. RE
..
.TH ovs\-vsctl 8 "November 2009" "Open vSwitch" "Open vSwitch Manual"
+.\" This program's name:
.ds PN ovs\-vsctl
+.\" SSL peer program's name:
+.ds SN ovsdb\-server
.
.SH NAME
ovs\-vsctl \- utility for querying and configuring \fBovs\-vswitchd\fR
.
.IP "\fB\-t \fIsecs\fR"
.IQ "\fB\-\-timeout=\fIsecs\fR"
-Limits runtime to approximately \fIsecs\fR seconds. A value of
-zero will cause \fBovs\-vsctl\fR to wait forever. If the timeout expires,
-\fBovs\-vsctl\fR will exit with a \fBSIGALRM\fR signal. If this option is
-not used, \fBovs\-vsctl\fR uses a timeout of five seconds.
-(A timeout would normally happen only if the database cannot be contacted.)
+By default, or with a \fIsecs\fR of \fB0\fR, \fBovs\-vsctl\fR waits
+forever for a response from the database. This option limits runtime
+to approximately \fIsecs\fR seconds. If the timeout expires,
+\fBovs\-vsctl\fR will exit with a \fBSIGALRM\fR signal. (A timeout
+would normally happen only if the database cannot be contacted, or if
+the system is overloaded.)
.
.SS "Public Key Infrastructure Options"
.so lib/ssl.man
+.so lib/ssl-bootstrap.man
+.so lib/ssl-peer-ca-cert.man
.so lib/vlog.man
.
.SH COMMANDS
.IP "\fBemer\-reset\fR"
Reset the configuration into a clean state. It deconfigures OpenFlow
controllers, OVSDB servers, and SSL, and deletes port mirroring,
-NetFlow, and sFlow configuration. This command also removes all
-\fBother\-config\fR keys from all database records, except that
-\fBother\-config:hwaddr\fR is preserved if it is present in a Bridge
-record. Other networking configuration is left as-is.
+\fBfail_mode\fR, NetFlow, and sFlow configuration. This command also
+removes all \fBother\-config\fR keys from all database records, except
+that \fBother\-config:hwaddr\fR is preserved if it is present in a
+Bridge record. Other networking configuration is left as-is.
.
.SS "Bridge Commands"
These commands examine and manipulate Open vSwitch bridges.
.IP "\fBController\fR"
Configuration for an OpenFlow controller. A controller attached to a
particular bridge may be identified by the bridge's name.
+.IP "\fBManager\fR"
+Configuration for an OVSDB connection. Records may be identified
+by target (e.g. \fBtcp:1.2.3.4\fR).
.IP "\fBNetFlow\fR"
A NetFlow configuration attached to a bridge. Records may be
identified by bridge name.
.IP "\fBsFlow\fR"
An sFlow configuration attached to a bridge. Records may be
identified by bridge name.
+.IP "\fBMonitor\fR"
+Connectivity Monitoring attached to an interface. Records may be
+identified by interface name.
+.IP "\fBMaintenance_Point\fR"
+Maintenance Point managed by a Monitor.
.PP
Record names must be specified in full and with correct
capitalization. Names of tables and columns are not case-sensitive,
.IP "UUID"
Either a universally unique identifier in the style of RFC 4122,
e.g. \fBf81d4fae\-7dec\-11d0\-a765\-00a0c91e6bf6\fR, or an \fB@\fIname\fR
-defined by the \fBcreate\fR command within the same \fBovs\-vsctl\fR
+defined by a \fBget\fR or \fBcreate\fR command within the same \fBovs\-vsctl\fR
invocation.
.PP
Multiple values in a single column may be separated by spaces or a
The UUIDs shown for rows created in the same \fBovs\-vsctl\fR
invocation will be wrong.
.
-.IP "[\fB\-\-if\-exists\fR] \fBget \fItable record column\fR[\fB:\fIkey\fR]..."
+.IP "[\fB\-\-id=@\fIname\fR] [\fB\-\-if\-exists\fR] \fBget \fItable record \fR[\fIcolumn\fR[\fB:\fIkey\fR]]..."
Prints the value of each specified \fIcolumn\fR in the given
\fIrecord\fR in \fItable\fR. For map columns, a \fIkey\fR may
optionally be specified, in which case the value associated with
\fIkey\fR does not exist; with it, a blank line is printed. If
\fIcolumn\fR is not a map column or if \fIkey\fR is not specified,
\fB\-\-if\-exists\fR has no effect.
+.IP
+If \fB@\fIname\fR is specified, then the UUID for \fIrecord\fR may be
+referred to by that name later in the same \fBovs\-vsctl\fR
+invocation in contexts where a UUID is expected.
.
.IP "\fBset \fItable record column\fR[\fB:\fIkey\fR]\fB=\fIvalue\fR..."
Sets the value of each specified \fIcolumn\fR in the given
to a new \fBQueue\fR record:
.IP
.B "ovs\-vsctl \-\- set port eth0 qos=@newqos \-\- \-\-id=@newqos create qos type=linux\-htb other\-config:max\-rate=1000000 queues:0=@newqueue \-\- \-\-id=@newqueue create queue other\-config:min\-rate=1000000 other\-config:max\-rate=1000000"
+.SH "CONFIGURATION COOKBOOK"
+.SS "Port Configuration"
+.PP
+Add an ``internal port'' \fBvlan10\fR to bridge \fBbr0\fR as a VLAN
+access port for VLAN 10, and configure it with an IP address:
+.IP
+.B "ovs\-vsctl add\-port br0 vlan10 tag=10 \-\- set Interface vlan10 type=internal"
+.IP
+.B "ifconfig vlan10 192.168.0.123"
.
+.SS "Port Mirroring"
+.PP
+Mirror all packets received or sent on \fBeth0\fR or \fBeth1\fR onto
+\fBeth2\fR, assuming that all of those ports exist on bridge \fBbr0\fR
+(as a side-effect this causes any packets received on \fBeth2\fR to be
+ignored):
+.IP
+.B "ovs\-vsctl \-\- set Bridge br0 mirrors=@m \(rs"
+.IP
+.B "\-\- \-\-id=@eth0 get Port eth0 \(rs"
+.IP
+.B "\-\- \-\-id=@eth1 get Port eth1 \(rs"
+.IP
+.B "\-\- \-\-id=@eth2 get Port eth2 \(rs"
+.IP
+.B "\-\- \-\-id=@m create Mirror name=mymirror select-dst-port=@eth0,@eth1 select-src-port=@eth0,@eth1 output-port=@eth2"
+.PP
+Remove the mirror created above from \fBbr0\fR and destroy the Mirror
+record (to avoid having an unreferenced record in the database):
+.IP
+.B "ovs\-vsctl destroy Mirror mymirror \-\- clear Bridge br0 mirrors"
+.SS "Quality of Service (QoS)"
+.PP
+Create a \fBlinux\-htb\fR QoS record that points to a few queues and
+use it on \fBeth0\fR and \fBeth1\fR:
+.IP
+.B "ovs\-vsctl \-\- set Port eth0 qos=@newqos \(rs"
+.IP
+.B "\-\- set Port eth1 qos=@newqos \(rs"
+.IP
+.B "\-\- \-\-id=@newqos create QoS type=linux\-htb other\-config:max\-rate=1000000000 queues=0=@q0,1=@q1 \(rs"
+.IP
+.B "\-\- \-\-id=@q0 create Queue other\-config:min\-rate=100000000 other\-config:max\-rate=100000000 \(rs"
+.IP
+.B "\-\- \-\-id=@q1 create Queue other\-config:min\-rate=500000000"
+.PP
+Deconfigure the QoS record above from \fBeth1\fR only:
+.IP
+.B "ovs\-vsctl clear Port eth1 qos"
+.PP
+To deconfigure the QoS record from both \fBeth0\fR and \fBeth1\fR and
+then delete the QoS record:
+.IP
+.B "ovs\-vsctl \-\- destroy QoS eth0 \-\- clear Port eth0 qos \-\- clear Port eth1 qos"
+.PP
+(This command will leave two unreferenced Queue records in the
+database. To delete them, use "\fBovs\-vsctl list Queue\fR" to find
+their UUIDs, then "\fBovs\-vsctl destroy Queue \fIuuid1\fR
+\fIuuid2\fR" to destroy each of them.)
+.SS "Connectivity Monitoring"
+.PP
+Create a Monitor which manages a couple of remote Maintenance Points on eth0.
+.IP
+.B "ovs\-vsctl \-\- set Interface eth0 Monitor=@newmon \(rs"
+.IP
+.B "\-\- \-\-id=@newmon create Monitor mpid=1 remote_mps=@mp2,@mp3 \(rs"
+.IP
+.B "\-\- \-\-id=@mp2 create Maintenance_Point mpid=2 \(rs"
+.IP
+.B "\-\- \-\-id=@mp3 create Maintenance_Point mpid=3"
+.PP
+Deconfigure the Monitor record from above:
+.IP
+.B "ovs\-vsctl clear Interface eth0 Monitor"
+.SS "NetFlow"
+.PP
+Configure bridge \fBbr0\fR to send NetFlow records to UDP port 5566 on
+host 192.168.0.34, with an active timeout of 30 seconds:
+.IP
+.B "ovs\-vsctl \-\- set Bridge br0 netflow=@nf \(rs"
+.IP
+.B "\-\- \-\-id=@nf create NetFlow targets=\(rs\(dq192.168.0.34:5566\(rs\(dq active\-timeout=30"
+.PP
+Update the NetFlow configuration created by the previous command to
+instead use an active timeout of 60 seconds:
+.IP
+.B "ovs\-vsctl set NetFlow br0 active_timeout=60"
+.PP
+Deconfigure the NetFlow settings from \fBbr0\fR and delete the NetFlow
+record (to avoid having an unreferenced record in the database):
+.IP
+.B "ovs\-vsctl destroy NetFlow br0 \-\- clear Bridge br0 netflow"
+.SS "sFlow"
+.PP
+Configure bridge \fBbr0\fR to send sFlow records to a collector on
+10.0.0.1 at port 6343, using \fBeth1\fR\'s IP address as the source,
+with specific sampling parameters:
+.IP
+.B "ovs\-vsctl \-\- \-\-id=@s create sFlow agent=eth1 target=\(rs\(dq10.0.0.1:6343\(rs\(dq header=128 sampling=64 polling=10 \(rs"
+.IP
+.B "\-\- set Bridge br0 sflow=@s"
+.PP
+Deconfigure sFlow from br0 and destroy the sFlow record (to avoid
+having an unreferenced record in the database):
+.IP
+.B "ovs\-vsctl \-\- destroy sFlow br0 \-\- clear Bridge br0 sflow"
.SH "EXIT STATUS"
.IP "0"
Successful program execution.