What is Open vSwitch?
---------------------
-Open vSwitch is an Ethernet switch for virtual servers with the
+Open vSwitch is a versatile software-based Ethernet switch with the
following features:
* NIC bonding with automatic fail-over and source MAC-based TX
* NetFlow v5 flow logging.
- * Connectivity to an external OpenFlow controller, such as
- NOX.
+ * Connectivity to an external OpenFlow controller, such as NOX.
Open vSwitch supports Linux 2.6.15 and up, with testing focused on
2.6.18 with Centos and Xen patches and version 2.6.26 from kernel.org.
The main components of this distribution are:
- - ovs-vswitchd, a daemon that implements the virtual switch,
- along with a companion Linux kernel module for flow-based
- switching.
+ * ovs-vswitchd, a daemon that implements the switch, along with
+ a companion Linux kernel module for flow-based switching.
- - ovs-brcompatd, a daemon that allows ovs-vswitchd to act as a
- drop-in replacement for the Linux bridge in many
- environments, along with a companion Linux kernel module to
- intercept bridge ioctls.
+ * ovs-brcompatd, a daemon that allows ovs-vswitchd to act as a
+ drop-in replacement for the Linux bridge in many environments,
+ along with a companion Linux kernel module to intercept bridge
+ ioctls.
- - ovs-dpctl, a tool for configuring the virtual switch kernel
- module.
+ * ovs-dpctl, a tool for configuring the switch kernel module.
- - Scripts and specs for building RPMs that allow Open vSwitch
- to be installed on a Citrix XenServer host as a drop-in
- replacement for its virtual switch, with additional
- functionality.
+ * Scripts and specs for building RPMs that allow Open vSwitch
+ to be installed on a Citrix XenServer host as a drop-in
+ replacement for its switch, with additional functionality.
- - vlog-appctl, a utility that can control Open vSwitch daemons,
- adjusting their logging levels among other uses.
+ * vlog-appctl, a utility that can control Open vSwitch daemons,
+ adjusting their logging levels among other uses.
Open vSwitch also provides an OpenFlow implementation and tools for
those interested in OpenFlow but not additional Open vSwitch features:
- - secchan, a program that implements a simple OpenFlow switch
- (without the special features provided by ovs-vswitchd) using
- the same kernel module as ovs-vswitchd.
+ * secchan, a program that implements a simple OpenFlow switch
+ (without the special features provided by ovs-vswitchd) using
+ the same kernel module as ovs-vswitchd.
- - ovs-controller, a simple OpenFlow controller.
+ * ovs-controller, a simple OpenFlow controller.
- - ovs-ofctl, a utility for querying and controlling OpenFlow
- switches and controllers.
+ * ovs-ofctl, a utility for querying and controlling OpenFlow
+ switches and controllers.
- - ovs-pki, a utility for creating and managing the public-key
- infrastructure for OpenFlow switches.
+ * ovs-pki, a utility for creating and managing the public-key
+ infrastructure for OpenFlow switches.
- - A patch to tcpdump that enables it to parse OpenFlow
- messages.
+ * A patch to tcpdump that enables it to parse OpenFlow messages.
What other documentation is available?
--------------------------------------
from it using module-assistant or make-kpkg. README.Debian in this
package provides further instructions.
.
- Open vSwitch is a software-based Ethernet switch targeted at virtual
- servers.
+ Open vSwitch is a full-featured software-based Ethernet switch.
Package: openvswitch-common
Architecture: any
openvswitch-common provides components required by both openvswitch-switch
and openvswitch-controller.
.
- Open vSwitch is a software-based Ethernet switch targeted at virtual
- servers.
+ Open vSwitch is a full-featured software-based Ethernet switch.
Package: openvswitch-switch
Architecture: any
openvswitch-switch provides the userspace components and utilities for
the Open vSwitch kernel-based switch.
.
- Open vSwitch is a software-based Ethernet switch targeted at virtual
- servers.
+ Open vSwitch is a full-featured software-based Ethernet switch.
Package: openvswitch-switch-config
Architecture: any
openvswitch-switch-config provides a utility for interactively configuring
the Open vSwitch switch provided in the openvswitch-switch package.
.
- Open vSwitch is a software-based Ethernet switch targeted at virtual
- servers.
+ Open vSwitch is a full-featured software-based Ethernet switch.
Package: openvswitch-switchui
Architecture: any
Open vSwitch switches and controllers, reducing the risk of
man-in-the-middle attacks on the Open vSwitch network infrastructure.
.
- Open vSwitch is a software-based Ethernet switch targeted at virtual
- servers.
+ Open vSwitch is a full-featured software-based Ethernet switch.
Package: openvswitch-pki-server
Architecture: all
convenient OpenFlow switch setup using the ovs-switch-setup program
in the openvswitch-switch package.
.
- Open vSwitch is a software-based Ethernet switch targeted at virtual
- servers.
+ Open vSwitch is a full-featured software-based Ethernet switch.
Package: openvswitch-controller
Architecture: any
The Open vSwitch controller enables OpenFlow switches that connect to it
to act as MAC-learning Ethernet switches.
.
- Open vSwitch is a software-based Ethernet switch targeted at virtual
- servers.
+ Open vSwitch is a full-featured software-based Ethernet switch.
Package: corekeeper
Architecture: all
-.TH ovs\-ofctl 8 "March 2009" "Open vSwitch" "Open vSwitch Manual"
+.TH ovs\-ofctl 8 "June 2009" "Open vSwitch" "Open vSwitch Manual"
.ds PN ovs\-ofctl
.SH NAME
displayed by \fBovs\-ofctl show\fR.
.IP \fBdl_vlan=\fIvlan\fR
-Matches IEEE 802.1q virtual LAN tag \fIvlan\fR. Specify \fB0xffff\fR
-as \fIvlan\fR to match packets that are not tagged with a virtual LAN;
+Matches IEEE 802.1q Virtual LAN tag \fIvlan\fR. Specify \fB0xffff\fR
+as \fIvlan\fR to match packets that are not tagged with a Virtual LAN;
otherwise, specify a number between 0 and 4095, inclusive, as the
12-bit VLAN ID to match.
-.TH ovs\-vswitchd 8 "March 2009" "Open vSwitch" "OpenVSwitch Manual"
+.TH ovs\-vswitchd 8 "June 2009" "Open vSwitch" "Open vSwitch Manual"
.ds PN ovs\-vswitchd
.
.SH NAME
-ovs\-vswitchd \- virtual switch daemon
+ovs\-vswitchd \- Open vSwitch daemon
.
.SH SYNOPSIS
.B ovs\-vswitchd
\fIconfig\fR
.
.SH DESCRIPTION
-A daemon that manages and controls any number of virtual switches on
-the local machine.
+A daemon that manages and controls any number of Open vSwitch switches
+on the local machine.
.PP
The mandatory \fIconfig\fR argument specifies a configuration file.
For a description of \fBovs\-vswitchd\fR configuration syntax, see
files. If a logfile was specified on the command line it will also
be opened or reopened.
.PP
-\fBovs\-vswitchd\fR virtual switches may be configured with any of the
-following features:
+\fBovs\-vswitchd\fR switches may be configured with any of the following
+features:
.
.IP \(bu
L2 switching with MAC learning.
.
.PP
Only a single instance of \fBovs\-vswitchd\fR is intended to run at a time.
-A single \fBovs\-vswitchd\fR can manage any number of virtual switches, up
+A single \fBovs\-vswitchd\fR can manage any number of switch instances, up
to the maximum number of supported Open vSwitch datapaths.
.PP
-\fBovs\-vswitchd\fR does all the necessary management of OpenVSwitch datapaths
+\fBovs\-vswitchd\fR does all the necessary management of Open vSwitch datapaths
itself. Thus, external tools, such \fBovs\-dpctl\fR(8), are not needed for
managing datapaths in conjunction with \fBovs\-vswitchd\fR, and their use
to modify datapaths when \fBovs\-vswitchd\fR is running can interfere with
static void
usage(void)
{
- printf("%s: virtual switch daemon\n"
+ printf("%s: Open vSwitch daemon\n"
"usage: %s [OPTIONS] CONFIG\n"
"CONFIG is a configuration file in ovs-vswitchd.conf(5) format.\n",
program_name, program_name);
. RE
. PP
..
-.TH ovs\-vswitchd.conf 5 "April 2009" "Open vSwitch" "OpenVSwitch Manual"
+.TH ovs\-vswitchd.conf 5 "June 2009" "Open vSwitch" "Open vSwitch Manual"
.
.SH NAME
ovs\-vswitchd.conf \- configuration file for \fBovs\-vswitchd\fR
.
.SH DESCRIPTION
This manual page describes the syntax for the configuration file used
-by \fBovs\-vswitchd\fR(8), the virtual switch daemon.
+by \fBovs\-vswitchd\fR(8), the Open vSwitch daemon.
.PP
The configuration file is based on key-value pairs, which are given
one per line in the form \fIkey\fB=\fIvalue\fR. Each \fIkey\fR
The names given on \fBbridge.\fIname\fB.port\fR must be the names of
existing network devices, except for ``internal ports.'' An internal
port is a simulated network device that receives traffic only
-through the virtual switch and switches any traffic sent it through
-virtual switch. An internal port may configured with an IP address,
+through the switch and switches any traffic sent it through the
+switch. An internal port may configured with an IP address,
etc. using the usual system tools (e.g. \fBifconfig\fR, \fBip\fR). To
designate network device \fInetdev\fR as an internal port, add
\fBiface.\fInetdev\fB.internal=true\fR to the configuration file.
\fBnetflow.\fIbridge\fB.engine-id\fR, respectively. Each takes a value
between 0 and 255, inclusive.
-Many NetFlow collectors do not expect multiple virtual switches to be
+Many NetFlow collectors do not expect multiple switches to be
sending messages from the same host, and they do not store the engine
information which could be used to disambiguate the traffic. To prevent
flows from multiple switches appearing as if they came on the interface,
The minimum value of \fIsecs\fR is 5 seconds. The default is taken
from \fBmgmt.inactivity-probe\fR (see above).
.IP
-When the virtual switch is connected to the controller, it waits for a
+When the switch is connected to the controller, it waits for a
message to be received from the controller for \fIsecs\fR seconds
before it sends a inactivity probe to the controller. After sending
the inactivity probe, if no response is received for an additional
.IP "\fBbridge.\fIname\fB.controller.fail-mode=\fBstandalone\fR|\fBsecure\fR"
.IQ "\fBmgmt.fail-mode=standalone\fR|\fBsecure\fR"
When a controller is configured, it is, ordinarily, responsible for
-setting up all flows on the virtual switch. Thus, if the connection to
+setting up all flows on the switch. Thus, if the connection to
the controller fails, no new network connections can be set up. If
the connection to the controller stays down long enough, no packets
can pass through the switch at all.
attempt until it reaches the maximum. The default maximum backoff
time is taken from \fBmgmt.max-backoff\fR.
.ST "Controller Rate-Limiting"
-These settings configure how the virtual switch applies a ``token
+These settings configure how the switch applies a ``token
bucket'' to limit the rate at which packets in unknown flows are
forwarded to the OpenFlow controller for flow-setup processing. This
feature prevents a single bridge from overwhelming a controller.
for controller connectivity, the following settings are required:
.TP
\fBssl.private-key=\fIprivkey.pem\fR
-Specifies a PEM file containing the private key used as the virtual
+Specifies a PEM file containing the private key used as the
switch's identity for SSL connections to the controller.
.TP
\fBssl.certificate=\fIcert.pem\fR
Specifies a PEM file containing a certificate, signed by the
certificate authority (CA) used by the controller and manager, that
-certifies the virtual switch's private key, identifying a trustworthy
+certifies the switch's private key, identifying a trustworthy
switch.
.TP
\fBssl.ca-cert=\fIcacert.pem\fR
Specifies a PEM file containing the CA certificate used to verify that
-the virtual switch is connected to a trustworthy controller.
+the switch is connected to a trustworthy controller.
.PP
These files are read only once, at \fBovs\-vswitchd\fR startup time. If
their contents change, \fBovs\-vswitchd\fR must be killed and restarted.
.PP
-These SSL settings apply to all SSL connections made by the virtual
-switch.
+These SSL settings apply to all SSL connections made by the switch.
.ST "CA Certificate Bootstrap"
Ordinarily, all of the files named in the SSL configuration must exist
when \fBovs\-vswitchd\fR starts. However, if \fBssl.bootstrap-ca-cert\fR
projects / openvswitch / commitdiff