X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=utilities%2Fovs-controller.8.in;h=f4a38882160772c0cac93984e65be5c30c9d055f;hb=d35a4ea82fb76398025d833d30d11d0d68050e56;hp=040f633038ec61342666db68f9ac74700c090af4;hpb=58fda1dab104041fc693032475ec4662c1a52849;p=openvswitch diff --git a/utilities/ovs-controller.8.in b/utilities/ovs-controller.8.in index 040f6330..f4a38882 100644 --- a/utilities/ovs-controller.8.in +++ b/utilities/ovs-controller.8.in @@ -15,74 +15,12 @@ protocol, causing them to function as L2 MAC-learning switches or hub. \fBovs\-controller\fR controls one or more OpenFlow switches, specified as one or more of the following OpenFlow connection methods: -.TP -\fBpssl:\fR[\fIport\fR][\fB:\fIip\fR] -Listens for SSL connections from remote OpenFlow switches on -\fIport\fR (default: 6633). The \fB--private-key\fR, -\fB--certificate\fR, and \fB--ca-cert\fR options are mandatory when -this form is used. -By default, \fB\*(PN\fR listens for connections to any local IP -address, but \fIip\fR may be specified to listen only for connections -to the given \fIip\fR. - -.TP -\fBptcp:\fR[\fIport\fR][\fB:\fIip\fR] -Listens for TCP connections from remote OpenFlow switches on -\fIport\fR (default: 6633). -By default, \fB\*(PN\fR listens for connections to any local IP -address, but \fIip\fR may be specified to listen only for connections -to the given \fIip\fR. - -.TP -\fBpunix:\fIfile\fR -Listens for connections from OpenFlow switches on the Unix domain -server socket named \fIfile\fR. - -.IP "\fBssl:\fIip\fR[\fB:\fIport\fR]" -The specified SSL \fIport\fR (default: 6633) on the host at the given -\fIip\fR, which must be expressed as an IP address (not a DNS name). -The \fB--private-key\fR, \fB--certificate\fR, and \fB--ca-cert\fR -options are mandatory when this form is used. - -.IP "\fBtcp:\fIip\fR[\fB:\fIport\fR]" -The specified TCP \fIport\fR (default: 6633) on the host at the given -\fIip\fR, which must be expressed as an IP address (not a DNS name). - -.TP -\fBunix:\fIfile\fR -The Unix domain server socket named \fIfile\fR. +.RS +.so lib/vconn-passive.man +.so lib/vconn-active.man +.RE .SH OPTIONS -.TP -\fB-p\fR, \fB--private-key=\fIprivkey.pem\fR -Specifies a PEM file containing the private key used as the switch's -identity for SSL connections to the controller. - -.TP -\fB-c\fR, \fB--certificate=\fIcert.pem\fR -Specifies a PEM file containing a certificate, signed by the -controller's certificate authority (CA), that certifies the switch's -private key to identify a trustworthy switch. - -.TP -\fB-C\fR, \fB--ca-cert=\fIswitch-cacert.pem\fR -Specifies a PEM file containing the CA certificate used to verify that -the switch is connected to a trustworthy controller. - -.TP -\fB--peer-ca-cert=\fIcontroller-cacert.pem\fR -Specifies a PEM file that contains one or more additional certificates -to send to switches. \fIcontroller-cacert.pem\fR should be the CA -certificate used to sign the controller's own certificate (the -certificate specified on \fB-c\fR or \fB--certificate\fR). - -This option is not useful in normal operation, because the switch must -already have the controller CA certificate for it to have any -confidence in the controller's identity. However, this option allows -a newly installed switch to obtain the controller CA certificate on -first boot using, e.g., the \fB--bootstrap-ca-cert\fR option to -\fBovs\-openflowd\fR(8). - .IP "\fB-n\fR, \fB--noflow\fR" By default, \fBovs\-controller\fR sets up a flow in each OpenFlow switch whenever it receives a packet whose destination is known due through @@ -143,6 +81,8 @@ to it by switches. This option is only for debugging the Open vSwitch implementation of ``fail open'' mode. It must not be used in production. +.so lib/ssl.man +.so lib/ssl-peer-ca-cert.man .so lib/daemon.man .so lib/vlog.man .so lib/common.man