</column>
<column name="flood_vlans">
- VLAN IDs of VLANs on which MAC address learning should be disabled, so
- that packets are flooded instead of being sent to specific ports that
- are believed to contain packets' destination MACs. This should
- ordinarily be used to disable MAC learning on VLANs used for mirroring
- (RSPAN VLANs). It may also be useful for debugging.
+ <p>
+ VLAN IDs of VLANs on which MAC address learning should be disabled,
+ so that packets are flooded instead of being sent to specific ports
+ that are believed to contain packets' destination MACs. This should
+ ordinarily be used to disable MAC learning on VLANs used for
+ mirroring (RSPAN VLANs). It may also be useful for debugging.
+ </p>
+ <p>
+ SLB bonding (see the <ref table="Port" column="bond_mode"/> column in
+ the <ref table="Port"/> table) is incompatible with
+ <code>flood_vlans</code>. Consider using another bonding mode or
+ a different type of mirror instead.
+ </p>
</column>
</group>
does not have QoS configured, or if the port does not have a queue
with the specified ID, the default queue is used instead.
</dd>
+ <dt><code>flow-eviction-threshold</code></dt>
+ <dd>
+ A number of flows as a nonnegative integer. This sets number
+ of flows at which eviction from the kernel flow table will
+ be triggered.
+ If there are a large number of flows then increasing this
+ value to around the number of flows present
+ can result in reduced CPU usage and packet loss.
+ </dd>
+ <dd>
+ The default is 1000.
+ </dd>
+ <dd>
+ Values below 100 will be rounded up to 100.
+ </dd>
+ <dt><code>forward-bpdu</code></dt>
+ <dd>
+ Option to allow forwarding of BPDU frames when NORMAL
+ action if invoked. Frames with reserved Ethernet addresses
+ (e.g. STP BPDU) will be forwarded when this option is enabled.
+ If the Open vSwitch bridge is used to connect different
+ Ethernet networks, and if Open vSwtich node does not run STP,
+ then this option should be enabled.
+ Default is disabled, set to <code>true</code> to enable.
+ </dd>
</dl>
</column>
</group>
Key-value pairs for configuring rarely used port features. The
currently defined key-value pairs are:
<dl>
- <dt><code>hwaddr</code></dt>
- <dd>An Ethernet address in the form
- <code><var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var></code>.</dd>
<dt><code>bond-rebalance-interval</code></dt>
<dd>For an SLB bonded port, the number of milliseconds between
successive attempts to rebalance the bond, that is, to
</column>
</table>
- <table name="Mirror" title="Port mirroring (SPAN/RSPAN).">
+ <table name="Mirror" title="Port mirroring (SPAN/RSPAN/ERSPAN).">
<p>A port mirror within a <ref table="Bridge"/>.</p>
<p>A port mirror configures a bridge to send selected frames to special
- ``mirrored'' ports, in addition to their normal destinations. Mirroring
- traffic may also be referred to as SPAN or RSPAN, depending on the
- mechanism used for delivery.</p>
+ ``mirrored'' ports, in addition to their normal destinations. Mirroring
+ traffic may also be referred to as SPAN, RSPAN, or ERSPAN, depending on how
+ the mirrored traffic is sent.</p>
<column name="name">
Arbitrary identifier for the <ref table="Mirror"/>.
<column name="output_port">
<p>Output port for selected packets, if nonempty.</p>
<p>Specifying a port for mirror output reserves that port exclusively
- for mirroring. No frames other than those selected for mirroring
- will be forwarded to the port, and any frames received on the port
- will be discarded.</p>
- <p>This type of mirroring is sometimes called SPAN.</p>
+ for mirroring. No frames other than those selected for mirroring
+ will be forwarded to the port, and any frames received on the port
+ will be discarded.</p>
+ <p>
+ The output port may be any kind of port supported by Open vSwitch.
+ It may be, for example, a physical port (sometimes called SPAN), or a
+ GRE tunnel (sometimes called ERSPAN).
+ </p>
</column>
<column name="output_vlan">
Open vSwitch is being used as an intermediate switch, learning can be
disabled by adding the mirrored VLAN to <ref column="flood_vlans"/>
in the appropriate <ref table="Bridge"/> table or tables.</p>
+ <p>
+ Mirroring to a GRE tunnel has fewer caveats than mirroring to a
+ VLAN and should generally be preferred.
+ </p>
</column>
</group>