1.1.0pre2+build4948
.
+
+ The database schema version number in the form
+ major.minor.tweak
,
+ e.g. 1.2.3
. Whenever the database schema is changed in
+ a non-backward compatible way (e.g. deleting a column or a table),
+ major is incremented. When the database schema is changed
+ in a backward compatible way (e.g. adding a new column),
+ minor is incremented. When the database schema is changed
+ cosmetically (e.g. reindenting its syntax), tweak is
+ incremented.
+
+ The schema version is part of the database schema, so it can also be + retrieved by fetching the schema using the Open vSwitch database + protocol. +
+
An identifier for the type of system on top of which Open vSwitch
@@ -735,9 +755,122 @@
bypass certain components of the IP stack (such as IP tables)
and it may be useful to disable it if these features are
required or as a debugging measure. Default is enabled, set to
- false
to disable. If IPsec is enabled through the
- parameters, header caching will be
- automatically disabled.
+ false
to disable.
+
+
+
ipsec_gre
gre
) must be uniquely identified by the
+ combination of remote_ip
and
+ local_ip
. Note that if two ports are defined
+ that are the same except one has an optional identifier and
+ the other does not, the more specific one is matched first.
+ An authentication method of peer_cert
or
+ psk
must be defined. The following options may
+ be specified in the column:
+ remote_ip
local_ip
peer_cert
certificate
option.certificate
private_key
certificate
. If certificate
+ contains the private key, this option may be omitted.psk
in_key
flow
. If
+ flow
is specified then any key will be accepted
+ and the key will be placed in the tun_id
field
+ for matching in the flow table. The ovs-ofctl manual page
+ contains additional information about matching fields in
+ OpenFlow flows. Default is no key.out_key
flow
. If
+ flow
is specified then the key may be set using
+ the set_tunnel
Nicira OpenFlow vendor extension (0
+ is used in the absence of an action). The ovs-ofctl manual
+ page contains additional information about the Nicira OpenFlow
+ vendor extensions. Default is no key.key
in_key
and
+ out_key
at the same time.tos
inherit
, in which case the ToS will be copied from
+ the inner packet if it is IPv4 or IPv6 (otherwise it will be
+ 0). Note that the ECN fields are always inherited. Default is
+ 0.ttl
inherit
, in which case the
+ TTL will be copied from the inner packet if it is IPv4 or IPv6
+ (otherwise it will be the system default, typically 64).
+ Default is the system default TTL.csum
true
to enable.pmtud
false
to disable.capwap
remote_ip
. This could be an internal interface
+ such as a bridge port.
+ openvswitch-ipsec
package for
- Debian. The currently defined key-value pairs are:
- ipsec_local_ip
gre
and the
- ipsec_psk
key must
- be set. The in_key
, out_key
, and
- key
must not be
- set.ipsec_psk
ipsec_local_ip
key must also be set.