X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=INSTALL.userspace;h=10511b1653912bd1539c9db40c9433f04dd7e7e2;hb=b592e72628c025ee0cc850127b90c96409c395df;hp=241d79cb24afd0ed8bb46a00f6b528fb44d69ac2;hpb=e3e9370bf9ee0fde67b3d94acf119cec5dc3701d;p=openvswitch

diff --git a/INSTALL.userspace b/INSTALL.userspace
index 241d79cb..10511b16 100644
--- a/INSTALL.userspace
+++ b/INSTALL.userspace
@@ -34,28 +34,31 @@ then create /dev/net (if necessary) with "mkdir /dev/net", then create
 Using the Userspace Datapath with ovs-vswitchd
 ----------------------------------------------
 
-To use ovs-vswitchd in userspace mode, give the bridge a name that
-begins with "netdev:" in the configuration file.  For example:
+To use ovs-vswitchd in userspace mode, create a bridge with datapath_type
+"netdev" in the configuration database.  For example:
 
-    bridge.netdev:br0.port=eth0
-    bridge.netdev:br0.port=eth1
-    bridge.netdev:br0.port=eth2
+    ovs-vsctl add-br br0
+    ovs-vsctl set bridge br0 datapath_type=netdev
+    ovs-vsctl add-port br0 eth0
+    ovs-vsctl add-port br0 eth1
+    ovs-vsctl add-port br0 eth2
 
 ovs-vswitchd will create a TAP device as the bridge's local interface,
-named the same as the bridge minus the "netdev:" prefix, as well as
-for each configured internal interface.
+named the same as the bridge, as well as for each configured internal
+interface.
 
-Using the Userspace Datapath with ovs-openflowd
------------------------------------------------
+Firewall Rules
+--------------
 
-To use ovs-openflowd in userspace mode, specify a datapath name that
-begins with "netdev:", and specify --ports with the names of the ports
-that should be included in the datapath as argument.  For example:
+On Linux, when a physical interface is in use by the userspace
+datapath, packets received on the interface still also pass into the
+kernel TCP/IP stack.  This can cause surprising and incorrect
+behavior.  You can use "iptables" to avoid this behavior, by using it
+to drop received packets.  For example, to drop packets received on
+eth0:
 
-    ovs-openflowd netdev:br0 --ports=eth0,eth1,eth2
-
-ovs-openflowd will create a TAP device as the bridge's local
-interface, named the same as the bridge minus the "netdev:" prefix.
+    iptables -A INPUT -i eth0 -j DROP
+    iptables -A FORWARD -i eth0 -j DROP
 
 Bug Reporting
 -------------