X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=vswitchd%2Fvswitch.xml;h=688f7157221619b8cfbbba2c781e17d4ccbe03d6;hb=615660a99a2c1b1b4e0af258f1e8f8a9ea6cd3d4;hp=585f6787d116d17f904d955e55013dc171d41068;hpb=a9bf011b82b02249344740d139f2f28594fe9e61;p=openvswitch diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml index 585f6787..688f7157 100644 --- a/vswitchd/vswitch.xml +++ b/vswitchd/vswitch.xml @@ -87,14 +87,6 @@ configuration changes. - - Describes functionality supported by the hardware and software platform - on which this Open vSwitch is based. Clients should not modify this - column. See the description for defined - capability categories and the meaning of associated - records. - -

The statistics column contains key-value pairs that @@ -241,8 +233,6 @@ The Open vSwitch version number, e.g. 1.1.0. - If Open vSwitch was configured with a build number, then it is - also included, e.g. 1.1.0+build6579. @@ -388,6 +378,11 @@

+ + Configuration for OpenFlow tables. Each pair maps from an OpenFlow + table ID to configuration for that table. + +

When a controller is configured, it is, ordinarily, responsible for setting up all flows on the switch. Thus, if the connection to @@ -414,7 +409,16 @@ any defined controllers forever.

-

If this value is unset, the default is implementation-specific.

+

+ The default is standalone if the value is unset, but + future versions of Open vSwitch may change the default. +

+

+ The standalone mode can create forwarding loops on a + bridge that has more than one uplink port unless STP is enabled. To + avoid loops on such a bridge, configure secure mode or + enable STP (see ). +

When more than one controller is configured, is considered only when none of the configured controllers can be contacted.

@@ -462,7 +466,7 @@ on bridges. Bond, internal, and mirror ports are not supported and will not participate in the spanning tree. - + The bridge's STP identifier (the lower 48 bits of the bridge-id) in the form @@ -552,6 +556,71 @@ and if Open vSwitch node does not run STP, then this option should be enabled. Default is disabled, set to true to enable. + + The following destination MAC addresss will not be forwarded when this + option is enabled. +
+
01:80:c2:00:00:00
+
IEEE 802.1D Spanning Tree Protocol (STP).
+ +
01:80:c2:00:00:01
+
IEEE Pause frame.
+ +
01:80:c2:00:00:0x
+
Other reserved protocols.
+ +
00:00:5e:00:01:xx
+
VRRP IPv4 virtual router MAC address.
+ +
00:00:5e:00:02:xx
+
VRRP IPv6 virtual router MAC address.
+ +
00:00:0c:07:ac:xx
+
HSRP Version 1.
+ +
00:00:0c:9f:fx:xx +
+
HSRP Version 2.
+ +
00:07:b4:xx:xx:xx
+
GLBP.
+ +
01:00:0c:cc:cc:cc
+
+ Cisco Discovery Protocol (CDP), VLAN Trunking Protocol (VTP), + Dynamic Trunking Protocol (DTP), Port Aggregation Protocol (PAgP), + and others. +
+ +
01:00:0c:cc:cc:cd
+
Cisco Shared Spanning Tree Protocol PVSTP+.
+ +
01:00:0c:cd:cd:cd
+
Cisco STP Uplink Fast.
+ +
01:00:0c:00:00:00
+
Cisco Inter Switch Link.
+
+ + + +

+ The maximum number of seconds to retain a MAC learning entry for + which no packets have been seen. The default is currently 300 + seconds (5 minutes). The value, if specified, is forced into a + reasonable range, currently 15 to 3600 seconds. +

+ +

+ A short MAC aging time allows a network to more quickly detect that a + host is no longer connected to a switch port. However, it also makes + it more likely that packets will be flooded unnecessarily, when they + are addressed to a connected host that rarely transmits packets. To + reduce the incidence of unnecessary flooding, use a MAC aging time + longer than the maximum interval at which a host will ordinarily + transmit packets. +

@@ -757,8 +826,7 @@

The following modes require the upstream switch to support 802.3ad with - successful LACP negotiation. If LACP negotiation fails then - balance-slb style flow hashing is used as a fallback: + successful LACP negotiation:

@@ -790,7 +858,7 @@

The type of bonding used for a bonded port. Defaults to - balance-slb if unset. + active-backup if unset.

@@ -861,8 +929,9 @@ connected to. active ports are allowed to initiate LACP negotiations. passive ports are allowed to participate in LACP negotiations initiated by a remote switch, but not allowed to - initiate such negotiations themselves. Defaults to off - if unset. + initiate such negotiations themselves. If LACP is enabled on a port + whose partner switch does not support LACP, the bond will be + disabled. Defaults to off if unset. @@ -879,34 +948,17 @@ numerically lower priority. - +

The LACP timing which should be used on this . - Possible values are fast, slow and a - positive number of milliseconds. By default slow is - used. When configured to be fast LACP heartbeats are - requested at a rate of once per second causing connectivity - problems to be detected more quickly. In slow mode, - heartbeats are requested at a rate of once every 30 seconds. -

- -

- Users may manually set a heartbeat transmission rate to increase - the fault detection speed further. When manually set, OVS expects - the partner switch to be configured with the same transmission - rate. Manually setting lacp-time to something other - than fast or slow is not supported by the - LACP specification. + By default slow is used. When configured to be + fast LACP heartbeats are requested at a rate of once + per second causing connectivity problems to be detected more + quickly. In slow mode, heartbeats are requested at a + rate of once every 30 seconds.

- - - Treat LACP like a simple heartbeat protocol for link state - monitoring. Most features of the LACP protocol are disabled - when this mode is in use. The default if not specified is - false. - @@ -918,11 +970,13 @@

- For an SLB bonded port, the number of milliseconds between successive - attempts to rebalance the bond, that is, to move source MACs and - their flows from one interface on the bond to another in an attempt - to keep usage of each interface roughly equal. + type='{"type": "integer", "minInteger": 0, "maxInteger": 10000}'> + For a load balanced bonded port, the number of milliseconds between + successive attempts to rebalance the bond, that is, to move flows + from one interface on the bond to another in an attempt to keep usage + of each interface roughly equal. If zero, load balancing is disabled + on the bond (carrier status changes still cause flows to move). If + less than 1000ms, the rebalance interval will be 1000ms. @@ -1142,7 +1196,7 @@
ipsec_gre
An Ethernet over RFC 2890 Generic Routing Encapsulation over IPv4 - IPsec tunnel. + IPsec tunnel.
capwap
@@ -1258,7 +1312,8 @@ Optional. The value of the ToS bits to be set on the encapsulating - packet. It may also be the word inherit, in which case + packet. ToS is interpreted as DSCP and ECN bits, ECN part must be + zero. It may also be the word inherit, in which case the ToS will be copied from the inner packet if it is IPv4 or IPv6 (otherwise it will be 0). The ECN fields are always inherited. Default is 0. @@ -1270,7 +1325,7 @@ from the inner packet if it is IPv4 or IPv6 (otherwise it will be the system default, typically 64). Default is the system default TTL. - + Optional. If enabled, the Don't Fragment bit will be copied from the inner IP headers (those of the encapsulated traffic) to the outer @@ -1536,7 +1591,7 @@ Total number of receive errors, greater than or equal to the sum of the above. - + Number of packets dropped by TX. @@ -1672,6 +1727,69 @@

+ + Indicates a CFM fault was triggered due to a lack of CCMs received on + the . + + + + Indicates a CFM fault was triggered due to the reception of a CCM with + the RDI bit flagged. Endpoints set the RDI bit in their CCMs when they + are not receiving CCMs themselves. This typically indicates a + unidirectional connectivity failure. + + + + Indicates a CFM fault was triggered due to the reception of a CCM with + a MAID other than the one Open vSwitch uses. CFM broadcasts are tagged + with an identification number in addition to the MPID called the MAID. + Open vSwitch only supports receiving CCM broadcasts tagged with the + MAID it uses internally. + + + + Indicates a CFM fault was triggered due to the reception of a CCM + advertising the same MPID configured in the + column of this . This may indicate a loop in + the network. + + + + Indicates a CFM fault was triggered because the CFM module received + CCMs from more remote endpoints than it can keep track of. + + + + Indicates a CFM fault was manually triggered by an administrator using + an ovs-appctl command. + + + + Indicates a CFM fault was triggered due to the reception of a CCM + frame having an invalid interval. + + + +

+ Indicates the health of the interface as a percentage of CCM frames + received over 21 s. + The health of an interface is undefined if it is communicating with + more than one . It reduces if + healthy heartbeats are not received at the expected rate, and + gradually improves as healthy heartbeats are received at the desired + rate. Every 21 s, the + health of the interface is refreshed. +

+

+ As mentioned above, the faults can be triggered for several reasons. + The link health will deteriorate even if heartbeats are received but + they are reported to be unhealthy. An unhealthy heartbeat in this + context is a heartbeat for which either some fault is set or is out + of sequence. The interface health can be 100 only on receiving + healthy heartbeats at the desired rate. +

+ + When CFM is properly configured, Open vSwitch will occasionally receive CCM broadcasts. These broadcasts contain the MPID of the @@ -1682,9 +1800,21 @@ - The interval, in milliseconds, between transmissions of CFM heartbeats. - Three missed heartbeat receptions indicate a connectivity fault. - Defaults to 1000. +

+ The interval, in milliseconds, between transmissions of CFM + heartbeats. Three missed heartbeat receptions indicate a + connectivity fault. +

+ +

+ In standard operation only intervals of 3, 10, 100, 1,000, 10,000, + 60,000, or 600,000 ms are supported. Other values will be rounded + down to the nearest value on the list. Extended mode (see ) supports any interval up + to 65,535 ms. In either mode, the default is 1000 ms. +

+ +

We do not recommend using intervals less than 100 ms.

 When set, the CFM module will apply a VLAN tag to all CCMs it generates - with the given value. + with the given value. May be the string random in which + case each CCM will be tagged with a different randomly generated VLAN. + + + + When set, the CFM module will apply a VLAN tag to all CCMs it generates + with the given PCP value. The VLAN ID of the tag is governed by the + value of . If + is unset, a VLAN ID of + zero is used. @@ -1774,6 +1914,32 @@ commonly be the same as . + +

+ Hypervisors may sometimes have more than one interface associated + with a given , only one of + which is actually in use at a given time. For example, in some + circumstances XenServer has both a ``tap'' and a ``vif'' interface + for a single , but only + uses one of them at a time. A hypervisor that behaves this way must + mark the currently in use interface active and the + others inactive. A hypervisor that never has more than + one interface for a given + may mark that interface active or omit entirely. +

+ +

+ During VM migration, a given might transiently be marked active on + two different hypervisors. That is, active means that + this is the active + instance within a single hypervisor, not in a broader scope. +

+ + The virtual interface associated with this interface. @@ -1782,6 +1948,11 @@ The virtual network to which this interface is attached. + + The VM to which this interface belongs. On XenServer, this will be the + same as . + + The VM to which this interface belongs. @@ -1856,6 +2027,12 @@ VLAN splinters increase kernel and userspace memory overhead, so do not use them unless they are needed.

+ +

+ VLAN splinters do not support 802.1p priority tags. Received + priorities will appear to be 0, regardless of their actual values, + and priorities on transmitted packets will also be cleared to 0. +

@@ -1868,15 +2045,106 @@ + +

Configuration for a particular OpenFlow table.

+ + + The table's name. Set this column to change the name that controllers + will receive when they request table statistics, e.g. ovs-ofctl + dump-tables. The name does not affect switch behavior. + + + + If set, limits the number of flows that may be added to the table. Open + vSwitch may limit the number of flows in a table for other reasons, + e.g. due to hardware limitations or for resource availability or + performance reasons. + + + +

+ Controls the switch's behavior when an OpenFlow flow table modification + request would add flows in excess of . The + supported values are: +

+ +
+
refuse
+
+ Refuse to add the flow or flows. This is also the default policy + when is unset. +
+ +
evict
+
+ Delete the flow that will expire soonest. See + for details. +
+
+ + + +

+ When is evict, this + controls how flows are chosen for eviction when the flow table would + otherwise exceed flows. Its value is a set + of NXM fields or sub-fields, each of which takes one of the forms + field[] or + field[start..end], + e.g. NXM_OF_IN_PORT[]. Please see + nicira-ext.h for a complete list of NXM field names. +

+ +

+ When a flow must be evicted due to overflow, the flow to evict is + chosen through an approximation of the following algorithm: +

+ +
    +
  1. + Divide the flows in the table into groups based on the values of the + specified fields or subfields, so that all of the flows in a given + group have the same values for those fields. If a flow does not + specify a given field, that field's value is treated as 0. +
    2. + +
  2. + Consider the flows in the largest group, that is, the group that + contains the greatest number of flows. If two or more groups all + have the same largest number of flows, consider the flows in all of + those groups. +
    3. + +
  3. + Among the flows under consideration, choose the flow that expires + soonest for eviction. +
    4. +
+ +

+ The eviction process only considers flows that have an idle timeout or + a hard timeout. That is, eviction never deletes permanent flows. + (Permanent flows do count against . +

+ +

+ Open vSwitch ignores any invalid or unknown field specifications. +

+ +

+ When is not evict, this + column has no effect. +

+ +
+

Quality of Service (QoS) configuration for each Port that references it.

-

The type of QoS to implement. The column in the table - identifies the types that a switch actually supports. The currently - defined types are listed below:

+

The type of QoS to implement. The currently defined types are + listed below:

linux-htb
@@ -1901,8 +2169,19 @@ supported range of queue numbers depend on . The queue numbers are the same as the queue_id used in OpenFlow in struct ofp_action_enqueue and other - structures. Queue 0 is used by OpenFlow output actions that do not - specify a specific queue.

+ structures.

+ +

+ Queue 0 is the ``default queue.'' It is used by OpenFlow output + actions when no specific queue has been set. When no configuration for + queue 0 is present, it is automatically configured as if a record with empty + and columns had been + specified. + (Before version 1.6, Open vSwitch would leave queue 0 unconfigured in + this case. With some queuing disciplines, this dropped all packets + destined for the default queue.) +

@@ -1910,7 +2189,7 @@ The linux-htb and linux-hfsc classes support the following key-value pair:

- + Maximum rate shared by all queued traffic, in bit/s. Optional. If not specified, for physical interfaces, the default is the link rate. For @@ -1942,26 +2221,13 @@ unchanged. - -

- These key-value pairs are defined for of min-rate. -

- - - Minimum guaranteed bandwidth, in bit/s. Required. The floor value is - 1500 bytes/s (12,000 bit/s). - - -

linux-htb may use queue_ids less than 61440. It has the following key-value pairs defined.

- + Minimum guaranteed bandwidth, in bit/s. @@ -1998,12 +2264,12 @@ linux-hfsc may use queue_ids less than 61440. It has the following key-value pairs defined.

- + Minimum guaranteed bandwidth, in bit/s. - + Maximum allowed bandwidth, in bit/s. Optional. If specified, the @@ -2089,36 +2355,12 @@ sent out an implicit VLAN port, the frame will not be tagged. This type of mirroring is sometimes called RSPAN.

- The following destination MAC addresses will not be mirrored to a - VLAN to avoid confusing switches that interpret the protocols that - they represent: + See the documentation for + in the + table for a list of destination MAC + addresses which will not be mirrored to a VLAN to avoid confusing + switches that interpret the protocols that they represent.

-
-
01:80:c2:00:00:00
-
IEEE 802.1D Spanning Tree Protocol (STP).
- -
01:80:c2:00:00:01
-
IEEE Pause frame.
- -
01:80:c2:00:00:0x
-
Other reserved protocols.
- -
01:00:0c:cc:cc:cc
-
- Cisco Discovery Protocol (CDP), VLAN Trunking Protocol (VTP), - Dynamic Trunking Protocol (DTP), Port Aggregation Protocol (PAgP), - and others. -
- -
01:00:0c:cc:cc:cd
-
Cisco Shared Spanning Tree Protocol PVSTP+.
- -
01:00:0c:cd:cd:cd
-
Cisco STP Uplink Fast.
- -
01:00:0c:00:00:00
-
Cisco Inter Switch Link.
-

Please note: Mirroring to a VLAN can disrupt a network that contains unmanaged switches. Consider an unmanaged physical switch with two ports: port 1, connected to an end host, and port 2, @@ -2336,25 +2578,50 @@ - + +

+ OpenFlow switches send certain messages to controllers spontanenously, + that is, not in response to any request from the controller. These + messages are called ``asynchronous messages.'' These columns allow + asynchronous messages to be limited or disabled to ensure the best use + of network resources. +

+ + + The OpenFlow protocol enables asynchronous messages at time of + connection establishment, which means that a controller can receive + asynchronous messages, potentially many of them, even if it turns them + off immediately after connecting. Set this column to + false to change Open vSwitch behavior to disable, by + default, all asynchronous messages. The controller can use the + NXT_SET_ASYNC_CONFIG Nicira extension to OpenFlow to turn + on any messages that it does want to receive, if any. + + -

The maximum rate at which packets in unknown flows will be - forwarded to the OpenFlow controller, in packets per second. This - feature prevents a single bridge from overwhelming the controller. - If not specified, the default is implementation-specific.

-

In addition, when a high rate triggers rate-limiting, Open - vSwitch queues controller packets for each port and transmits - them to the controller at the configured rate. The number of - queued packets is limited by - the value. The packet - queue is shared fairly among the ports on a bridge.

Open - vSwitch maintains two such packet rate-limiters per bridge. - One of these applies to packets sent up to the controller - because they do not correspond to any flow. The other applies - to packets sent up to the controller by request through flow - actions. When both rate-limiters are filled with packets, the - actual rate that packets are sent to the controller is up to - twice the specified rate.

+

+ The maximum rate at which the switch will forward packets to the + OpenFlow controller, in packets per second. This feature prevents a + single bridge from overwhelming the controller. If not specified, + the default is implementation-specific. +

+ +

+ In addition, when a high rate triggers rate-limiting, Open vSwitch + queues controller packets for each port and transmits them to the + controller at the configured rate. The value limits the number of queued + packets. Ports on a bridge share the packet queue fairly. +

+ +

+ Open vSwitch maintains two such packet rate-limiters per bridge: one + for packets sent up to the controller because they do not correspond + to any flow, and the other for packets sent up to the controller by + request through flow actions. When both rate-limiters are filled with + packets, the actual rate that packets are sent to the controller is + up to twice the specified rate. +

@@ -2454,14 +2721,14 @@ human consumption.

- + The amount of time since this controller last successfully connected to the switch (in seconds). Value is empty if controller has never successfully connected. - + The amount of time since this controller last disconnected from @@ -2470,11 +2737,33 @@ + +

+ Additional configuration for a connection between the controller + and the Open vSwitch. +

+ + + The Differentiated Service Code Point (DSCP) is specified using 6 bits + in the Type of Service (TOS) field in the IP header. DSCP provides a + mechanism to classify the network traffic and provide Quality of + Service (QoS) on IP networks. + + The DSCP value specified here is used when establishing the connection + between the controller and the Open vSwitch. If no value is specified, + a default value of 48 is chosen. Valid DSCP values must be in the + range 0 to 63. + + + + The overall purpose of these columns is described under Common Columns at the beginning of this document. +
@@ -2694,11 +2983,32 @@ + +

+ Additional configuration for a connection between the manager + and the Open vSwitch Database. +

+ + + The Differentiated Service Code Point (DSCP) is specified using 6 bits + in the Type of Service (TOS) field in the IP header. DSCP provides a + mechanism to classify the network traffic and provide Quality of + Service (QoS) on IP networks. + + The DSCP value specified here is used when establishing the connection + between the manager and the Open vSwitch. If no value is specified, a + default value of 48 is chosen. Valid DSCP values must be in the range + 0 to 63. + + + The overall purpose of these columns is described under Common Columns at the beginning of this document. + @@ -2832,46 +3142,4 @@ - -

Records in this table describe functionality supported by the hardware - and software platform on which this Open vSwitch is based. Clients - should not modify this table.

- -

A record in this table is meaningful only if it is referenced by the - column in the - table. The key used to reference it, called - the record's ``category,'' determines the meanings of the - column. The following general forms of - categories are currently defined:

- -
-
qos-type
-
type is supported as the value for - in the table. -
-
- - -

Key-value pairs that describe capabilities. The meaning of the pairs - depends on the category key that the column in the table - uses to reference this record, as described above.

- -

The presence of a record for category qos-type - indicates that the switch supports type as the value of - the column in the - table. The following key-value pairs are defined to further describe - QoS capabilities:

- -
-
n-queues
-
Number of supported queues, as a positive integer. Keys in the - column for - records whose value - equals type must range between 0 and this value minus one, - inclusive.
-
- -
-