the \fBovs\-vswitchd\fR configuration file and send \fBSIGHUP\fR to the \fBovs\-vswitchd\fR process. - .PP Most \fBovs\-dpctl\fR commands that work with datapaths take an argument that specifies the name of the datapath, in one of the following forms: - .so lib/dpif.man - .PP The following commands manage datapaths. - +. .TP \fBadd\-dp \fIdp\fR [\fInetdev\fR...] - Creates datapath \fIdp\fR. The name of the new datapath's local port depends on how \fIdp\fR is specified: if it takes the form \fBdp\fIN\fR, the local port will be named \fBdp\fIN\fR; otherwise, the local port's name will be \fIdp\fR. - +.IP This will fail if the host already has 256 datapaths, if a network device with the same name as the new datapath's local port already exists, or if \fIdp\fR is given in the form \fBdp\fIN\fR and a datapath numbered \fIN\fR already exists. - +.IP If \fInetdev\fRs are specified, \fBovs\-dpctl\fR adds them to the datapath. - +. .TP \fBdel\-dp \fIdp\fR Deletes datapath \fIdp\fR. If \fIdp\fR is associated with any network devices, they are automatically removed. - +. .TP \fBadd\-if \fIdp netdev\fR[\fIoption\fR...]... Adds each \fInetdev\fR to the set of network devices datapath @@ -65,52 +61,51 @@ network devices, e.g. \fBeth0\fR. Once a network device has been added to a datapath, the datapath has complete ownership of the network device's traffic and the network device appears silent to the rest of the system. - +.IP A \fInetdev\fR may be followed by a comma-separated list of options. The following options are currently supported: - +. .RS .IP "\fBinternal\fR" Instead of attaching an existing \fInetdev\fR, creates an internal port (analogous to the local port) with that name. .RE - +. .TP \fBdel\-if \fIdp netdev\fR... Removes each \fInetdev\fR from the list of network devices datapath \fIdp\fR monitors. - +. .TP \fBdump-dps\fR Prints the name of each configured datapath on a separate line. - +. .TP \fBshow \fR[\fIdp\fR...] Prints a summary of configured datapaths, including their datapath numbers and a list of ports connected to each datapath. (The local port is identified as port 0.) - +.IP If one or more datapaths are specified, information on only those datapaths are displayed. Otherwise, \fBovs\-dpctl\fR displays information about all configured datapaths. - +. .IP "\fBdump-flows \fIdp\fR" Prints to the console all flow entries in datapath \fIdp\fR's flow table. - +.IP This command is primarily useful for debugging Open vSwitch. The flow table entries that it displays are not OpenFlow flow entries. Instead, they are different and considerably simpler flows maintained by the Open vSwitch kernel module. - .IP "\fBdel-flows \fIdp\fR" Deletes all flow entries from datapath \fIdp\fR's flow table. - +.IP This command is primarily useful for debugging Open vSwitch. As discussed in \fBdump-flows\fR, these entries are not OpenFlow flow entries. By deleting them, the process that set them up may be confused about their disappearance. - +. .IP "\fBdump-groups \fIdp\fR" Prints to the console the sets of port groups maintained by datapath \fIdp\fR. Ordinarily there are at least 2 port groups in a datapath @@ -118,48 +113,47 @@ that \fBovs\-openflowd\fR or \fBovs\-vswitch\fR is controlling: group 0 contains all ports except those disabled by STP, and group 1 contains all ports. Additional or different groups might be used in the future. - +.IP This command is primarily useful for debugging Open vSwitch. OpenFlow does not have a concept of port groups. - .SH OPTIONS .TP \fB-t\fR, \fB--timeout=\fIsecs\fR Limits \fBovs\-dpctl\fR runtime to approximately \fIsecs\fR seconds. If the timeout expires, \fBovs\-dpctl\fR will exit with a \fBSIGALRM\fR signal. - +. .so lib/vlog.man .so lib/common.man - +. .SH EXAMPLES - +. A typical \fBovs\-dpctl\fR command sequence for controlling an Open vSwitch kernel module: - +. .TP \fBovs\-dpctl add\-dp dp0\fR Creates datapath number 0. - +. .TP \fBovs\-dpctl add\-if dp0 eth0 eth1\fR Adds two network devices to the new datapath. - +. .PP At this point one would ordinarily start \fBovs\-openflowd\fR(8) on \fBdp0\fR, transforming \fBdp0\fR into an OpenFlow switch. Then, when the switch and the datapath is no longer needed: - +. .TP \fBovs\-dpctl del\-if dp0 eth0 eth1\fR Removes network devices from the datapath. - +. .TP \fBovs\-dpctl del\-dp dp0\fR Deletes the datapath. - +. .SH "SEE ALSO" - +. .BR ovs\-appctl (8), .BR ovs\-openflowd (8), .BR ovs\-vswitchd (8) diff --git a/utilities/ovs-ofctl.8.in b/utilities/ovs-ofctl.8.in index 0faed9c97..29e5bc76e 100644 --- a/utilities/ovs-ofctl.8.in +++ b/utilities/ovs-ofctl.8.in @@ -1,30 +1,36 @@ +.\" -*- nroff -*- +.de IQ +. br +. ns +. IP "\\$1" +.. .TH ovs\-ofctl 8 "January 2010" "Open vSwitch" "Open vSwitch Manual" .ds PN ovs\-ofctl - +. .SH NAME ovs\-ofctl \- administer OpenFlow switches - +. .SH SYNOPSIS .B ovs\-ofctl [\fIoptions\fR] \fIcommand \fR[\fIswitch\fR] [\fIargs\fR\&...] - +. .SH DESCRIPTION The .B ovs\-ofctl program is a command line tool for monitoring and administering OpenFlow switches. It can also show the current state of an OpenFlow switch, including features, configuration, and table entries. - +. .SS "OpenFlow Switch Management Commands" - +.PP These commands allow \fBovs\-ofctl\fR to monitor and administer an OpenFlow switch. It is able to show the current state of a switch, including features, configuration, and table entries. - +.PP Most of these commands take an argument that specifies the method for connecting to an OpenFlow switch. The following connection methods are supported: - +. .RS .so lib/vconn-active.man . @@ -41,58 +47,58 @@ Attempts to look up the bridge associated with \fIdp\fR and open as above. If \fItype\fR is given, it specifies the datapath provider of \fIdp\fR, otherwise the default provider \fBsystem\fR is assumed. .RE - +. .TP \fBshow \fIswitch\fR Prints to the console information on \fIswitch\fR, including information on its flow tables and ports. - +. .TP \fBstatus \fIswitch\fR [\fIkey\fR] Prints to the console a series of key-value pairs that report the status of \fIswitch\fR. If \fIkey\fR is specified, only the key-value pairs whose key names begin with \fIkey\fR are printed. If \fIkey\fR is omitted, all key-value pairs are printed. - +. .TP \fBdump-tables \fIswitch\fR Prints to the console statistics for each of the flow tables used by \fIswitch\fR. - +. .TP \fBdump-ports \fIswitch\fR [\fInetdev\fR] Prints to the console statistics for network devices associated with \fIswitch\fR. If \fInetdev\fR is specified, only the statistics associated with that device will be printed. \fInetdev\fR can be an OpenFlow assigned port number or device name, e.g. \fBeth0\fR. - +. .TP \fBmod-port \fIswitch\fR \fInetdev\fR \fIaction\fR Modify characteristics of an interface monitored by \fIswitch\fR. \fInetdev\fR can be referred to by its OpenFlow assigned port number or the device name, e.g. \fBeth0\fR. The \fIaction\fR may be any one of the following: - +. .RS .IP \fBup\fR Enables the interface. This is equivalent to ``ifconfig up'' on a Unix system. - +. .IP \fBdown\fR Disables the interface. This is equivalent to ``ifconfig down'' on a Unix system. - +. .IP \fBflood\fR When a \fIflood\fR action is specified, traffic will be sent out this interface. This is the default posture for monitored ports. - +. .IP \fBnoflood\fR When a \fIflood\fR action is specified, traffic will not be sent out this interface. This is primarily useful to prevent loops when a spanning tree protocol is not in use. - +. .RE - +. .TP \fBdump-flows \fIswitch \fR[\fIflows\fR] Prints to the console all flow entries in \fIswitch\fR's @@ -100,7 +106,7 @@ tables that match \fIflows\fR. If \fIflows\fR is omitted, all flows in the switch are retrieved. See \fBFlow Syntax\fR, below, for the syntax of \fIflows\fR. The output format is described in \fBTable Entry Output\fR. - +. .TP \fBdump-aggregate \fIswitch \fR[\fIflows\fR] Prints to the console aggregate statistics for flows in @@ -108,26 +114,26 @@ Prints to the console aggregate statistics for flows in the statistics are aggregated across all flows in the switch's flow tables. See \fBFlow Syntax\fR, below, for the syntax of \fIflows\fR. The output format is descrbed in \fBTable Entry Output\fR. - +. .TP \fBadd-flow \fIswitch flow\fR Add the flow entry as described by \fIflow\fR to the \fIswitch\fR's tables. The flow entry is in the format described in \fBFlow Syntax\fR, below. - +. .TP \fBadd-flows \fIswitch file\fR Add flow entries as described in \fIfile\fR to \fIswitch\fR's tables. Each line in \fIfile\fR is a flow entry in the format described in \fBFlow Syntax\fR, below. - +. .TP \fBmod-flows \fIswitch flow\fR Modify the actions in entries from the \fIswitch\fR's tables that match \fIflow\fR. When invoked with the \fB--strict\fR option, wildcards are not treated as active for matching purposes. See \fBFlow Syntax\fR, below, for the syntax of \fIflows\fR. - +. .TP \fBdel-flows \fIswitch \fR[\fIflow\fR] Deletes entries from the \fIswitch\fR's tables that match @@ -136,45 +142,45 @@ not treated as active for matching purposes. If \fIflow\fR is omitted and the \fB--strict\fR option is not used, all flows in the switch's tables are removed. See \fBFlow Syntax\fR, below, for the syntax of \fIflows\fR. - +. .TP \fBmonitor \fIswitch\fR [\fImiss-len\fR] Connects to \fIswitch\fR and prints to the console all OpenFlow messages received. Usually, \fIswitch\fR should specify a connection named on \fBovs\-openflowd\fR(8)'s \fB-l\fR or \fB--listen\fR command line option. - +.IP If \fImiss-len\fR is provided, \fBovs\-ofctl\fR sends an OpenFlow ``set configuration'' message at connection setup time that requests \fImiss-len\fR bytes of each packet that misses the flow table. The OpenFlow reference implementation does not send these messages to the \fBovs\-ofctl monitor\fR client connection unless a nonzero value is specified on this argument. - +.IP This command may be useful for debugging switch or controller implementations. - +. .SS "OpenFlow Switch and Controller Commands" - +. The following commands, like those in the previous section, may be applied to OpenFlow switches, using any of the connection methods described in that section. Unlike those commands, these may also be applied to OpenFlow controllers. - +. .TP \fBprobe \fItarget\fR Sends a single OpenFlow echo-request message to \fItarget\fR and waits for the response. With the \fB-t\fR or \fB--timeout\fR option, this command can test whether an OpenFlow switch or controller is up and running. - +. .TP \fBping \fItarget \fR[\fIn\fR] Sends a series of 10 echo request packets to \fItarget\fR and times each reply. The echo request packets consist of an OpenFlow header plus \fIn\fR bytes (default: 64) of randomly generated payload. This measures the latency of individual requests. - +. .TP \fBbenchmark \fItarget n count\fR Sends \fIcount\fR echo request packets that each consist of an @@ -182,51 +188,49 @@ OpenFlow header plus \fIn\fR bytes of payload and waits for each response. Reports the total time required. This is a measure of the maximum bandwidth to \fItarget\fR for round-trips of \fIn\fR-byte messages. - +. .SS "Flow Syntax" - +.PP Some \fBovs\-ofctl\fR commands accept an argument that describes a flow or flows. Such flow descriptions comprise a series \fIfield\fB=\fIvalue\fR assignments, separated by commas or white space. (Embedding spaces into a flow description normally requires quoting to prevent the shell from breaking the description into multiple arguments.) - +.PP The following field assignments describe how a flow matches a packet. If any of these assignments is omitted from the flow syntax, the field is treated as a wildcard; thus, if all of them are omitted, the resulting flow matches all packets. The string \fB*\fR or \fBANY\fR may be specified to explicitly mark any of these fields as a wildcard. (\fB*\fR should be quoted to protect it from shell expansion.) - +. .IP \fBin_port=\fIport_no\fR Matches physical port \fIport_no\fR. Switch ports are numbered as displayed by \fBovs\-ofctl show\fR. - +. .IP \fBdl_vlan=\fIvlan\fR Matches IEEE 802.1q Virtual LAN tag \fIvlan\fR. Specify \fB0xffff\fR as \fIvlan\fR to match packets that are not tagged with a Virtual LAN; otherwise, specify a number between 0 and 4095, inclusive, as the 12-bit VLAN ID to match. - +. .IP \fBdl_vlan_pcp=\fIpriority\fR Matches IEEE 802.1q Priority Code Point (PCP) \fIpriority\fR, which is specified as a value between 0 and 7, inclusive. A higher value indicates a higher frame priority level. - +. .IP \fBdl_src=\fImac\fR Matches Ethernet source address \fImac\fR, which is specified as 6 pairs of hexadecimal digits delimited by colons (e.g. \fB00:0A:E4:25:6B:B0\fR). - .IP \fBdl_dst=\fImac\fR Matches Ethernet destination address \fImac\fR. - .IP \fBdl_type=\fIethertype\fR Matches Ethernet protocol type \fIethertype\fR, which is specified as an integer between 0 and 65535, inclusive, either in decimal or as a hexadecimal number prefixed by \fB0x\fR (e.g. \fB0x0806\fR to match ARP packets). - +. .IP \fBnw_src=\fIip\fR[\fB/\fInetmask\fR] Matches IPv4 source address \fIip\fR, which may be specified as an IP address or host name (e.g. \fB192.168.1.1\fR or @@ -234,143 +238,140 @@ IP address or host name (e.g. \fB192.168.1.1\fR or match to an IPv4 address prefix. The netmask may be specified as a dotted quad (e.g. \fB192.168.1.0/255.255.255.0\fR) or as a CIDR block (e.g. \fB192.168.1.0/24\fR). - +. .IP \fBnw_dst=\fIip\fR[\fB/\fInetmask\fR] Matches IPv4 destination address \fIip\fR. - .IP \fBnw_proto=\fIproto\fR +. Matches IP protocol type \fIproto\fR, which is specified as a decimal number between 0 and 255, inclusive (e.g. 6 to match TCP packets). - .IP \fBnw_tos=\fItos\fR Matches IP ToS/DSCP field \fItos\fR, which is specified as a decimal number between 0 and 255, inclusive. Note that the two lower reserved bits are ignored for matching purposes. - +. .IP \fBtp_src=\fIport\fR Matches UDP or TCP source port \fIport\fR, which is specified as a decimal number between 0 and 65535, inclusive (e.g. 80 to match packets originating from a HTTP server). - +. .IP \fBtp_dst=\fIport\fR Matches UDP or TCP destination port \fIport\fR. - .IP \fBicmp_type=\fItype\fR +. Matches ICMP message with \fItype\fR, which is specified as a decimal number between 0 and 255, inclusive. - .IP \fBicmp_code=\fIcode\fR Matches ICMP messages with \fIcode\fR. - .PP The following shorthand notations are also available: - +. .IP \fBip\fR Same as \fBdl_type=0x0800\fR. - +. .IP \fBicmp\fR Same as \fBdl_type=0x0800,nw_proto=1\fR. - +. .IP \fBtcp\fR Same as \fBdl_type=0x0800,nw_proto=6\fR. - +. .IP \fBudp\fR Same as \fBdl_type=0x0800,nw_proto=17\fR. - +. .IP \fBarp\fR Same as \fBdl_type=0x0806\fR. - +. .PP The \fBadd-flow\fR and \fBadd-flows\fR commands require an additional field: - +. .IP \fBactions=\fR[\fItarget\fR][\fB,\fItarget\fR...]\fR Specifies a comma-separated list of actions to take on a packet when the flow entry matches. If no \fItarget\fR is specified, then packets matching the flow are dropped. The \fItarget\fR may be a decimal port number designating the physical port on which to output the packet, or one of the following keywords: - +. .RS .IP \fBoutput\fR:\fIport\fR Outputs the packet on the port specified by \fIport\fR. - +. .IP \fBnormal\fR Subjects the packet to the device's normal L2/L3 processing. (This action is not implemented by all OpenFlow switches.) - +. .IP \fBflood\fR Outputs the packet on all switch physical ports other than the port on which it was received and any ports on which flooding is disabled (typically, these would be ports disabled by the IEEE 802.1D spanning tree protocol). - +. .IP \fBall\fR Outputs the packet on all switch physical ports other than the port on which it was received. - +. .IP \fBcontroller\fR:\fImax_len\fR Sends the packet to the OpenFlow controller as a ``packet in'' message. If \fImax_len\fR is a number, then it specifies the maximum number of bytes that should be sent. If \fImax_len\fR is \fBALL\fR or omitted, then the entire packet is sent. - +. .IP \fBlocal\fR Outputs the packet on the ``local port,'' which corresponds to the \fBof\fIn\fR network device (see \fBCONTACTING THE CONTROLLER\fR in \fBovs\-openflowd\fR(8) for information on the \fBof\fIn\fR network device). - +. .IP \fBdrop\fR Discards the packet, so no further processing or forwarding takes place. If a drop action is used, no other actions may be specified. - +. .IP \fBmod_vlan_vid\fR:\fIvlan_vid\fR Modifies the VLAN id on a packet. The VLAN tag is added or modified as necessary to match the value specified. If the VLAN tag is added, a priority of zero is used (see the \fBmod_vlan_pcp\fR action to set this). - +. .IP \fBmod_vlan_pcp\fR:\fIvlan_pcp\fR Modifies the VLAN priority on a packet. The VLAN tag is added or modified as necessary to match the value specified. Valid values are between 0 (lowest) and 7 (highest). If the VLAN tag is added, a vid of zero is used (see the \fBmod_vlan_vid\fR action to set this). - +. .IP \fBstrip_vlan\fR Strips the VLAN tag from a packet if it is present. - +. .IP \fBmod_dl_src\fB:\fImac\fR Sets the source Ethernet address to \fImac\fR. - +. .IP \fBmod_dl_dst\fB:\fImac\fR Sets the destination Ethernet address to \fImac\fR. - +. .IP \fBmod_nw_src\fB:\fIip\fR Sets the IPv4 source address to \fIip\fR. - +. .IP \fBmod_nw_dst\fB:\fIip\fR Sets the IPv4 destination address to \fIip\fR. - +. .IP \fBmod_tp_src\fB:\fIport\fR Sets the TCP or UDP source port to \fIport\fR. - +. .IP \fBmod_tp_dst\fB:\fIport\fR Sets the TCP or UDP destination port to \fIport\fR. - +. .IP \fBmod_nw_tos\fB:\fItos\fR Sets the IP ToS/DSCP field to \fItos\fR. Valid values are between 0 and 255, inclusive. Note that the two lower reserved bits are never modified. - +. .RE - +. .IP (The OpenFlow protocol supports other actions that \fBovs\-ofctl\fR does not yet expose to the user.) - +. .PP The \fBadd-flow\fR, \fBadd-flows\fR, and \fBdel-flows\fR commands support an additional optional field: - +. .IP \fBpriority=\fIvalue\fR The priority at which a wildcarded entry will match in comparison to others. \fIvalue\fR is a number between 0 and 65535, inclusive. A higher @@ -378,99 +379,99 @@ others. \fIvalue\fR is a number between 0 and 65535, inclusive. A higher have priority over an entry containing wildcards, so it has an implicit priority value of 65535. When adding a flow, if the field is not specified, the flow's priority will default to 32768. - +. .PP The \fBadd-flow\fR and \fBadd-flows\fR commands support additional optional fields: - +. .TP \fBidle_timeout=\fIseconds\fR Causes the flow to expire after the given number of seconds of inactivity. A value of 0 prevents a flow from expiring due to inactivity. The default is 60 seconds. - +. .IP \fBhard_timeout=\fIseconds\fR Causes the flow to expire after the given number of seconds, regardless of activity. A value of 0 (the default) gives the flow no hard expiration deadline. - +. .PP The \fBdump-flows\fR, \fBdump-aggregate\fR, \fBdel-flow\fR and \fBdel-flows\fR commands support one additional optional field: - +. .TP \fBout_port=\fIport\fR If set, a matching flow must include an output action to \fIport\fR. - +. .PP The \fBdump-flows\fR and \fBdump-aggregate\fR commands support an additional optional field: - +. .IP \fBtable=\fInumber\fR If specified, limits the flows about which statistics are gathered to those in the table with the given \fInumber\fR. Tables are numbered as shown by the \fBdump-tables\fR command. - +. If this field is not specified, or if \fInumber\fR is given as \fB255\fR, statistics are gathered about flows from all tables. - +. .SS "Table Entry Output" - +. The \fBdump-tables\fR and \fBdump-aggregate\fR commands print information about the entries in a datapath's tables. Each line of output is a unique flow entry, which begins with some common information: - +. .IP \fBduration\fR The number of seconds the entry has been in the table. - +. .IP \fBtable_id\fR The table that contains the flow. When a packet arrives, the switch begins searching for an entry at the lowest numbered table. Tables are numbered as shown by the \fBdump-tables\fR command. - +. .IP \fBpriority\fR The priority of the entry in relation to other entries within the same table. A higher value will match before a lower one. - +. .IP \fBn_packets\fR The number of packets that have matched the entry. - +. .IP \fBn_bytes\fR The total number of bytes from packets that have matched the entry. - +. .PP The rest of the line consists of a description of the flow entry as described in \fBFlow Syntax\fR, above. - - +. +. .SH OPTIONS .TP \fB--strict\fR Uses strict matching when running flow modification commands. - +. .so lib/ssl.man .so lib/vlog.man .so lib/common.man - +. .SH EXAMPLES - +. The following examples assume that an OpenFlow switch on the local host has been configured to listen for management connections on a Unix domain socket named \fB@RUNDIR@/openflow.sock\fR, e.g. by specifying \fB--listen=punix:@RUNDIR@/openflow.sock\fR on the \fBovs\-openflowd\fR(8) command line. - +. .TP \fBovs\-ofctl dump-tables unix:@RUNDIR@/openflow.sock\fR Prints out the switch's table stats. (This is more interesting after some traffic has passed through.) - +. .TP \fBovs\-ofctl dump-flows unix:@RUNDIR@/openflow.sock\fR Prints the flow entries in the switch. - +. .SH "SEE ALSO" - +. .BR ovs\-appctl (8), .BR ovs\-controller (8), .BR ovs\-vswitchd (8) diff --git a/utilities/ovs-openflowd.8.in b/utilities/ovs-openflowd.8.in index b98e07d26..7b349b5ff 100644 --- a/utilities/ovs-openflowd.8.in +++ b/utilities/ovs-openflowd.8.in @@ -1,23 +1,23 @@ .TH ovs\-openflowd 8 "March 2009" "Open vSwitch" "Open vSwitch Manual" .ds PN ovs\-openflowd - +. .SH NAME ovs\-openflowd \- OpenFlow switch implementation - +. .SH SYNOPSIS .B ovs\-openflowd [\fIoptions\fR] \fIdatapath\fR [\fIcontroller\fR] - +. .SH DESCRIPTION The \fBovs\-openflowd\fR program implements an OpenFlow switch using a flow-based datapath. \fBovs\-openflowd\fR connects to an OpenFlow controller over TCP or SSL. - +.PP The mandatory \fIdatapath\fR argument argument specifies the local datapath to relay. It takes one of the following forms: - +. .so lib/dpif.man - +. .PP The optional \fIcontroller\fR argument specifies how to connect to the OpenFlow controller. It takes one of the following forms: @@ -27,22 +27,22 @@ the OpenFlow controller. It takes one of the following forms: .PP If \fIcontroller\fR is omitted, \fBovs\-openflowd\fR attempts to discover the location of the controller automatically (see below). - +. .SS "Contacting the Controller" The OpenFlow switch must be able to contact the OpenFlow controller over the network. It can do so in one of two ways: - +. .IP out-of-band In this configuration, OpenFlow traffic uses a network separate from the data traffic that it controls, that is, the switch does not use any of the network devices added to the datapath with \fBovs\-dpctl add\-if\fR in its communication with the controller. - +.IP To use \fBovs\-openflowd\fR in a network with out-of-band control, specify \fB--out-of-band\fR on the \fBovs\-openflowd\fR command line. The control network must be configured separately, before or after \fBovs\-openflowd\fR is started. - +. .IP in-band In this configuration, a single network is used for OpenFlow traffic and other data traffic, that is, the switch contacts the controller @@ -50,19 +50,19 @@ over one of the network devices added to the datapath with \fBovs\-dpctl add\-if\fR. This configuration is often more convenient than out-of-band control, because it is not necessary to maintain two independent networks. - +.IP In-band control is the default for \fBovs\-openflowd\fR, so no special command-line option is required. - +.IP With in-band control, the location of the controller can be configured manually or discovered automatically: - +. .RS .IP "controller discovery" To make \fBovs\-openflowd\fR discover the location of the controller automatically, do not specify the location of the controller on the \fBovs\-openflowd\fR command line. - +.IP In this mode, \fBovs\-openflowd\fR will broadcast a DHCP request with vendor class identifier \fBOpenFlow\fR across the network devices added to the datapath with \fBovs\-dpctl add\-if\fR. It will accept any valid DHCP @@ -70,18 +70,18 @@ reply that has the same vendor class identifier and includes a vendor-specific option with code 1 whose contents are a string specifying the location of the controller in the same format used on the \fBovs\-openflowd\fR command line (e.g. \fBssl:192.168.0.1\fR). - +.IP The DHCP reply may also, optionally, include a vendor-specific option with code 2 whose contents are a string specifying the URI to the base of the OpenFlow PKI (e.g. \fBhttp://192.168.0.1/openflow/pki\fR). This URI is used only for bootstrapping the OpenFlow PKI at initial switch setup; \fBovs\-openflowd\fR does not use it at all. - +.IP The following ISC DHCP server configuration file assigns the IP address range 192.168.0.20 through 192.168.0.30 to OpenFlow switches that follow the switch protocol and addresses 192.168.0.1 through 192.168.0.10 to all other DHCP clients: - +.IP default-lease-time 600; .br max-lease-time 7200; @@ -126,7 +126,7 @@ subnet 192.168.0.0 netmask 255.255.255.0 { .br } .br - +. .IP "manual configuration" To configure in-band control manually, specify the location of the controller on the \fBovs\-openflowd\fR command line as the \fIcontroller\fR @@ -137,7 +137,7 @@ bridges to the physical switch ports. The name of the local port for a given \fIdatapath\fR may be seen by running \fBovs\-dpctl show \fIdatapath\fR; the local port is listed as port 0 in \fBshow\fR's output. - +. .IP Before \fBovs\-openflowd\fR starts, the local port network device is not bridged to any physical network, so the next step depends on whether @@ -146,14 +146,14 @@ switch has a static IP address, you may configure its IP address now with a command such as .B ifconfig of0 192.168.1.1 and then invoke \fBovs\-openflowd\fR. - +.IP On the other hand, if the switch does not have a static IP address, e.g. it obtains its IP address dynamically via DHCP, the DHCP client will not be able to contact the DHCP server until the OpenFlow switch has started up. Thus, start \fBovs\-openflowd\fR without configuring the local port network device, and start the DHCP client afterward. .RE - +. .SH OPTIONS .SS "OpenFlow Options" .TP @@ -161,47 +161,46 @@ the local port network device, and start the DHCP client afterward. Sets \fIdpid\fR, which must consist of exactly 16 hexadecimal digits, as the datapath ID that the switch will use to identify itself to the OpenFlow controller. - +.IP If this option is omitted, the default datapath ID is taken from the Ethernet address of the datapath's local port (which is typically randomly generated) in the lower 48 bits and zeros in the upper 16. - +. .TP \fB--mgmt-id=\fImgmtid\fR Sets \fImgmtid\fR, which must consist of exactly 12 hexadecimal digits, as the switch's management ID. - +.IP If this option is omitted, the management ID defaults to 0, signaling to the controller that management is supported but not configured. - +. .TP \fB--mfr-desc=\fIdesc\fR Set the description of the switch's manufacturer to \fIdesc\fR, which may contain up to 255 ASCII characters. - +. .TP \fB--hw-desc=\fIdesc\fR Set the description of the switch's hardware revision to \fIdesc\fR, which may contain up to 255 ASCII characters. - +. .TP \fB--sw-desc=\fIdesc\fR Set the description of the switch's software revision to \fIdesc\fR, which may contain up to 255 ASCII characters. - +. .TP \fB--serial-desc=\fIdesc\fR Set the description of the switch's serial number to \fIdesc\fR, which may contain up to 31 ASCII characters. - +. .TP \fB--dp-desc=\fIdesc\fR Set the description of the datapath to \fIdesc\fR, which may contain up to 255 ASCII characters. Note that this field is intended for debugging purposes and is not guaranteed to be unique and should not be used as the primary identifier of the datapath. - - +. .SS "Controller Discovery Options" .TP \fB--accept-vconn=\fIregex\fR @@ -210,18 +209,18 @@ the Controller\fR, above, for more information about controller discovery), it validates the controller location obtained via DHCP with a POSIX extended regular expression. Only controllers whose names match the regular expression will be accepted. - +.IP The default regular expression is \fBssl:.*\fR (meaning that only SSL controller connections will be accepted) when any of the SSL configuration options \fB--private-key\fR, \fB--certificate\fR, or \fB--ca-cert\fR is specified. The default is \fB^tcp:.*\fR otherwise (meaning that only TCP controller connections will be accepted). - +.IP The \fIregex\fR is implicitly anchored at the beginning of the controller location string, as if it begins with \fB^\fR. - +.IP When controller discovery is not performed, this option has no effect. - +. .TP \fB--no-resolv-conf\fR When \fBovs\-openflowd\fR performs controller discovery (see \fBContacting @@ -234,23 +233,23 @@ servers ever change, this behavior is essential. But because it also interferes with any administrator or process that manages \fB/etc/resolv.conf\fR, when this option is specified, \fBovs\-openflowd\fR will not modify \fB/etc/resolv.conf\fR. - +.IP \fBovs\-openflowd\fR will only modify \fBresolv.conf\fR if the DHCP response that it receives specifies one or more DNS servers. - +.IP When controller discovery is not performed, this option has no effect. - +. .SS "Networking Options" .TP \fB--datapath-id=\fIdpid\fR Sets \fIdpid\fR, which must consist of exactly 16 hexadecimal digits, as the datapath ID that the switch will use to identify itself to the OpenFlow controller. - +.IP If this option is omitted, the default datapath ID is taken from the Ethernet address of the datapath's local port (which is typically randomly generated) in the lower 48 bits and zeros in the upper 16. - +. .TP \fB--fail=\fR[\fBopen\fR|\fBclosed\fR] The controller is, ordinarily, responsible for setting up all flows on @@ -258,7 +257,7 @@ the OpenFlow switch. Thus, if the connection to the controller fails, no new network connections can be set up. If the connection to the controller stays down long enough, no packets can pass through the switch at all. - +.IP If this option is set to \fBopen\fR (the default), \fBovs\-openflowd\fR will take over responsibility for setting up flows in the local datapath when no message has been received from the controller for three times @@ -267,10 +266,10 @@ In this ``fail open'' mode, \fBovs\-openflowd\fR causes the datapath to act like an ordinary MAC-learning switch. \fBovs\-openflowd\fR will continue to retry connection to the controller in the background and, when the connection succeeds, it discontinues its fail-open behavior. - +.IP If this option is set to \fBclosed\fR, then \fBovs\-openflowd\fR will not set up flows on its own when the controller connection fails. - +. .TP \fB--inactivity-probe=\fIsecs\fR When the OpenFlow switch is connected to the controller, the @@ -280,11 +279,11 @@ controller. After sending the inactivity probe, if no response is received for an additional \fIsecs\fR seconds, the switch assumes that the connection has been broken and attempts to reconnect. The default and the minimum value are both 5 seconds. - +.IP When fail-open mode is configured, changing the inactivity probe interval also changes the interval before entering fail-open mode (see above). - +. .TP \fB--max-idle=\fIsecs\fR|\fBpermanent\fR Sets \fIsecs\fR as the number of seconds that a flow set up by the @@ -292,27 +291,27 @@ OpenFlow switch will remain in the switch's flow table without any matching packets being seen. If \fBpermanent\fR is specified, which is not recommended, flows set up by the switch will never expire. The default is 15 seconds. - +.IP Most flows are set up by the OpenFlow controller, not by the switch. This option affects only the following flows, which the OpenFlow switch sets up itself: - +. .RS .IP \(bu When \fB--fail=open\fR is specified, flows set up when the switch has not been able to contact the controller for the configured fail-open delay. - +. .IP \(bu When in-band control is in use, flows set up to bootstrap contacting the controller (see \fBContacting the Controller\fR, above, for more information about in-band control). .RE - +. .IP As a result, when both \fB--fail=closed\fR and \fB--out-of-band\fR are specified, this option has no effect. - +. .TP \fB--max-backoff=\fIsecs\fR Sets the maximum time between attempts to connect to the controller to @@ -320,24 +319,24 @@ Sets the maximum time between attempts to connect to the controller to connection attempts starts at 1 second and doubles on each failing attempt until it reaches the maximum. The default maximum backoff time is 8 seconds. - +. .TP \fB-l\fR, \fB--listen=\fImethod\fR By default, the switch listens for OpenFlow management connections on a Unix domain socket named \fB@RUNDIR@/\fIdatapath\fB.mgmt\fR. This socket can be used to perform local OpenFlow monitoring and administration with tools such as \fBovs\-ofctl\fR. - +.IP This option may be used to override the default listener. The \fImethod\fR must be given as one of the passive OpenFlow connection methods listed below. This option may be specified multiple times to listen to multiple connection methods. If a single \fImethod\fR of \fBnone\fR is used, no listeners will be created. - +. .RS .so lib/vconn-passive.man .RE - +. .TP \fB--snoop=\fImethod\fR Configures the switch to additionally listen for incoming OpenFlow @@ -345,45 +344,45 @@ connections for controller connection snooping. The \fImethod\fR must be given as one of the passive OpenFlow connection methods listed under the \fB--listen\fR option above. This option may be specified multiple times to listen to multiple connection methods. - +.IP If \fBovs\-ofctl monitor\fR is used to connect to \fImethod\fR specified on \fB--snoop\fR, it will display all the OpenFlow messages traveling between the switch and its controller on the primary OpenFlow connection. This can be useful for debugging switch and controller problems. - +. .TP \fB--in-band\fR, \fB--out-of-band\fR Configures \fBovs\-openflowd\fR to operate in in-band or out-of-band control mode (see \fBContacting the Controller\fR above). When neither option is given, the default is in-band control. - +. .TP \fB--netflow=\fIip\fB:\fIport\fR Configures the given UDP \fIport\fR on the specified IP \fIip\fR as a recipient of NetFlow messages for expired flows. The \fIip\fR must be specified numerically, not as a DNS name. - +.IP This option may be specified multiple times to configure additional NetFlow collectors. - +. .SS "Rate-Limiting Options" - +. These options configure how the switch applies a ``token bucket'' to limit the rate at which packets in unknown flows are forwarded to an OpenFlow controller for flow-setup processing. This feature prevents a single OpenFlow switch from overwhelming a controller. - +. .TP \fB--rate-limit\fR[\fB=\fIrate\fR] . Limits the maximum rate at which packets will be forwarded to the OpenFlow controller to \fIrate\fR packets per second. If \fIrate\fR is not specified then the default of 1,000 packets per second is used. - +.IP If \fB--rate-limit\fR is not used, then the switch does not limit the rate at which packets are forwarded to the controller. - +. .TP \fB--burst-limit=\fIburst\fR . @@ -392,9 +391,9 @@ allow to accumulate during time in which no packets are being forwarded to the OpenFlow controller to \fIburst\fR (measured in packets). The default \fIburst\fR is one-quarter of the \fIrate\fR specified on \fB--rate-limit\fR. - +. This option takes effect only when \fB--rate-limit\fR is also specified. - +. .SS "Datapath Options" . .IP "\fB\-\-ports=\fIport\fR[\fB,\fIport\fR...]" @@ -410,21 +409,21 @@ ports may be specified as a comma-separated list or by specifying .IP See \fBINSTALL.userspace\fR for more information about userspace switching. - +. .SS "Daemon Options" .so lib/daemon.man - +. .so lib/ssl.man .so lib/ssl-bootstrap.man - +. .SS "Logging Options" .so lib/vlog.man .SS "Other Options" .so lib/common.man .so lib/leak-checker.man - +. .SH "SEE ALSO" - +. .BR ovs\-appctl (8), .BR ovs\-controller (8), .BR ovs\-discover (8), -- 2.43.0