X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=INSTALL.userspace;h=296f0771c6f4cf3adaa3ab5d5fc35951c5788a61;hb=refs%2Fheads%2Fmanual;hp=c13365a42090fe86f61990b9d9eb41ceffdecbdf;hpb=e5334dadd6de39c4380f1e968801fb0a4f25108c;p=openvswitch diff --git a/INSTALL.userspace b/INSTALL.userspace index c13365a4..296f0771 100644 --- a/INSTALL.userspace +++ b/INSTALL.userspace @@ -17,7 +17,7 @@ Building and Installing ----------------------- The requirements and procedure for building, installing, and -configuring Open vSwitch are the same as those given in INSTALL.Linux. +configuring Open vSwitch are the same as those given in INSTALL. You may omit configuring, building, and installing the kernel module, and the related requirements. @@ -31,6 +31,10 @@ The tun device must also exist as /dev/net/tun. If it does not exist, then create /dev/net (if necessary) with "mkdir /dev/net", then create /dev/net/tun with "mknod /dev/net/tun c 10 200". +On FreeBSD, the userspace switch additionally requires the kernel +tap(4) driver to be available, either built into the kernel or loaded +as a module. + Using the Userspace Datapath with ovs-vswitchd ---------------------------------------------- @@ -47,17 +51,18 @@ ovs-vswitchd will create a TAP device as the bridge's local interface, named the same as the bridge, as well as for each configured internal interface. -Using the Userspace Datapath with ovs-openflowd ------------------------------------------------ - -To use ovs-openflowd in userspace mode, specify a datapath name that -begins with "netdev@", and specify --ports with the names of the ports -that should be included in the datapath as argument. For example: +Firewall Rules +-------------- - ovs-openflowd netdev@br0 --ports=eth0,eth1,eth2 +On Linux, when a physical interface is in use by the userspace +datapath, packets received on the interface still also pass into the +kernel TCP/IP stack. This can cause surprising and incorrect +behavior. You can use "iptables" to avoid this behavior, by using it +to drop received packets. For example, to drop packets received on +eth0: -ovs-openflowd will create a TAP device as the bridge's local -interface, named the same as the bridge minus the "netdev@" prefix. + iptables -A INPUT -i eth0 -j DROP + iptables -A FORWARD -i eth0 -j DROP Bug Reporting -------------