X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=vswitchd%2Fvswitch.xml;h=8151807ae58bd7be7d78ec4111ca308e6393ddea;hb=ded8fe209ff51df31ce6e7b74787584edfe00724;hp=979fd5dfeac555559fb97d1b879ed49e7d950411;hpb=e61070c32030d6d00e2eeae213d219320a7cbd10;p=openvswitch diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml index 979fd5df..8151807a 100644 --- a/vswitchd/vswitch.xml +++ b/vswitchd/vswitch.xml @@ -1,3 +1,4 @@ +

A database with this schema holds the configuration for one Open vSwitch daemon. The root of the configuration for the daemon is @@ -74,21 +75,133 @@

- Key-value pairs that report statistics about a running Open_vSwitch - daemon. The current implementation updates these counters - periodically. In the future, we plan to, instead, update them only - when they are queried (e.g. using an OVSDB select - operation) and perhaps at other times, but not on any regular - periodic basis.

-

- The currently defined key-value pairs are listed below. Some Open - vSwitch implementations may not support some statistics, in which - case those key-value pairs are omitted.

+ Key-value pairs that report statistics about a system running an Open + vSwitch. These are updated periodically (currently, every 5 + seconds). Key-value pairs that cannot be determined or that do not + apply to a platform are omitted. +

+
-
load-average
+
cpu
+
+

+ Number of CPU processors, threads, or cores currently online and + available to the operating system on which Open vSwitch is + running, as an integer. This may be less than the number + installed, if some are not online or if they are not available to + the operating system. +

+

+ Open vSwitch userspace processes are not multithreaded, but the + Linux kernel-based datapath is. +

+
+ +
load_average
+
+

+ A comma-separated list of three floating-point numbers, + representing the system load average over the last 1, 5, and 15 + minutes, respectively. +

+
+ +
memory
+
+

+ A comma-separated list of integers, each of which represents a + quantity of memory in kilobytes that describes the operating + system on which Open vSwitch is running. In respective order, + these values are: +

+ +
    +
  1. Total amount of RAM allocated to the OS.
  2. +
  3. RAM allocated to the OS that is in use.
  4. +
  5. RAM that can be flushed out to disk or otherwise discarded + if that space is needed for another purpose. This number is + necessarily less than or equal to the previous value.
  6. +
  7. Total disk space allocated for swap.
  8. +
  9. Swap space currently in use.
  10. +
+ +

+ On Linux, all five values can be determined and are included. On + other operating systems, only the first two values can be + determined, so the list will only have two values. +

+
+ +
process_name
+
+

+ One such key-value pair will exist for each running Open vSwitch + daemon process, with name replaced by the daemon's + name (e.g. process_ovs-vswitchd). The value is a + comma-separated list of integers. The integers represent the + following, with memory measured in kilobytes and durations in + milliseconds: +

+ +
    +
  1. The process's virtual memory size.
  2. +
  3. The process's resident set size.
  4. +
  5. The amount of user and system CPU time consumed by the + process.
  6. +
  7. The number of times that the process has crashed and been + automatically restarted by the monitor.
  8. +
  9. The duration since the process was started.
  10. +
  11. The duration for which the process has been running.
  12. +
+ +

+ The interpretation of some of these values depends on whether the + process was started with the . If it + was not, then the crash count will always be 0 and the two + durations will always be the same. If + was given, then the crash count may be positive; if it is, the + latter duration is the amount of time since the most recent crash + and restart. +

+ +

+ There will be one key-value pair for each file in Open vSwitch's + ``run directory'' (usually /var/run/openvswitch) + whose name ends in .pid, whose contents are a + process ID, and which is locked by a running process. The + name is taken from the pidfile's name. +

+ +

+ Currently Open vSwitch is only able to obtain all of the above + detail on Linux systems. On other systems, the same key-value + pairs will be present but the values will always be the empty + string. +

+
+ +
file_systems
- System load average multiplied by 100 and rounded to the nearest - integer.
+

+ A space-separated list of information on local, writable file + systems. Each item in the list describes one file system and + consists in turn of a comma-separated list of the following: +

+ +
    +
  1. Mount point, e.g. / or /var/log. + Any spaces or commas in the mount point are replaced by + underscores.
  2. +
  3. Total size, in kilobytes, as an integer.
  4. +
  5. Amount of storage in use, in kilobytes, as an integer.
  6. +
+ +

+ This key-value pair is omitted if there are no local, writable + file systems or if Open vSwitch cannot obtain the needed + information. +

+
@@ -216,7 +329,10 @@
datapath-id
Exactly 16 hex digits to set the OpenFlow datapath ID to a specific - value.
+ value. May not be all-zero. +
disable-in-band
+
If set to true, disable in-band control on + the bridge regardless of controller and manager settings.
hwaddr
An Ethernet address in the form xx:xx:xx:xx:xx:xx @@ -426,7 +542,7 @@

Open vSwitch populates this column when the port number becomes known. If the interface is successfully added, will be set to a number between 1 and 65535 - (generally either in the range 1 to 65280, exclusive, or 65534, the + (generally either in the range 1 to 65279, inclusive, or 65534, the port number for the OpenFlow ``local port''). If the interface cannot be added then Open vSwitch sets this column to -1.

@@ -539,6 +655,19 @@ compliance with the IEEE 802.1D specification for bridges. Default is enabled, set to false to disable.
+
+
header_cache
+
Optional. Enable caching of tunnel headers and the output + path. This can lead to a significant performance increase + without changing behavior. In general it should not be + necessary to adjust this setting. However, the caching can + bypass certain components of the IP stack (such as IP tables) + and it may be useful to disable it if these features are + required or as a debugging measure. Default is enabled, set to + false to disable. If IPsec is enabled through the + parameters, header caching will be + automatically disabled.
+
capwap
Ethernet tunneling over the UDP transport portion of CAPWAP @@ -594,6 +723,17 @@ compliance with the IEEE 802.1D specification for bridges. Default is enabled, set to false to disable.
+
+
header_cache
+
Optional. Enable caching of tunnel headers and the output + path. This can lead to a significant performance increase + without changing behavior. In general it should not be + necessary to adjust this setting. However, the caching can + bypass certain components of the IP stack (such as IP tables) + and it may be useful to disable it if these features are + required or as a debugging measure. Default is enabled, set to + false to disable.
+
patch
@@ -637,24 +777,78 @@ +

+ These settings control ingress policing for packets received on this + interface. On a physical interface, this limits the rate at which + traffic is allowed into the system from the outside; on a virtual + interface (one connected to a virtual machine), this limits the rate at + which the VM is able to transmit. +

+

+ Policing is a simple form of quality-of-service that simply drops + packets received in excess of the configured rate. Due to its + simplicity, policing is usually less accurate and less effective than + egress QoS (which is configured using the and tables). +

+

+ Policing is currently implemented only on Linux. The Linux + implementation uses a simple ``token bucket'' approach: +

+
    +
  • + The size of the bucket corresponds to . Initially the bucket is full. +
  • +
  • + Whenever a packet is received, its size (converted to tokens) is + compared to the number of tokens currently in the bucket. If the + required number of tokens are available, they are removed and the + packet is forwarded. Otherwise, the packet is dropped. +
  • +
  • + Whenever it is not full, the bucket is refilled with tokens at the + rate specified by . +
  • +
+

+ Policing interacts badly with some network protocols, and especially + with fragmented IP packets. Suppose that there is enough network + activity to keep the bucket nearly empty all the time. Then this token + bucket algorithm will forward a single packet every so often, with the + period depending on packet size and on the configured rate. All of the + fragments of an IP packets are normally transmitted back-to-back, as a + group. In such a situation, therefore, only one of these fragments + will be forwarded and the rest will be dropped. IP does not provide + any way for the intended recipient to ask for only the remaining + fragments. In such a case there are two likely possibilities for what + will happen next: either all of the fragments will eventually be + retransmitted (as TCP will do), in which case the same problem will + recur, or the sender will not realize that its packet has been dropped + and data will simply be lost (as some UDP-based protocols will do). + Either way, it is possible that no forward progress will ever occur. +

+ +

+ Maximum rate for data received on this interface, in kbps. Data + received faster than this rate is dropped. Set to 0 + (the default) to disable policing. +

+
+

Maximum burst size for data received on this interface, in kb. The default burst size if set to 0 is 1000 kb. This value has no effect if is 0.

-

The burst size should be at least the size of the interface's - MTU.

-
- - -

Maximum rate for data received on this interface, in kbps. Data - received faster than this rate is dropped. Set to 0 to - disable policing.

-

The meaning of ``ingress'' is from Open vSwitch's perspective. If - configured on a physical interface, then it limits the rate at which - traffic is allowed into the system from the outside. If configured - on a virtual interface that is connected to a virtual machine, then - it limits the rate at which the guest is able to transmit.

+

+ Specifying a larger burst size lets the algorithm be more forgiving, + which is important for protocols like TCP that react severely to + dropped packets. The burst size should be at least the size of the + interface's MTU. Specifying a value that is numerically at least as + large as 10% of helps TCP come + closer to achieving the full rate. +

@@ -699,6 +893,27 @@ + + Key-value pairs for rarely used interface features. Currently, + the only keys are for configuring GRE-over-IPsec, which is only + available through the openvswitch-ipsec package for + Debian. The currently defined key-value pairs are: +
+
ipsec_local_ip
+
Required key for GRE-over-IPsec interfaces. Additionally, + the must be gre and the + ipsec_psk key must + be set. The in_key, out_key, and + key must not be + set.
+
ipsec_psk
+
Required key for GRE-over-IPsec interfaces. Specifies a + pre-shared key for authentication that must be identical on + both sides of the tunnel. Additionally, the + ipsec_local_ip key must also be set.
+
+
+

Key-value pairs that report interface statistics. The current @@ -775,7 +990,12 @@ defined types are listed below:

linux-htb
-
Linux ``hierarchy token bucket'' classifier.
+
+ Linux ``hierarchy token bucket'' classifier. See tc-htb(8) (also at + http://linux.die.net/man/8/tc-htb) and the HTB manual + (http://luxik.cdi.cz/~devik/qos/htb/manual/userg.htm) + for information on how this classifier works and how to configure it. +
@@ -825,7 +1045,8 @@ column="type"/> of min-rate are:

min-rate
-
Minimum guaranteed bandwidth, in bit/s. Required.
+
Minimum guaranteed bandwidth, in bit/s. Required. The + floor value is 1500 bytes/s (12,000 bit/s).

The key-value pairs defined for of linux-htb are:

@@ -1083,34 +1304,34 @@ restricted to the specified local IP address.
-

When multiple controllers are configured for a single bridge, the - values must be unique. Duplicate - values yield unspecified results.

+

When multiple controllers are configured for a single bridge, the + values must be unique. Duplicate + values yield unspecified results.

-

If it is specified, this setting must be one of the following - strings that describes how Open vSwitch contacts this OpenFlow - controller over the network:

- -
-
in-band
-
In this mode, this controller's OpenFlow traffic travels over the - bridge associated with the controller. With this setting, Open - vSwitch allows traffic to and from the controller regardless of the - contents of the OpenFlow flow table. (Otherwise, Open vSwitch - would never be able to connect to the controller, because it did - not have a flow to enable it.) This is the most common connection - mode because it is not necessary to maintain two independent - networks.
-
out-of-band
-
In this mode, OpenFlow traffic uses a control network separate - from the bridge associated with this controller, that is, the - bridge does not use any of its own network devices to communicate - with the controller. The control network must be configured - separately, before or after ovs-vswitchd is started. -
-
+

If it is specified, this setting must be one of the following + strings that describes how Open vSwitch contacts this OpenFlow + controller over the network:

+ +
+
in-band
+
In this mode, this controller's OpenFlow traffic travels over the + bridge associated with the controller. With this setting, Open + vSwitch allows traffic to and from the controller regardless of the + contents of the OpenFlow flow table. (Otherwise, Open vSwitch + would never be able to connect to the controller, because it did + not have a flow to enable it.) This is the most common connection + mode because it is not necessary to maintain two independent + networks.
+
out-of-band
+
In this mode, OpenFlow traffic uses a control network separate + from the bridge associated with this controller, that is, the + bridge does not use any of its own network devices to communicate + with the controller. The control network must be configured + separately, before or after ovs-vswitchd is started. +
+

If not specified, the default is implementation-specific. If is discover, the connection mode @@ -1167,7 +1388,7 @@

These values are considered only when - is discover.

+ is discover.

A POSIX @@ -1189,14 +1410,14 @@

These values are considered only in in-band control mode (see - ) and only when - is not discover. (For controller discovery, the network - configuration obtained via DHCP is used instead.)

+ ) and only when + is not discover. (For controller discovery, the network + configuration obtained via DHCP is used instead.)

When multiple controllers are configured on a single bridge, there - should be only one set of unique values in these columns. If different - values are set for these columns in different controllers, the effect - is unspecified.

+ should be only one set of unique values in these columns. If different + values are set for these columns in different controllers, the effect + is unspecified.

The IP address to configure on the local port,