\fBovs-vswitchd.conf.db\fR(5).
.IP \fBnoevict\fR
Refuse to add the new flow. (Eviction might still be enabled through
-the \fBoverflow_policy\fR oclumn in the \fBFlow_Table\fR table
+the \fBoverflow_policy\fR column in the \fBFlow_Table\fR table
documented in \fBovs-vswitchd.conf.db\fR(5).)
+.IP \fBvacancy:\fIlow\fB,\fIhigh\fR
+Enables sending vacancy events to controllers using \fBTABLE_STATUS\fR
+messages, based on percentage thresholds \fIlow\fR and \fIhigh\fR.
+.IP \fBnovacancy\fR
+Disables vacancy events.
.RE
.
.TP
If no \fIcommand_bucket_id\fR is present in the group specification then all
buckets of the group are removed.
.
-.SS "OpenFlow Switch Geneve Option Table Commands"
+.SS "OpenFlow Switch Tunnel TLV Table Commands"
.
-Open vSwitch maintains a mapping table between Geneve options (defined
-by <class, type, length>) and an NXM field \fBtun_metadata\fIn\fR,
+Open vSwitch maintains a mapping table between tunnel option TLVs (defined
+by <class, type, length>) and NXM fields \fBtun_metadata\fIn\fR,
where \fIn\fR ranges from 0 to 63, that can be operated on for the
-purposes of matches, actions, etc. This mapping must be explicitly
-specified by the user through the following commands.
+purposes of matches, actions, etc. This TLV table can be used for
+Geneve option TLVs or other protocols with options in same TLV format
+as Geneve options. This mapping must be explicitly specified by the user
+through the following commands.
-A Geneve option mapping is specified with the syntax
+A TLV mapping is specified with the syntax
\fB{class=\fIclass\fB,type=\fItype\fB,len=\fIlength\fB}->tun_metadata\fIn\fR.
When an option mapping exists for a given \fBtun_metadata\fIn\fR,
matching on the defined field becomes possible, e.g.:
.RS
-ovs-ofctl add-geneve-map br0 "{class=0xffff,type=0,len=4}->tun_metadata0"
+ovs-ofctl add-tlv-map br0 "{class=0xffff,type=0,len=4}->tun_metadata0"
.PP
ovs-ofctl add-flow br0 tun_metadata0=1234,actions=controller
.RE
A mapping should not be changed while it is in active
use by a flow. The result of doing so is undefined.
-Currently, the Geneve mapping table is shared between all OpenFlow
+Currently, the TLV mapping table is shared between all OpenFlow
switches in a given instance of Open vSwitch. This restriction will
be lifted in the future to allow for easier management.
These commands are Nicira extensions to OpenFlow and require Open vSwitch
2.5 or later.
-.IP "\fBadd\-geneve\-map \fIswitch option\fR[\fB,\fIoption\fR]..."
+.IP "\fBadd\-TLV\-map \fIswitch option\fR[\fB,\fIoption\fR]..."
Add each \fIoption\fR to \fIswitch\fR's tables. Duplicate fields are
rejected.
.
-.IP "\fBdel\-geneve\-map \fIswitch \fR[\fIoption\fR[\fB,\fIoption\fR]]..."
-Delete each \fIoption\fR from \fIswitch\fR's table, or all Geneve option
+.IP "\fBdel\-TLV\-map \fIswitch \fR[\fIoption\fR[\fB,\fIoption\fR]]..."
+Delete each \fIoption\fR from \fIswitch\fR's table, or all option TLV
mapping if no \fIoption\fR is specified.
Fields that aren't mapped are ignored.
.
-.IP "\fBdump\-geneve\-map \fIswitch\fR"
+.IP "\fBdump\-TLV\-map \fIswitch\fR"
Show the currently mapped fields in the switch's option table as well
as switch capabilities.
.
address is specified as 6 pairs of hexadecimal digits delimited by colons
(e.g. \fB00:0A:E4:25:6B:B0\fR), with a wildcard mask following the slash.
.
-
+.IP \fBarp_op=\fIopcode\fR
+When \fBdl_type\fR specifies either ARP or RARP, \fBarp_op\fR matches the
+ARP opcode. Only ARP opcodes between 1 and 255 should be specified for
+matching.
+.
.IP \fBipv6_src=\fIipv6\fR[\fB/\fInetmask\fR]
.IQ \fBipv6_dst=\fIipv6\fR[\fB/\fInetmask\fR]
When \fBdl_type\fR is 0x86dd (possibly via shorthand, e.g., \fBipv6\fR
simply match on an option being present.
.IP
Tunnel metadata fields can be dynamically assigned onto the data
-contained in the options of Geneve packets using the commands
-described in the section \fBOpenFlow Switch Geneve Option Table
+contained in the option TLVs of packets (e.g. Geneve variable
+options stores zero or more options in TLV format and tunnel
+metadata can be assigned onto these option TLVs) using the
+commands described in the section \fBOpenFlow Switch Tunnel TLV Table
Commands\fR. Once assigned, the length of the field is variable
according to the size of the option. Before updating a mapping in
the option table, flows with references to it should be removed,
.IP
The \fBcommit\fR parameter must be specified to use \fBexec(...)\fR.
.
+.IP \fBalg=\fIalg\fR
+Specify application layer gateway \fIalg\fR to track specific connection
+types. Supported types include:
+.RS
+.IP \fBftp\fR
+Look for negotiation of FTP data connections. If a subsequent FTP data
+connection arrives which is related, the \fBct\fR action will set the
+\fBrel\fR flag in the \fBct_state\fR field for packets sent through \fBct\fR.
+.RE
+.
.RE
.IP
The \fBct\fR action may be used as a primitive to construct stateful firewalls
.RE
.
.IP \fBdec_ttl\fR
-.IQ \fBdec_ttl\fB[\fR(\fIid1,id2\fI)\fR]\fR
+.IQ \fBdec_ttl(\fIid1\fR[\fB,\fIid2\fR]...\fB)\fR
Decrement TTL of IPv4 packet or hop limit of IPv6 packet. If the
TTL or hop limit is initially zero or decrementing would make it so, no
decrement occurs, as packets reaching TTL zero must be rejected. Instead,
sent to each connected controller that has enabled receiving them,
if any. Processing the current set of actions then stops. However,
if the current set of actions was reached through ``resubmit'' then
-remaining actions in outer levels resume processing. This action
-also optionally supports the ability to specify a list of valid
-controller ids. Each of controllers in the list will receive the
-``packet_in'' message only if they have registered to receive the
+remaining actions in outer levels resume processing.
+.IP
+This action also optionally supports the ability to specify a list of
+valid controller ids. Each of the controllers in the list will receive
+the ``packet_in'' message only if they have registered to receive the
invalid ttl packets. If controller ids are not specified, the
``packet_in'' message will be sent only to the controllers having
controller id zero which have registered for the invalid ttl packets.
Conjunctive flows can be a useful building block for negation, that
is, inequality matches like \fBtcp_src\fR \[!=] 80. To implement an
inequality match, convert it to a pair of range matches, e.g. 0 \[<=]
-\fBtcp_src\ < 80 and 80 < \fBtcp_src\fR \[<=] 65535, then convert each
+\fBtcp_src\fR < 80 and 80 < \fBtcp_src\fR \[<=] 65535, then convert each
of the range matches into a collection of bitwise matches as explained
above in the description of \fBtcp_src\fR.
.IP \(bu
.
.PP
The \fBdump\-flows\fR, \fBdump\-aggregate\fR, \fBdel\-flow\fR
-and \fBdel\-flows\fR commands support one additional optional field:
+and \fBdel\-flows\fR commands support these additional optional fields:
.
.TP
\fBout_port=\fIport\fR
If set, a matching flow must include an output action to \fIport\fR,
which must be an OpenFlow port number or name (e.g. \fBlocal\fR).
.
+.TP
+\fBout_group=\fIport\fR
+If set, a matching flow must include an \fBgroup\fR action naming
+\fIgroup\fR, which must be an OpenFlow group number. This field
+is supported in Open vSwitch 2.5 and later and requires OpenFlow 1.1
+or later.
+.
.SS "Table Entry Output"
.
The \fBdump\-tables\fR and \fBdump\-aggregate\fR commands print information
\fBmod\-group\fR commands on groups of type \fBselect\fR. Prohibited
otherwise. The default value is the empty string.
.IP
+Other than the empty string, \fBhash\fR is currently the only defined
+selection method.
+.IP
This option will use a Netronome OpenFlow extension which is only supported
when using Open vSwitch 2.4 and later with OpenFlow 1.5 and later.
This option will use a Netronome OpenFlow extension which is only supported
when using Open vSwitch 2.4 and later with OpenFlow 1.5 and later.
-.IP \fBfields\fR=\fIparam\fR
+.IP \fBfields\fR=\fIfield\fR
+.IQ \fBfields(\fIfield\fR[\fB=\fImask\fR]\fR...\fB)\fR
The field parameters to selection method selected by the
\fBselection_method\fR field. The syntax is described in \fBFlow Syntax\fR
with the additional restrictions that if a value is provided it is