</column>
<column name="controller">
- Default <ref table="Controller"/> used by bridges. If a
- <ref table="Bridge"/> record has a <ref table="Bridge"
- column="controller"/> column, then this
- <ref table="Controller"/> is used instead.
+ Default <ref table="Controller"/> used by bridges. May be
+ overridden on a per-bridge basis by the <ref table="Bridge"
+ column="controller"/> column in <ref table="Bridge"/>.
</column>
<column name="managers">
<column name="ssl">
SSL used globally by the daemon.
</column>
+
+ <column name="external_ids">
+ Key-value pairs that identify this Open vSwitch's role in
+ external systems. The currently defined key-value pairs are:
+ <dl>
+ <dt><code>system-uuid</code></dt>
+ <dd>A universally unique identifier for the Open vSwitch's
+ physical host. The form of the identifier depends on the
+ type of the host. On a Citrix XenServer, this is the host
+ UUID displayed by, e.g., <code>xe host-list</code>.</dd>
+ </dl>
+ </column>
</group>
<group title="Status">
<column name="cur_cfg">
Sequence number that Open vSwitch sets to the current value of
- <ref column="next_cfg"/> after it finishing applying a set of
+ <ref column="next_cfg"/> after it finishes applying a set of
configuration changes.
</column>
</group>
</column>
<column name="datapath_id">
- Reports the OpenFlow datapath ID in use. Exactly 12 hex digits.
+ Reports the OpenFlow datapath ID in use. Exactly 16 hex digits.
</column>
</group>
Key-value pairs that identify this bridge's role in external systems.
The currently defined key-value pairs are:
<dl>
- <dt><code>xs-network-uuids</code></dt>
- <dd>Space-delimited set of the Citrix XenServer network UUIDs with
- which this bridge is associated.</dd>
- <dt><code>xs-network-names</code></dt>
- <dd>Semicolon-delimited set of Citrix XenServer network names with
- which this bridge is associated.</dd>
+ <dt><code>network-uuids</code></dt>
+ <dd>Semicolon-delimited set of universally unique identifier(s) for
+ the network with which this bridge is associated. The form of the
+ identifier(s) depends on the type of the host. On a Citrix
+ XenServer host, the network identifiers are RFC 4122 UUIDs as
+ displayed by, e.g., <code>xe network-list</code>.</dd>
</dl>
</column>
features. The currently defined key-value pairs are:
<dl>
<dt><code>datapath-id</code></dt>
- <dd>Exactly 12 hex
+ <dd>Exactly 16 hex
digits to set the OpenFlow datapath ID to a specific
value.</dd>
<dt><code>hwaddr</code></dt>
- <dd>Exactly 12 hex digits in the form
+ <dd>An Ethernet address in the form
<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>
to set the hardware address of the local port and influence the
datapath ID.</dd>
<table name="Port" table="Port or bond configuration.">
<p>A port within a <ref table="Bridge"/>.</p>
<p>Most commonly, a port has exactly one ``interface,'' pointed to by its
- <ref column="interface"/> column. Such a port logically
+ <ref column="interfaces"/> column. Such a port logically
corresponds to a port on a physical Ethernet switch. A port
with more than one interface is a ``bonded port'' (see
<ref group="Bonding Configuration"/>).</p>
<column name="bond_downdelay">
For a bonded port, the number of milliseconds for which carrier must
stay down on an interface before the interface is considered to be
- down. Specify <code>0</code> to enable the interface immediately.
+ down. Specify <code>0</code> to disable the interface immediately.
</column>
<column name="bond_fake_iface">
- For a bonded port, whether to create a fake interface with the name of
- the port. Use only for compatibility with legacy software that
+ For a bonded port, whether to create a fake internal interface with the
+ name of the port. Use only for compatibility with legacy software that
requires this.
</column>
</group>
Key-value pairs that identify this port's role in external systems. No
key-value pairs native to <ref table="Port"/> are currently defined.
For fake bridges (see the <ref column="fake_bridge"/> column), external
- IDs for the fake bridge are defined here by prefixing their keys
+ IDs for the fake bridge are defined here by prefixing a
+ <ref table="Bridge"/> <ref table="Bridge" column="external_ids"/> key
with <code>fake-bridge-</code>,
- e.g. <code>fake-bridge-xs-network-uuids</code>.
+ e.g. <code>fake-bridge-network-uuids</code>.
</column>
<column name="other_config">
currently defined key-value pairs are:
<dl>
<dt><code>hwaddr</code></dt>
- <dd>Exactly 12 hex digits in the form
+ <dd>An Ethernet address in the form
<code><var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var></code>.</dd>
+ <dt><code>bond-rebalance-interval</code></dt>
+ <dd>For a bonded port, the number of milliseconds between
+ successive attempts to rebalance the bond, that is, to
+ move source MACs and their flows from one interface on
+ the bond to another in an attempt to keep usage of each
+ interface roughly equal. The default is 10000 (10
+ seconds), and the minimum is 1000 (1 second).</dd>
</dl>
</column>
</group>
whose name is first in alphabetical order). Internal ports and
bridge ports that are used as port mirroring destinations (see the
<ref table="Mirror"/> table) are ignored.</li>
- <li>For other internal interface, the default MAC is randomly
+ <li>For other internal interfaces, the default MAC is randomly
generated.</li>
<li>External interfaces typically have a MAC address associated with
their hardware.</li>
<p>Open vSwitch populates this column when the port number becomes
known. If the interface is successfully added,
<ref column="ofport"/> will be set to a number between 1 and 65535
- (generally either in the range 1 to <code>0xff00</code>, exclusive,
- or <code>0xfffe</code>, the port number for the OpenFlow ``local
- port''). If the interface cannot be added then Open vSwitch sets
- this column to <code>-1</code>.</p>
+ (generally either in the range 1 to 65280, exclusive, or 65534, the
+ port number for the OpenFlow ``local port''). If the interface
+ cannot be added then Open vSwitch sets this column
+ to -1.</p>
</column>
</group>
vSwitch is running. The empty string is a synonym for
<code>system</code>.</dd>
<dt><code>internal</code></dt>
- <dd>A simulated network devices that sent and receive traffic. An
+ <dd>A simulated network device that sends and receives traffic. An
internal interface whose <ref column="name"/> is the same as its
bridge's <ref table="Open_vSwitch" column="name"/> is called the
``local interface.'' It does not make sense to bond an internal
<dt><code>tap</code></dt>
<dd>A TUN/TAP device managed by Open vSwitch.</dd>
<dt><code>gre</code></dt>
- <dd>A GRE tunnel device managed by Open vSwitch.</dd>
+ <dd>An Ethernet over RFC 1702 Generic Routing Encapsulation over IPv4
+ tunnel. Each tunnel must be uniquely identified by the
+ combination of <code>remote_ip</code>, <code>local_ip</code>, and
+ <code>in_key</code>. Note that if two ports are defined that are
+ the same except one has an optional identifier and the other does
+ not, the more specific one is matched first. <code>in_key</code>
+ is considered more specific than <code>local_ip</code> if a port
+ defines one and another port defines the other. The arguments
+ are:
+ <dl>
+ <dt><code>remote_ip</code></dt>
+ <dd>Required. The tunnel endpoint.</dd>
+ </dl>
+ <dl>
+ <dt><code>local_ip</code></dt>
+ <dd>Optional. The destination IP that received packets must
+ match. Default is to match all addresses.</dd>
+ </dl>
+ <dl>
+ <dt><code>in_key</code></dt>
+ <dd>Optional. The GRE key that received packets must contain.
+ It may either be a 32-bit number (no key and a key of 0 are
+ treated as equivalent) or the word <code>flow</code>. If
+ <code>flow</code> is specified then any key will be accepted
+ and the key will be placed in the <code>tun_id</code> field
+ for matching in the flow table. The ovs-ofctl manual page
+ contains additional information about matching fields in
+ OpenFlow flows. Default is no key.</dd>
+ </dl>
+ <dl>
+ <dt><code>out_key</code></dt>
+ <dd>Optional. The GRE key to be set on outgoing packets. It may
+ either be a 32-bit number or the word <code>flow</code>. If
+ <code>flow</code> is specified then the key may be set using
+ the <code>set_tunnel</code> Nicira OpenFlow vendor extension (0
+ is used in the absense of an action). The ovs-ofctl manual
+ page contains additional information about the Nicira OpenFlow
+ vendor extensions. Default is no key.</dd>
+ </dl>
+ <dl>
+ <dt><code>key</code></dt>
+ <dd>Optional. Shorthand to set <code>in_key</code> and
+ <code>out_key</code> at the same time.</dd>
+ </dl>
+ <dl>
+ <dt><code>tos</code></dt>
+ <dd>Optional. The value of the ToS bits to be set on the
+ encapsulating packet. It may also be the word
+ <code>inherit</code>, in which case the ToS will be copied from
+ the inner packet if it is IPv4 or IPv6 (otherwise it will be
+ 0). Note that the ECN fields are always inherited. Default is
+ 0.</dd>
+ </dl>
+ <dl>
+ <dt><code>ttl</code></dt>
+ <dd>Optional. The TTL to be set on the encapsulating packet.
+ It may also be the word <code>inherit</code>, in which case the
+ TTL will be copied from the inner packet if it is IPv4 or IPv6
+ (otherwise it will be the system default, typically 64).
+ Default is the system default TTL.</dd>
+ </dl>
+ <dl>
+ <dt><code>csum</code></dt>
+ <dd>Optional. Compute GRE checksums for outgoing packets and
+ require checksums for incoming packets. Default is enabled,
+ set to <code>false</code> to disable.</dd>
+ </dl>
+ <dl>
+ <dt><code>pmtud</code></dt>
+ <dd>Optional. Enable tunnel path MTU discovery. If enabled
+ ``ICMP destination unreachable - fragmentation'' needed
+ messages will be generated for IPv4 packets with the DF bit set
+ and IPv6 packets above the minimum MTU if the packet size
+ exceeds the path MTU minus the size of the tunnel headers. It
+ also forces the encapsulating packet DF bit to be set (it is
+ always set if the inner packet implies path MTU discovery).
+ Note that this option causes behavior that is typically
+ reserved for routers and therefore is not entirely in
+ compliance with the IEEE 802.1D specification for bridges.
+ Default is enabled, set to <code>false</code> to disable.</dd>
+ </dl>
+ </dd>
+ <dt><code>patch</code></dt>
+ <dd>A pair of virtual devices that act as a patch cable. A
+ <code>peer</code> argument is required that indicates the name
+ of the other side of the patch. Since a patch must work in
+ pairs, a second patch interface must be declared with the
+ <code>name</code> and <code>peer</code> arguments reversed.</dd>
</dl>
</column>
<group title="Other Features">
<column name="external_ids">
- Key-value pairs that identify this interface's role in external
- systems. The currently defined key-value pairs are:
+ <p>Key-value pairs that identify this interface's role in external
+ systems. All of the currently defined key-value pairs specifically
+ apply to an interface that represents a virtual Ethernet interface
+ connected to a virtual machine. These key-value pairs should not be
+ present for other types of interfaces. Keys whose names end
+ in <code>-uuid</code> have values that uniquely identify the entity
+ in question. For a Citrix XenServer hypervisor, these values are
+ UUIDs in RFC 4122 format. Other hypervisors may use other
+ formats.</p>
+ <p>The currently defined key-value pairs are:</p>
<dl>
- <dt><code>xs-vif-uuid</code></dt>
- <dd>UUID of the Citrix XenServer VIF associated with this
- interface</dd>
- <dt><code>xs-network-uuid</code></dt>
- <dd>UUID of the Citrix XenServer network to which this interface is
- attached</dd>
- <dt><code>xs-vif-vm-uuid</code></dt>
- <dd>UUID of the Citrix XenServer VM to which this interface
- belongs</dd>
- <dt><code>xs-vif-mac</code></dt>
- <dd>The value of the "MAC" field in the Citrix XenServer VIF record
- for this interface.</dd>
+ <dt><code>vif-uuid</code></dt>
+ <dd>The virtual interface associated with this interface.</dd>
+ <dt><code>network-uuid</code></dt>
+ <dd>The virtual network to which this interface is attached.</dd>
+ <dt><code>vm-uuid</code></dt>
+ <dd>The VM to which this interface belongs.</dd>
+ <dt><code>vif-mac</code></dt>
+ <dd>The MAC address programmed into the "virtual hardware" for this
+ interface, in the
+ form <var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>.
+ For Citrix XenServer, this is the value of the <code>MAC</code>
+ field in the VIF record for this interface.</dd>
</dl>
</column>
</group>
</column>
<group title="Selecting Packets for Mirroring">
+ <column name="select_all">
+ If true, every packet arriving or departing on any port is
+ selected for mirroring.
+ </column>
+
<column name="select_dst_port">
Ports on which departing packets are selected for mirroring.
</column>
<column name="select_src_port">
- Ports on which arriving packets are selected for mirroring. If this
- column and <ref column="select_dst_port"/> are both empty, then all
- packets on all ports are selected for mirroring.
+ Ports on which arriving packets are selected for mirroring.
</column>
<column name="select_vlan">