if (ctl) {
const char *fail_mode;
+ int max_backoff, probe;
if (!strcmp(ctl, "discover")) {
ofproto_set_discovery(br->ofproto, true,
ofproto_set_failure(br->ofproto,
fail_mode && (!strcmp(fail_mode, "standalone") ||
!strcmp(fail_mode, "open")));
+
+ probe = cfg_get_int(0, "%s.inactivity-probe", pfx);
ofproto_set_probe_interval(br->ofproto,
- cfg_get_int(0, "%s.inactivity-probe", pfx));
+ probe ? probe : cfg_get_int(0, "mgmt.inactivity-probe"));
+
+ max_backoff = cfg_get_int(0, "%s.max-backoff", pfx);
ofproto_set_max_backoff(br->ofproto,
- cfg_get_int(0, "%s.max-backoff", pfx));
+ max_backoff ? max_backoff : cfg_get_int(0, "mgmt.max-backoff"));
+
ofproto_set_stp(br->ofproto, cfg_get_bool(0, "%s.stp", pfx));
if (cfg_has("%s.commands.acl", pfx)) {
*
*/
+#include <config.h>
+
#include <arpa/inet.h>
#include <assert.h>
#include <errno.h>
+#include <stdlib.h>
#include "bridge.h"
#include "cfg.h"
#include "rconn.h"
#include "svec.h"
#include "vconn.h"
+#include "vconn-ssl.h"
#include "vswitchd.h"
#include "xtoxll.h"
#include "vlog.h"
#define MAX_BACKOFF_DEFAULT 15
-#define PROBE_INTERVAL_DEFAULT 15
+#define INACTIVITY_PROBE_DEFAULT 15
static struct svec mgmt_cfg;
static uint8_t cfg_cookie[CFG_COOKIE_LEN];
static char *certificate_file;
static char *cacert_file;
- if (config_string_change("ssl.private-key", &private_key_file)) {
+ if (config_string_change("mgmt.ssl.private-key", &private_key_file)) {
vconn_ssl_set_private_key_file(private_key_file);
}
- if (config_string_change("ssl.certificate", &certificate_file)) {
+ if (config_string_change("mgmt.ssl.certificate", &certificate_file)) {
vconn_ssl_set_certificate_file(certificate_file);
}
- if (config_string_change("ssl.ca-cert", &cacert_file)) {
+ if (config_string_change("mgmt.ssl.ca-cert", &cacert_file)) {
vconn_ssl_set_ca_cert_file(cacert_file,
- cfg_get_bool(0, "ssl.bootstrap-ca-cert"));
+ cfg_get_bool(0, "mgmt.ssl.bootstrap-ca-cert"));
}
}
#endif
bool cfg_updated = false;
const char *controller_name;
int max_backoff;
- int probe_interval;
+ int inactivity_probe;
int retval;
if (!cfg_has_section("mgmt")) {
max_backoff = 3600;
}
- probe_interval = cfg_get_int(0, "mgmt.probe-interval");
- if (probe_interval < 5) {
- probe_interval = MAX_BACKOFF_DEFAULT;
+ inactivity_probe = cfg_get_int(0, "mgmt.inactivity-probe");
+ if (inactivity_probe < 5) {
+ inactivity_probe = INACTIVITY_PROBE_DEFAULT;
}
/* xxx If this changes, we need to restart bridges to use new id,
* xxx but they need the id before the connect to controller, but we
* xxx need their dpids. */
- mgmt_id = cfg_get_mac(0, "mgmt.id");
- if (!mgmt_id) {
- /* Randomly generate a mgmt id */
- mgmt_id = pick_fallback_mgmt_id();
+ /* Check if a different mgmt id has been assigned. */
+ if (cfg_has("mgmt.id")) {
+ uint64_t cfg_mgmt_id = cfg_get_mac(0, "mgmt.id");
+ if (cfg_mgmt_id != mgmt_id) {
+ mgmt_id = cfg_mgmt_id;
+ }
}
svec_swap(&new_cfg, &mgmt_cfg);
rconn_destroy(mgmt_rconn);
mgmt_rconn = NULL;
}
- mgmt_rconn = rconn_create(probe_interval, max_backoff);
+ mgmt_rconn = rconn_create(inactivity_probe, max_backoff);
if (controller_name) {
retval = rconn_connect(mgmt_rconn, controller_name);
if (retval == EAFNOSUPPORT) {
begin with \fB#\fR (optionally preceded by white space) are ignored.
.PP
The following subsections describe how key-value pairs are used to
-configure \fBswitchd\fR.
+configure \fBvswitchd\fR.
.SS "Bridge Configuration"
A bridge (switch) with a given \fIname\fR is configured by specifying
the names of its network devices as values for key
[netflow "mybr"]
host = nflow.example.com:9995
+.fi
+.RE
+.SS "Remote Management"
+A \fBvswitchd\fR instance may be remotely managed by a controller that
+supports the OpenFlow Management Protocol, such as NOX. This
+functionality is enabled by setting \fBmgmt.controller\fR to one of the
+following forms:
+.
+.TP
+\fBssl:\fIhost\fR[\fB:\fIport\fR]
+The specified SSL \fIport\fR (default: 6633) on the given remote
+\fIhost\fR. The \fBmgmt.ssl.private-key\fR, \fBmgmt.ssl.certificate\fR,
+and \fBmgmt.ssl.ca-cert\fR keys must be set appropriately. If the
+\fBmgmt.ssl.bootstrap-ca-cert\fR key is set to "true", then
+\fBvswitchd\fR will attempt to obtain the CA certificate from the
+controller.
+.
+.TP
+\fBtcp:\fIhost\fR[\fB:\fIport\fR]
+The specified TCP \fIport\fR (default: 6633) on the given remote
+\fIhost\fR.
+.PP
+The maximum time between attempts to connect to the controller may be
+specified in integral seconds with the \fBmgmt.max-backoff\fR key. The
+default maximum backoff is 15 seconds, and the minimum value is 1
+second.
+
+An inactivity probe may be configured with the \fBmgmt.inactivity-probe\fR
+key. If \fBvswitchd\fR does not communicate with the controller for the
+specified number of seconds, it will send a probe. If a response is not
+received for an additional amount of that time, \fBvswitchd\fR assumes
+the connection has been broken and attempts to reconnect. The default
+is 15 seconds, and the minimum value is 5 seconds.
+
+A management id may be specified with the \fBmgmt.id\fR key. It takes
+an id in the form of a MAC address. If one is not specified, a random
+id is generated each time \fBvswitchd\fR is started.
.fi
.RE
.SS "OpenFlow controller connectivity"
-By default, \fBvswitchd\fR performs all configured bridging and
-switching locally. It can also be configured to connect a given
-bridge to an external OpenFlow controller, such as NOX, by setting
-\fBbridge.\fIname\fB.controller\fR to one of the following forms:
+If a remote manager is not configured, \fBvswitchd\fR will perform
+all configured bridging and switching locally. It can also be configured
+to connect a given bridge to an external OpenFlow controller, such as
+NOX, by setting \fBbridge.\fIname\fB.controller\fR to one of the
+following forms:
.
.TP
\fBdiscover\fR
projects / openvswitch / commitdiff