X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=vswitchd%2Fvswitch.xml;h=293634b6ef5541b4296625a5f1957ffea5813293;hb=6f83469de7edcbeb66449b8488d24a6cfbfb0898;hp=2edb35e0d45df0034ef05596af2f86199910cacd;hpb=a339aa8162f4ac29784bc4e35612137f9cb1a025;p=openvswitch
diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index 2edb35e0..293634b6 100644
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -28,12 +28,6 @@
choose key names that are likely to be unique. The currently
defined common key-value pairs are:
- system-type
- - An identifier for the switch type, such as
-
XenServer
or KVM
.
- system-version
- - The version of the switch software, such as
-
5.6.0
on XenServer.
system-id
- A unique identifier for the Open vSwitch's physical host.
The form of the identifier depends on the type of the host.
@@ -201,6 +195,65 @@
+
+
+ These columns report the types and versions of the hardware and
+ software running Open vSwitch. We recommend in general that software
+ should test whether specific features are supported instead of relying
+ on version number checks. These values are primarily intended for
+ reporting to human administrators.
+
+
+
+ The Open vSwitch version number, e.g. 1.1.0pre2
.
+ If Open vSwitch was configured with a build number, then it is
+ also included, e.g. 1.1.0pre2+build4948
.
+
+
+
+
+ The database schema version number in the form
+ major.minor.tweak
,
+ e.g. 1.2.3
. Whenever the database schema is changed in
+ a non-backward compatible way (e.g. deleting a column or a table),
+ major is incremented. When the database schema is changed
+ in a backward compatible way (e.g. adding a new column),
+ minor is incremented. When the database schema is changed
+ cosmetically (e.g. reindenting its syntax), tweak is
+ incremented.
+
+
+
+ The schema version is part of the database schema, so it can also be
+ retrieved by fetching the schema using the Open vSwitch database
+ protocol.
+
+
+
+
+
+ An identifier for the type of system on top of which Open vSwitch
+ runs, e.g. XenServer
or KVM
.
+
+
+ System integrators are responsible for choosing and setting an
+ appropriate value for this column.
+
+
+
+
+
+ The version of the system identified by ,
+ e.g. 5.5.0-24648p
on XenServer 5.5.0 build 24648.
+
+
+ System integrators are responsible for choosing and setting an
+ appropriate value for this column.
+
+
+
+
+
These columns primarily configure the Open vSwitch database
@@ -314,7 +367,7 @@
If this value is unset, the default is implementation-specific.
- When more than one controller is configured,
+
When more than one controller is configured,
is considered only when none of the
configured controllers can be contacted.
@@ -343,7 +396,7 @@
defined key-value pairs are:
bridge-id
- - A unique identifier of the bridge. On Citrix XenServer this
+
- A unique identifier of the bridge. On Citrix XenServer this
will commonly be the same as
xs-network-uuids
.
xs-network-uuids
- Semicolon-delimited set of universally unique identifier(s) for
@@ -362,13 +415,21 @@
digits to set the OpenFlow datapath ID to a specific
value. May not be all-zero.
disable-in-band
- - If set to
true
, disable in-band control on
+ - If set to
true
, disable in-band control on
the bridge regardless of controller and manager settings.
hwaddr
- An Ethernet address in the form
xx:xx:xx:xx:xx:xx
to set the hardware address of the local port and influence the
datapath ID.
+ in-band-queue
+ -
+ A queue ID as a nonnegative integer. This sets the OpenFlow queue
+ ID that will be used by flows set up by in-band control on this
+ bridge. If unset, or if the port used by an in-band control flow
+ does not have QoS configured, or if the port does not have a queue
+ with the specified ID, the default queue is used instead.
+
@@ -449,11 +510,10 @@
A port that has more than one interface is a ``bonded port.''
Bonding allows for load balancing and fail-over. Open vSwitch
supports ``source load balancing'' (SLB) bonding, which
- assigns flows to slaves based on source MAC address, with
- periodic rebalancing as traffic patterns change. This form of
- bonding does not require 802.3ad or other special support from
- the upstream switch to which the slave devices are
- connected.
+ assigns flows to slaves based on source MAC address and output VLAN,
+ with periodic rebalancing as traffic patterns change. This form of
+ bonding does not require 802.3ad or other special support from the
+ upstream switch to which the slave devices are connected.
These columns apply only to bonded ports. Their values are
otherwise ignored.
@@ -484,7 +544,7 @@
Quality of Service configuration for this port.
-
+
The MAC address to use for this port for the purpose of choosing the
bridge's MAC address. This column does not necessarily reflect the
@@ -607,7 +667,7 @@
the same except one has an optional identifier and the other does
not, the more specific one is matched first. in_key
is considered more specific than local_ip
if a port
- defines one and another port defines the other. The following
+ defines one and another port defines the other. The following
options may be specified in the column:
remote_ip
@@ -695,9 +755,122 @@
bypass certain components of the IP stack (such as IP tables)
and it may be useful to disable it if these features are
required or as a debugging measure. Default is enabled, set to
- false
to disable. If IPsec is enabled through the
- parameters, header caching will be
- automatically disabled.
+ false
to disable.
+
+
+ ipsec_gre
+ An Ethernet over RFC 2890 Generic Routing Encapsulation
+ over IPv4 IPsec tunnel. Each tunnel (including those of type
+ gre
) must be uniquely identified by the
+ combination of remote_ip
and
+ local_ip
. Note that if two ports are defined
+ that are the same except one has an optional identifier and
+ the other does not, the more specific one is matched first.
+ An authentication method of peer_cert
or
+ psk
must be defined. The following options may
+ be specified in the column:
+
+ remote_ip
+ - Required. The tunnel endpoint.
+
+
+ local_ip
+ - Optional. The destination IP that received packets must
+ match. Default is to match all addresses.
+
+
+ peer_cert
+ - Required for certificate authentication. A string
+ containing the peer's certificate in PEM format.
+ Additionally the host's certificate must be specified
+ with the
certificate
option.
+
+
+ certificate
+ - Required for certificate authentication. The name of a
+ PEM file containing a certificate that will be presented
+ to the peer during authentication.
+
+
+ private_key
+ - Optional for certificate authentication. The name of
+ a PEM file containing the private key associated with
+
certificate
. If certificate
+ contains the private key, this option may be omitted.
+
+
+ psk
+ - Required for pre-shared key authentication. Specifies a
+ pre-shared key for authentication that must be identical on
+ both sides of the tunnel.
+
+
+ in_key
+ - Optional. The GRE key that received packets must contain.
+ It may either be a 32-bit number (no key and a key of 0 are
+ treated as equivalent) or the word
flow
. If
+ flow
is specified then any key will be accepted
+ and the key will be placed in the tun_id
field
+ for matching in the flow table. The ovs-ofctl manual page
+ contains additional information about matching fields in
+ OpenFlow flows. Default is no key.
+
+
+ out_key
+ - Optional. The GRE key to be set on outgoing packets. It may
+ either be a 32-bit number or the word
flow
. If
+ flow
is specified then the key may be set using
+ the set_tunnel
Nicira OpenFlow vendor extension (0
+ is used in the absence of an action). The ovs-ofctl manual
+ page contains additional information about the Nicira OpenFlow
+ vendor extensions. Default is no key.
+
+
+ key
+ - Optional. Shorthand to set
in_key
and
+ out_key
at the same time.
+
+
+ tos
+ - Optional. The value of the ToS bits to be set on the
+ encapsulating packet. It may also be the word
+
inherit
, in which case the ToS will be copied from
+ the inner packet if it is IPv4 or IPv6 (otherwise it will be
+ 0). Note that the ECN fields are always inherited. Default is
+ 0.
+
+
+ ttl
+ - Optional. The TTL to be set on the encapsulating packet.
+ It may also be the word
inherit
, in which case the
+ TTL will be copied from the inner packet if it is IPv4 or IPv6
+ (otherwise it will be the system default, typically 64).
+ Default is the system default TTL.
+
+
+ csum
+ - Optional. Compute GRE checksums on outgoing packets.
+ Checksums present on incoming packets will be validated
+ regardless of this setting. Note that GRE checksums
+ impose a significant performance penalty as they cover the
+ entire packet. As the contents of the packet is typically
+ covered by L3 and L4 checksums, this additional checksum only
+ adds value for the GRE and encapsulated Ethernet headers.
+ Default is disabled, set to
true
to enable.
+
+
+ pmtud
+ - Optional. Enable tunnel path MTU discovery. If enabled
+ ``ICMP destination unreachable - fragmentation'' needed
+ messages will be generated for IPv4 packets with the DF bit set
+ and IPv6 packets above the minimum MTU if the packet size
+ exceeds the path MTU minus the size of the tunnel headers. It
+ also forces the encapsulating packet DF bit to be set (it is
+ always set if the inner packet implies path MTU discovery).
+ Note that this option causes behavior that is typically
+ reserved for routers and therefore is not entirely in
+ compliance with the IEEE 802.1D specification for bridges.
+ Default is enabled, set to
false
to disable.
capwap
@@ -884,6 +1057,11 @@
+
+
+ Connectivity monitor configuration for this interface.
+
+
Key-value pairs for use by external frameworks that integrate
with Open vSwitch, rather than by Open vSwitch itself. System
@@ -900,7 +1078,7 @@
For Citrix XenServer, this is the value of the MAC
field in the VIF record for this interface.
iface-id
- A system-unique identifier for the interface. On XenServer,
+ A system-unique identifier for the interface. On XenServer,
this will commonly be the same as xs-vif-uuid
.
@@ -924,25 +1102,17 @@
+
+ Egress interface for tunnels. Currently only relevant for GRE and
+ CAPWAP tunnels. On Linux systems, this column will show the name of
+ the interface which is responsible for routing traffic destined for the
+ configured remote_ip
. This could be an internal interface
+ such as a bridge port.
+
+
Key-value pairs for rarely used interface features. Currently,
- the only keys are for configuring GRE-over-IPsec, which is only
- available through the openvswitch-ipsec
package for
- Debian. The currently defined key-value pairs are:
-
- ipsec_local_ip
- - Required key for GRE-over-IPsec interfaces. Additionally,
- the
must be gre
and the
- ipsec_psk
key must
- be set. The in_key
, out_key
, and
- key
must not be
- set.
- ipsec_psk
- - Required key for GRE-over-IPsec interfaces. Specifies a
- pre-shared key for authentication that must be identical on
- both sides of the tunnel. Additionally, the
-
ipsec_local_ip
key must also be set.
-
+ there are none defined.
@@ -1132,6 +1302,98 @@
+
+
+ A attaches to an to
+ implement 802.1ag Connectivity Fault Management (CFM). CFM allows a
+ group of Maintenance Points (MPs) called a Maintenance Association (MA)
+ to detect connectivity problems with each other. MPs within a MA should
+ have complete and exclusive interconnectivity. This is verified by
+ occasionally broadcasting Continuity Check Messages (CCMs) at a
+ configurable transmission interval. A is
+ responsible for collecting data about other MPs in its MA and
+ broadcasting CCMs.
+
+
+
+
+ A Maintenance Point ID (MPID) uniquely identifies each endpoint within
+ a Maintenance Association (see ). The MPID is
+ used to identify this to other endpoints in the
+ MA.
+
+
+
+ A set of which this
+ should have connectivity to. If this
+ does not have connectivity to any MPs in this
+ set, or has connectivity to any MPs not in this set, a fault is
+ signaled.
+
+
+
+ A Maintenance Association (MA) name pairs with a Maintenance Domain
+ (MD) name to uniquely identify a MA. A MA is a group of endpoints who
+ have complete and exclusive interconnectivity. Defaults to
+ ovs
if unset.
+
+
+
+ A Maintenance Domain name pairs with a Maintenance Association name to
+ uniquely identify a MA. Defaults to ovs
if unset.
+
+
+
+ The transmission interval of CCMs in milliseconds. Three missed CCMs
+ indicate a connectivity fault. Defaults to 1000ms.
+
+
+
+
+
+ A set of MPIDs representing MPs to which this
+ has detected connectivity that are not in the
+ set. This should not
+ have connectivity to any MPs not listed in .
+ Thus, if this set is non-empty a fault is indicated.
+
+
+
+ A set of MAIDs representing foreign Maintenance Associations (MAs)
+ which this has detected connectivity to. A
+ should not have connectivity to a Maintenance
+ Association other than its own. Thus, if this set is non-empty a fault
+ is indicated.
+
+
+
+ Indicates a Connectivity Fault caused by a configuration error, a down
+ remote MP, or unexpected connectivity to a remote MAID or remote MP.
+
+
+
+
+
+
+ A represents a MP which a
+ has or should have connectivity to.
+
+
+
+
+ A Maintenance Point ID (MPID) uniquely identifies each endpoint within
+ a Maintenance Association. All MPs within a MA should have a unique
+ MPID.
+
+
+
+
+
+ Indicates a connectivity fault.
+
+
+
+
A port mirror within a .
A port mirror configures a bridge to send selected frames to special
@@ -1229,7 +1491,7 @@
Open vSwitch supports two kinds of OpenFlow controllers:
-
+
- Primary controllers
-
@@ -1585,7 +1847,7 @@
that describes how Open vSwitch contacts this OVSDB client over the
network:
-
+
in-band
-