X-Git-Url: http://git.cascardo.eti.br/?a=blobdiff_plain;f=vswitchd%2Fvswitch.xml;h=b00f74d66434511397224353ede091a8d911db33;hb=f2eee189118139995d61468cecb85654dd45bb36;hp=ebbfba8060bd357cc11d2d3859133528cbd33c6e;hpb=1c1440518a878c0897d17cb1ebbc95466715d316;p=cascardo%2Fovs.git
diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index ebbfba806..b00f74d66 100644
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -71,6 +71,149 @@
The Citrix XenServer universally unique identifier for the physical
host as displayed by xe host-list
.
+
+
+
+ Interval for updating statistics to the database, in milliseconds.
+ This option will affect the update of the statistics
+ column in the following tables: Port
, Interface
+
, Mirror
.
+
+
+ Default value is 5000 ms.
+
+
+ Getting statistics more frequently can be achieved via OpenFlow.
+
+
+
+
+
+ When ovs-vswitchd
starts up, it has an empty flow table
+ and therefore it handles all arriving packets in its default fashion
+ according to its configuration, by dropping them or sending them to
+ an OpenFlow controller or switching them as a standalone switch.
+ This behavior is ordinarily desirable. However, if
+ ovs-vswitchd
is restarting as part of a ``hot-upgrade,''
+ then this leads to a relatively long period during which packets are
+ mishandled.
+
+
+ This option allows for improvement. When ovs-vswitchd
+ starts with this value set as true
, it will neither
+ flush or expire previously set datapath flows nor will it send and
+ receive any packets to or from the datapath. When this value is
+ later set to false
, ovs-vswitchd
will
+ start receiving packets from the datapath and re-setup the flows.
+
+
+ Thus, with this option, the procedure for a hot-upgrade of
+ ovs-vswitchd
becomes roughly the following:
+
+
+ -
+ Stop
ovs-vswitchd
.
+
+ -
+ Set
+ to true
.
+
+ -
+ Start
ovs-vswitchd
.
+
+ -
+ Use
ovs-ofctl
(or some other program, such as an
+ OpenFlow controller) to restore the OpenFlow flow table
+ to the desired state.
+
+ -
+ Set
+ to false
(or remove it entirely from the database).
+
+
+
+ The ovs-ctl
's ``restart'' and ``force-reload-kmod''
+ functions use the above config option during hot upgrades.
+
+
+
+
+
+ The maximum
+ number of flows allowed in the datapath flow table. Internally OVS
+ will choose a flow limit which will likely be lower than this number,
+ based on real time network conditions.
+
+
+ The default is 200000.
+
+
+
+
+
+ Specifies the number of rx queues to be created for each dpdk
+ interface. If not specified or specified to 0, one rx queue will
+ be created for each dpdk interface by default.
+
+
+
+
+
+ Specifies CPU mask for setting the cpu affinity of PMD (Poll
+ Mode Driver) threads. Value should be in the form of hex string,
+ similar to the dpdk EAL '-c COREMASK' option input or the 'taskset'
+ mask input.
+
+
+ The lowest order bit corresponds to the first CPU core. A set bit
+ means the corresponding core is available. If the input does not
+ cover all cores, those uncovered cores are considered not set.
+
+
+ If not specified, one pmd thread will be created for each numa node
+ and pinned to any available core on the numa node by default.
+
+
+
+
+
+ Specifies the number of threads for software datapaths to use for
+ handling new flows. The default the number of online CPU cores minus
+ the number of revalidators.
+
+
+ This configuration is per datapath. If you have more than one
+ software datapath (e.g. some system
bridges and some
+ netdev
bridges), then the total number of threads is
+ n-handler-threads
times the number of software
+ datapaths.
+
+
+
+
+
+ Specifies the number of threads for software datapaths to use for
+ revalidating flows in the datapath. Typically, there is a direct
+ correlation between the number of revalidator threads, and the number
+ of flows allowed in the datapath. The default is the number of cpu
+ cores divided by four plus one. If n-handler-threads
is
+ set, the default changes to the number of cpu cores minus the number
+ of handler threads.
+
+
+ This configuration is per datapath. If you have more than one
+ software datapath (e.g. some system
bridges and some
+ netdev
bridges), then the total number of threads is
+ n-handler-threads
times the number of software
+ datapaths.
+
+
@@ -340,7 +483,11 @@
- sFlow configuration.
+ sFlow(R) configuration.
+
+
+
+ IPFIX configuration.
@@ -439,6 +586,12 @@
value. May not be all-zero.
+
+ Human readable description of datapath. It it a maximum 256
+ byte-long free-form string to describe the datapath for
+ debugging purposes, e.g. switch3 in room 3120
.
+
+
If set to true
, disable in-band control on the bridge
@@ -453,6 +606,27 @@
QoS configured, or if the port does not have a queue with the specified
ID, the default queue is used instead.
+
+
+
+ List of OpenFlow protocols that may be used when negotiating
+ a connection with a controller. OpenFlow 1.0, 1.1, 1.2, and
+ 1.3 are enabled by default if this column is empty.
+
+
+
+ OpenFlow 1.4 is not enabled by default because its implementation is
+ missing features.
+
+
+
+ OpenFlow 1.5 has the same risks as OpenFlow 1.4, but it is even more
+ experimental because the OpenFlow 1.5 specification is still under
+ development and thus subject to change. Pass
+ --enable-of15
to ovs-vswitchd
to allow
+ OpenFlow 1.5 to be enabled.
+
+
@@ -461,7 +635,7 @@
be included in the network to provide automatic backup paths if
the active links fails.
-
+
Enable spanning tree on the bridge. By default, STP is disabled
on bridges. Bond, internal, and mirror ports are not supported
and will not participate in the spanning tree.
@@ -502,6 +676,114 @@
ports to forwarding
, in seconds. By default, the
forwarding delay is 15 seconds.
+
+
+
+ The maximum number of seconds to retain a multicast snooping entry for
+ which no packets have been seen. The default is currently 300
+ seconds (5 minutes). The value, if specified, is forced into a
+ reasonable range, currently 15 to 3600 seconds.
+
+
+
+
+
+ The maximum number of multicast snooping addresses to learn. The
+ default is currently 2048. The value, if specified, is forced into
+ a reasonable range, currently 10 to 1,000,000.
+
+
+
+
+ If set to false
, unregistered multicast packets are forwarded
+ to all ports.
+ If set to true
, unregistered multicast packets are forwarded
+ to ports connected to multicast routers.
+
+
+
+
+
+ Multicast snooping (RFC 4541) monitors the Internet Group Management
+ Protocol (IGMP) traffic between hosts and multicast routers. The
+ switch uses what IGMP snooping learns to forward multicast traffic
+ only to interfaces that are connected to interested receivers.
+ Currently it supports IGMPv1 and IGMPv2 protocols.
+
+
+ Enable multicast snooping on the bridge. For now, the default
+ is disabled.
+
+
+
+
+ In IEEE Std 802.1D, 1998 Edition, and prior editions of this standard,
+ Clause 8 specified the spanning tree algorithm and protocol (STP). STP
+ has now been superseded by the Rapid Spanning Tree Protocol (RSTP)
+ specified in Clause 17 of the IEEE Std 802.1D, 2004 Edition.
+ The IEEE 802.1D-2004 Rapid Spanning Tree Algorithm Protocol configures
+ full, simple, and symmetric connectivity throughout a Bridged Local Area
+ Network that comprises individual LANs interconnected by Bridges.
+ Like STP, RSTP is a network protocol that ensures loop-free topologies.
+ It allows redundant links to be included in the network to provide
+ automatic backup paths if the active links fails.
+
+
+ Enable Rapid Spanning Tree on the bridge. By default, RSTP is disabled
+ on bridges. Bond, internal, and mirror ports are not supported
+ and will not participate in the spanning tree.
+
+
+
+ The bridge's RSTP address (the lower 48 bits of the bridge-id)
+ in the form
+ xx:xx:xx:xx:xx:xx.
+ By default, the address is the MAC address of the bridge.
+
+
+
+ The bridge's relative priority value for determining the root
+ bridge (the upper 16 bits of the bridge-id). A bridge with the
+ lowest bridge-id is elected the root. By default, the priority
+ is 0x8000 (32768). This value needs to be a multiple of 4096,
+ otherwise it's rounded to the nearest inferior one.
+
+
+
+ The Ageing Time parameter for the Bridge. The default value
+ is 300 seconds.
+
+
+
+ The Force Protocol Version parameter for the Bridge. This
+ can take the value 0 (STP Compatibility mode) or 2
+ (the default, normal operation).
+
+
+
+ The maximum age of the information transmitted by the Bridge
+ when it is the Root Bridge. The default value is 20.
+
+
+
+ The delay used by STP Bridges to transition Root and Designated
+ Ports to Forwarding. The default value is 15.
+
+
+
+ The Transmit Hold Count used by the Port Transmit state machine
+ to limit transmission rate. The default value is 6.
+
+
@@ -531,20 +813,6 @@
datapath ID.
-
-
- A number of flows as a nonnegative integer. This sets number of
- flows at which eviction from the kernel flow table will be triggered.
- If there are a large number of flows then increasing this value to
- around the number of flows present can result in reduced CPU usage
- and packet loss.
-
-
- The default is 1000. Values below 100 will be rounded up to 100.
-
-
-
Option to allow forwarding of BPDU frames when NORMAL action is
@@ -617,6 +885,15 @@
transmit packets.
+
+
+
+ The maximum number of MAC addresses to learn. The default is
+ currently 2048. The value, if specified, is forced into a reasonable
+ range, currently 10 to 1,000,000.
+
+
@@ -655,8 +932,8 @@
-
-
+
+
A port within a .
Most commonly, a port has exactly one ``interface,'' pointed to by its
column. Such a port logically
@@ -827,7 +1104,9 @@
The following modes require the upstream switch to support 802.3ad with
- successful LACP negotiation:
+ successful LACP negotiation. If LACP negotiation fails and
+ other-config:lacp-fallback-ab is true, then active-backup
+ mode is used:
@@ -837,21 +1116,6 @@
information such as destination MAC address, IP address, and TCP
port.
-
- stable
- -
-
Attempts to always assign a given flow to the same slave
- consistently. In an effort to maintain stability, no load
- balancing is done. Uses a similar hashing strategy to
- balance-tcp
, always taking into account L3 and L4
- fields even if LACP negotiations are unsuccessful.
- Slave selection decisions are made based on if set. Otherwise,
- OpenFlow port number is used. Decisions are consistent across all
- ovs-vswitchd
instances with equivalent
-
- values.
-
These columns apply only to bonded ports. Their values are
@@ -932,7 +1196,8 @@
in LACP negotiations initiated by a remote switch, but not allowed to
initiate such negotiations themselves. If LACP is enabled on a port
whose partner switch does not support LACP, the bond will be
- disabled. Defaults to off
if unset.
+ disabled, unless other-config:lacp-fallback-ab is set to true.
+ Defaults to off
if unset.
@@ -960,14 +1225,24 @@
rate of once every 30 seconds.
+
+
+
+ Determines the behavior of openvswitch bond in LACP mode. If
+ the partner switch does not support LACP, setting this option
+ to true
allows openvswitch to fallback to
+ active-backup. If the option is set to false
, the
+ bond will be disabled. In both the cases, once the partner switch
+ is configured to LACP mode, the bond will use LACP.
+
+
-
+
These settings control behavior when a bond is in
- balance-slb
mode, regardless of whether the bond was
- intentionally configured in SLB mode or it fell back to SLB mode
- because LACP negotiation failed.
+ balance-slb
or balance-tcp
mode.
+
+
+ If rapid spanning tree is enabled on the bridge, member ports are
+ enabled by default (with the exception of bond, internal, and
+ mirror ports which do not work with RSTP). If this column's
+ value is false
rapid spanning tree is disabled on the
+ port.
+
+
+
+ The port's relative priority value for determining the root
+ port, in multiples of 16. By default, the port priority is 0x80
+ (128). Any value in the lower 4 bits is rounded off. The significant
+ upper 4 bits become the upper 4 bits of the port-id. A port with the
+ lowest port-id is elected as the root.
+
+
+
+ The local RSTP port number, used as the lower 12 bits of the port-id.
+ By default the port numbers are assigned automatically, and typically
+ may not correspond to the OpenFlow port numbers. A port with the
+ lowest port-id is elected as the root.
+
+
+
+ The port path cost. The Port's contribution, when it is
+ the Root Port, to the Root Path Cost for the Bridge. By default the
+ cost is automatically calculated from the port's speed.
+
+
+
+ The admin edge port parameter for the Port. Default is
+ false
.
+
+
+
+ The auto edge port parameter for the Port. Default is
+ true
.
+
+
+
+
+ The mcheck port parameter for the Port. Default is
+ false
. May be set to force the Port Protocol
+ Migration state machine to transmit RST BPDUs for a
+ MigrateTime period, to test whether all STP Bridges on the
+ attached LAN have been removed and the Port can continue to
+ transmit RSTP BPDUs. Setting mcheck has no effect if the
+ Bridge is operating in STP Compatibility mode.
+
+
+ Changing the value from true
to
+ false
has no effect, but needs to be done if
+ this behavior is to be triggered again by subsequently
+ changing the value from false
to
+ true
.
+
+
+
+
+
+
+
+ If set to true
, multicast packets are unconditionally
+ forwarded to the specific port.
+
+
+
+
Quality of Service configuration for this port.
@@ -1089,7 +1441,9 @@
- Key-value pairs that report port statistics.
+ Key-value pairs that report port statistics. The update period
+ is controlled by in the Open_vSwitch
table.
@@ -1127,6 +1481,16 @@
on a host.
+
+ A positive interface index as defined for SNMP MIB-II in RFCs 1213 and
+ 2863, if the interface has one, otherwise 0. The ifindex is useful for
+ seamless integration with protocols such as SNMP and sFlow.
+
+
+
+ The MAC address in use by this interface.
+
+
Ethernet address to set for this interface. If unset then the
default MAC address is used:
@@ -1147,19 +1511,66 @@
address.
-
- OpenFlow port number for this interface. Unlike most columns, this
- column's value should be set only by Open vSwitch itself. Other
- clients should set this column to an empty set (the default) when
- creating an .
- Open vSwitch populates this column when the port number becomes
- known. If the interface is successfully added,
- will be set to a number between 1 and 65535
- (generally either in the range 1 to 65279, inclusive, or 65534, the
- port number for the OpenFlow ``local port''). If the interface
- cannot be added then Open vSwitch sets this column
- to -1.
-
+
+ If the configuration of the port failed, as indicated by -1 in , Open vSwitch sets this column to an error
+ description in human readable form. Otherwise, Open vSwitch clears
+ this column.
+
+
+
+
+ When a client adds a new interface, Open vSwitch chooses an OpenFlow
+ port number for the new port. If the client that adds the port fills
+ in , then Open vSwitch tries to use its
+ value as the OpenFlow port number. Otherwise, or if the requested
+ port number is already in use or cannot be used for another reason,
+ Open vSwitch automatically assigns a free port number. Regardless of
+ how the port number was obtained, Open vSwitch then reports in the port number actually assigned.
+
+
+
+ Open vSwitch limits the port numbers that it automatically assigns to
+ the range 1 through 32,767, inclusive. Controllers therefore have
+ free use of ports 32,768 and up.
+
+
+
+
+ OpenFlow port number for this interface. Open vSwitch sets this
+ column's value, so other clients should treat it as read-only.
+
+
+ The OpenFlow ``local'' port (OFPP_LOCAL
) is 65,534.
+ The other valid port numbers are in the range 1 to 65,279,
+ inclusive. Value -1 indicates an error adding the interface.
+
+
+
+
+
+ Requested OpenFlow port number for this interface.
+
+
+
+ A client should ideally set this column's value in the same
+ database transaction that it uses to create the interface. Open
+ vSwitch version 2.1 and later will honor a later request for a
+ specific port number, althuogh it might confuse some controllers:
+ OpenFlow does not have a way to announce a port number change, so
+ Open vSwitch represents it over OpenFlow as a port deletion
+ followed immediately by a port addition.
+
+
+
+ If is set or changed to some other
+ port's automatically assigned port number, Open vSwitch chooses a
+ new port number for the latter port.
+
+
+
@@ -1187,11 +1598,20 @@
tap
A TUN/TAP device managed by Open vSwitch.
+ geneve
+
+ An Ethernet over Geneve (http://tools.ietf.org/html/draft-gross-geneve-00
)
+ IPv4 tunnel.
+
+ Geneve supports options as a means to transport additional metadata,
+ however, currently only the 24-bit VNI is supported. This is planned
+ to be extended in the future.
+
+
gre
An Ethernet over RFC 2890 Generic Routing Encapsulation over IPv4
- tunnel. See for information on
- configuring GRE tunnels.
+ tunnel.
ipsec_gre
@@ -1200,14 +1620,49 @@
IPsec tunnel.
- capwap
+ gre64
+
+ It is same as GRE, but it allows 64 bit key. To store higher 32-bits
+ of key, it uses GRE protocol sequence number field. This is non
+ standard use of GRE protocol since OVS does not increment
+ sequence number for every packet at time of encap as expected by
+ standard GRE implementation. See
+ for information on configuring GRE tunnels.
+
+
+ ipsec_gre64
- An Ethernet tunnel over the UDP transport portion of CAPWAP (RFC
- 5415). This allows interoperability with certain switches that do
- not support GRE. Only the tunneling component of the protocol is
- implemented. UDP ports 58881 and 58882 are used as the source and
- destination ports respectively. CAPWAP is currently supported only
- with the Linux kernel datapath with kernel version 2.6.26 or later.
+ Same as IPSEC_GRE except 64 bit key.
+
+
+ vxlan
+
+
+ An Ethernet tunnel over the experimental, UDP-based VXLAN
+ protocol described at
+ http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-03
.
+
+
+ Open vSwitch uses UDP destination port 4789. The source port used for
+ VXLAN traffic varies on a per-flow basis and is in the ephemeral port
+ range.
+
+
+
+ lisp
+
+
+ A layer 3 tunnel over the experimental, UDP-based Locator/ID
+ Separation Protocol (RFC 6830).
+
+
+ Only IPv4 and IPv6 packets are supported by the protocol, and
+ they are sent and received without an Ethernet header. Traffic
+ to/from LISP ports is expected to be configured explicitly, and
+ the ports are not intended to participate in learning based
+ switching. As such, they are always excluded from packet
+ flooding.
+
patch
@@ -1216,7 +1671,8 @@
null
- An ignored interface.
+ An ignored interface. Deprecated and slated for removal in
+ February 2013.
@@ -1224,7 +1680,9 @@
These options apply to interfaces with of
- gre
, ipsec_gre
, and capwap
.
+ geneve
, gre
, ipsec_gre
,
+ gre64
, ipsec_gre64
, vxlan
,
+ and lisp
.
@@ -1239,22 +1697,67 @@
-
- Required. The tunnel endpoint. Unicast and multicast endpoints are
- both supported.
-
+ Required. The remote tunnel endpoint, one of:
+
+
+ -
+ An IPv4 address (not a DNS name), e.g.
192.168.0.123
.
+ Only unicast endpoints are supported.
+
+ -
+ The word
flow
. The tunnel accepts packets from any
+ remote tunnel endpoint. To process only packets from a specific
+ remote tunnel endpoint, the flow entries may match on the
+ tun_src
field. When sending packets to a
+ remote_ip=flow
tunnel, the flow actions must
+ explicitly set the tun_dst
field to the IP address of
+ the desired remote tunnel endpoint, e.g. with a
+ set_field
action.
+
+
- When a multicast endpoint is specified, a routing table lookup occurs
- only when the tunnel is created. Following a routing change, delete
- and then re-create the tunnel to force a new routing table lookup.
+ The remote tunnel endpoint for any packet received from a tunnel
+ is available in the tun_src
field for matching in the
+ flow table.
- Optional. The destination IP that received packets must match.
- Default is to match all addresses. Must be omitted when is a multicast address.
+
+ Optional. The tunnel destination IP that received packets must
+ match. Default is to match all addresses. If specified, may be one
+ of:
+
+
+
+
+
+ The tunnel destination IP address for any packet received from a
+ tunnel is available in the tun_dst
field for matching in
+ the flow table.
+
@@ -1267,8 +1770,9 @@
key="in_key"/> at all.
- A positive 32-bit (for GRE) or 64-bit (for CAPWAP) number. The
- tunnel receives only packets with the specified key.
+ A positive 24-bit (for Geneve, VXLAN, and LISP), 32-bit (for GRE)
+ or 64-bit (for GRE64) number. The tunnel receives only packets
+ with the specified key.
The word flow
. The tunnel accepts packets with any
@@ -1293,8 +1797,9 @@
key="out_key"/> at all.
- A positive 32-bit (for GRE) or 64-bit (for CAPWAP) number. Packets
- sent through the tunnel will have the specified key.
+ A positive 24-bit (for Geneve, VXLAN and LISP), 32-bit (for GRE) or
+ 64-bit (for GRE64) number. Packets sent through the tunnel will
+ have the specified key.
The word flow
. Packets sent through the tunnel will
@@ -1327,48 +1832,13 @@
system default, typically 64). Default is the system default TTL.
-
- Optional. If enabled, the Don't Fragment bit will be copied from the
- inner IP headers (those of the encapsulated traffic) to the outer
- (tunnel) headers. Default is disabled; set to true
to
- enable.
-
-
- Optional. If enabled, the Don't Fragment bit will be set by default on
- tunnel headers if the df_inherit
option is not set, or if
- the encapsulated packet is not IP. Default is enabled; set to
- false
to disable.
-
-
-
- Optional. Enable tunnel path MTU discovery. If enabled ``ICMP
- Destination Unreachable - Fragmentation Needed'' messages will be
- generated for IPv4 packets with the DF bit set and IPv6 packets above
- the minimum MTU if the packet size exceeds the path MTU minus the size
- of the tunnel headers. Note that this option causes behavior that is
- typically reserved for routers and therefore is not entirely in
- compliance with the IEEE 802.1D specification for bridges. Default is
- enabled; set to false
to disable.
+ Optional. If enabled, the Don't Fragment bit will be set on tunnel
+ outer headers to allow path MTU discovery. Default is enabled; set
+ to false
to disable.
-
-
- Only gre
interfaces support these options.
-
-
-
- Enable caching of tunnel headers and the output path. This can lead
- to a significant performance increase without changing behavior. In
- general it should not be necessary to adjust this setting. However,
- the caching can bypass certain components of the IP stack (such as
- iptables
) and it may be useful to disable it if these
- features are required or as a debugging measure. Default is enabled,
- set to false
to disable.
-
-
-
Only gre
and ipsec_gre
interfaces support
@@ -1528,15 +1998,15 @@
The source IP address used for an IPv4 tunnel end-point, such as
- gre
or capwap
.
+ gre
.
- Egress interface for tunnels. Currently only relevant for GRE and
- CAPWAP tunnels. On Linux systems, this column will show the name of
- the interface which is responsible for routing traffic destined for the
- configured . This could be an
- internal interface such as a bridge port.
+ Egress interface for tunnels. Currently only relevant for tunnels
+ on Linux systems, this column will show the name of the interface
+ which is responsible for routing traffic destined for the configured
+ . This could be an internal
+ interface such as a bridge port.
Key-value pairs that report interface statistics. The current
- implementation updates these counters periodically. Future
- implementations may update them when an interface is created, when they
- are queried (e.g. using an OVSDB select
operation), and
- just before an interface is deleted due to virtual interface hot-unplug
- or VM shutdown, and perhaps at other times, but not on any regular
- periodic basis.
+ implementation updates these counters periodically. The update period
+ is controlled by in the Open_vSwitch
table.
+ Future implementations may update them when an interface is created,
+ when they are queried (e.g. using an OVSDB select
+ operation), and just before an interface is deleted due to virtual
+ interface hot-unplug or VM shutdown, and perhaps at other times, but
+ not on any regular periodic basis.
These are the same statistics reported by OpenFlow in its struct
@@ -1683,6 +2155,178 @@
+
+
+ BFD, defined in RFC 5880 and RFC 5881, allows point-to-point
+ detection of connectivity failures by occasional transmission of
+ BFD control messages. Open vSwitch implements BFD to serve
+ as a more popular and standards compliant alternative to CFM.
+
+
+
+ BFD operates by regularly transmitting BFD control messages at a rate
+ negotiated independently in each direction. Each endpoint specifies
+ the rate at which it expects to receive control messages, and the rate
+ at which it is willing to transmit them. Open vSwitch uses a detection
+ multiplier of three, meaning that an endpoint signals a connectivity
+ fault if three consecutive BFD control messages fail to arrive. In the
+ case of a unidirectional connectivity issue, the system not receiving
+ BFD control messages signals the problem to its peer in the messages it
+ transmits.
+
+
+
+ The Open vSwitch implementation of BFD aims to comply faithfully
+ with RFC 5880 requirements. Open vSwitch does not implement the
+ optional Authentication or ``Echo Mode'' features.
+
+
+
+
+ A controller sets up key-value pairs in the
+ column to enable and configure BFD.
+
+
+
+ True to enable BFD on this . If not
+ specified, BFD will not be enabled by default.
+
+
+
+ The shortest interval, in milliseconds, at which this BFD session
+ offers to receive BFD control messages. The remote endpoint may
+ choose to send messages at a slower rate. Defaults to
+ 1000
.
+
+
+
+ The shortest interval, in milliseconds, at which this BFD session is
+ willing to transmit BFD control messages. Messages will actually be
+ transmitted at a slower rate if the remote endpoint is not willing to
+ receive as quickly as specified. Defaults to 100
.
+
+
+
+ An alternate receive interval, in milliseconds, that must be greater
+ than or equal to . The
+ implementation switches from to when there is no obvious incoming
+ data traffic at the interface, to reduce the CPU and bandwidth cost
+ of monitoring an idle interface. This feature may be disabled by
+ setting a value of 0. This feature is reset whenever or
+ changes.
+
+
+
+ When true
, traffic received on the
+ is used to indicate the capability of packet
+ I/O. BFD control packets are still transmitted and received. At
+ least one BFD control packet must be received every 100 * amount of time. Otherwise, even if
+ traffic are received, the
+ will be false
.
+
+
+
+ Set to true to notify the remote endpoint that traffic should not be
+ forwarded to this system for some reason other than a connectivty
+ failure on the interface being monitored. The typical underlying
+ reason is ``concatenated path down,'' that is, that connectivity
+ beyond the local system is down. Defaults to false.
+
+
+
+ Set to true to make BFD accept only control messages with a tunnel
+ key of zero. By default, BFD accepts control messages with any
+ tunnel key.
+
+
+
+ Set to an Ethernet address in the form
+ xx:xx:xx:xx:xx:xx
+ to set the MAC used as source for transmitted BFD packets. The
+ default is the mac address of the BFD enabled interface.
+
+
+
+ Set to an Ethernet address in the form
+ xx:xx:xx:xx:xx:xx
+ to set the MAC used as destination for transmitted BFD packets. The
+ default is 00:23:20:00:00:01
.
+
+
+
+ Set to an Ethernet address in the form
+ xx:xx:xx:xx:xx:xx
+ to set the MAC used for checking the destination of received BFD packets.
+ Packets with different destination MAC will not be considered as BFD packets.
+ If not specified the destination MAC address of received BFD packets
+ are not checked.
+
+
+
+ Set to an IPv4 address to set the IP address used as source for
+ transmitted BFD packets. The default is 169.254.1.1
.
+
+
+
+ Set to an IPv4 address to set the IP address used as destination
+ for transmitted BFD packets. The default is 169.254.1.0
.
+
+
+
+
+
+ The switch sets key-value pairs in the
+ column to report the status of BFD on this interface. When BFD is
+ not enabled, with , the switch clears
+ all key-value pairs from .
+
+
+
+ Reports the state of the BFD session. The BFD session is fully
+ healthy and negotiated if UP
.
+
+
+
+ Reports whether the BFD session believes this may be used to forward traffic. Typically this
+ means the local session is signaling UP
, and the remote
+ system isn't signaling a problem such as concatenated path down.
+
+
+
+ In case of a problem, set to an error message that reports what the
+ local BFD session thinks is wrong. The error messages are defined
+ in section 4.1 of [RFC 5880].
+
+
+
+ Reports the state of the remote endpoint's BFD session.
+
+
+
+ In case of a problem, set to an error message that reports what the
+ remote endpoint's BFD session thinks is wrong. The error messages
+ are defined in section 4.1 of [RFC 5880].
+
+
+
+ Counts the number of
+ flaps since start. A flap is considered as a change of the
+ value.
+
+
+
+
802.1ag Connectivity Fault Management (CFM) allows a group of
@@ -1702,12 +2346,30 @@
faulted otherwise.
+
+ When operating over tunnels which have no in_key
, or an
+ in_key
of flow
. CFM will only accept CCMs
+ with a tunnel key of zero.
+
+
- A Maintenance Point ID (MPID) uniquely identifies each endpoint within
- a Maintenance Association. The MPID is used to identify this endpoint
- to other Maintenance Points in the MA. Each end of a link being
- monitored should have a different MPID. Must be configured to enable
- CFM on this .
+
+ A Maintenance Point ID (MPID) uniquely identifies each endpoint
+ within a Maintenance Association. The MPID is used to identify this
+ endpoint to other Maintenance Points in the MA. Each end of a link
+ being monitored should have a different MPID. Must be configured to
+ enable CFM on this .
+
+
+ According to the 802.1ag specification, MPIDs can only range between
+ [1, 8191]. However, extended mode (see ) supports eight byte MPIDs.
+
+
+
+
+ Counts the number of cfm fault flapps since boot. A flap is
+ considered to be a change of the value.
@@ -1832,9 +2494,48 @@
with compliant implementations which may be running concurrently on the
network. Furthermore, extended mode increases the accuracy of the
cfm_interval
configuration parameter by breaking wire
- compatibility with 802.1ag compliant implementations. Defaults to
- false
.
+ compatibility with 802.1ag compliant implementations. And extended
+ mode allows eight byte MPIDs. Defaults to false
.
+
+
+
+
+ When true
, and
+ is true, the CFM
+ module operates in demand mode. When in demand mode, traffic
+ received on the is used to indicate
+ liveness. CCMs are still transmitted and received. At least one
+ CCM must be received every 100 * amount of time. Otherwise, even if traffic
+ are received, the CFM module will raise the connectivity fault.
+
+
+
+ Demand mode has a couple of caveats:
+
+ -
+ To ensure that ovs-vswitchd has enough time to pull statistics
+ from the datapath, the fault detection interval is set to
+ 3.5 * MAX(
, 500)
+ ms.
+
+
+ -
+ To avoid ambiguity, demand mode disables itself when there are
+ multiple remote maintenance points.
+
+
+ -
+ If the
is heavily congested, CCMs
+ containing the
+ status may be dropped causing changes in the operational state to
+ be delayed. Similarly, if CCMs containing the RDI bit are not
+ received, unidirectional link failures may not be detected.
+
+
+
+
When down
, the CFM module marks all CCMs it generates as
@@ -1857,7 +2558,7 @@
When set, the CFM module will apply a VLAN tag to all CCMs it generates
- with the given PCP value. The VLAN ID of the tag is governed by the
+ with the given PCP value, the VLAN ID of the tag is governed by the
value of . If
is unset, a VLAN ID of
zero is used.
@@ -1866,16 +2567,6 @@
-
- Used in stable
bond mode to make slave
- selection decisions. Allocating values consistently across interfaces
- participating in a bond will guarantee consistent slave selection
- decisions across ovs-vswitchd
instances when using
- stable
bonding mode.
-
-
The LACP port ID of this . Port IDs are
@@ -1945,6 +2636,11 @@
two different hypervisors. That is, active
means that
this is the active
instance within a single hypervisor, not in a broader scope.
+ There is one exception: some hypervisors support ``migration'' from a
+ given hypervisor to itself (most often for test purposes). During
+ such a ``migration,'' two instances of a single might both be briefly marked
+ active
on a single hypervisor.
@@ -2144,6 +2840,88 @@
column has no effect.
+
+
+
+ This string set specifies which fields should be used for
+ address prefix tracking. Prefix tracking allows the
+ classifier to skip rules with longer than necessary prefixes,
+ resulting in better wildcarding for datapath flows.
+
+
+ Prefix tracking may be beneficial when a flow table contains
+ matches on IP address fields with different prefix lengths.
+ For example, when a flow table contains IP address matches on
+ both full addresses and proper prefixes, the full address
+ matches will typically cause the datapath flow to un-wildcard
+ the whole address field (depending on flow entry priorities).
+ In this case each packet with a different address gets handed
+ to the userspace for flow processing and generates its own
+ datapath flow. With prefix tracking enabled for the address
+ field in question packets with addresses matching shorter
+ prefixes would generate datapath flows where the irrelevant
+ address bits are wildcarded, allowing the same datapath flow
+ to handle all the packets within the prefix in question. In
+ this case many userspace upcalls can be avoided and the
+ overall performance can be better.
+
+
+ This is a performance optimization only, so packets will
+ receive the same treatment with or without prefix tracking.
+
+
+ The supported fields are: tun_id
,
+ tun_src
, tun_dst
,
+ nw_src
, nw_dst
(or aliases
+ ip_src
and ip_dst
),
+ ipv6_src
, and ipv6_dst
. (Using this
+ feature for tun_id
would only make sense if the
+ tunnel IDs have prefix structure similar to IP addresses.)
+
+
+
+ By default, the prefixes=ip_dst,ip_src
are used
+ on each flow table. This instructs the flow classifier to
+ track the IP destination and source addresses used by the
+ rules in this specific flow table.
+
+
+
+ The keyword none
is recognized as an explicit
+ override of the default values, causing no prefix fields to be
+ tracked.
+
+
+
+ To set the prefix fields, the flow table record needs to
+ exist:
+
+
+
+ ovs-vsctl set Bridge br0 flow_tables:0=@N1 -- --id=@N1 create Flow_Table name=table0
+ -
+ Creates a flow table record for the OpenFlow table number 0.
+
+
+ ovs-vsctl set Flow_Table table0 prefixes=ip_dst,ip_src
+ -
+ Enables prefix tracking for IP source and destination
+ address fields.
+
+
+
+
+ There is a maximum number of fields that can be enabled for any
+ one flow table. Currently this limit is 3.
+
+
+
+
+ The overall purpose of these columns is described under Common
+ Columns
at the beginning of this document.
+
+
+
@@ -2403,7 +3181,9 @@
- Key-value pairs that report mirror statistics.
+ Key-value pairs that report mirror statistics. The update period
+ is controlled by in the Open_vSwitch
table.
Number of packets transmitted through this mirror.
@@ -2493,18 +3273,33 @@
ssl:ip
[:port
]
-
-
The specified SSL port (default: 6633) on the host at
- the given ip, which must be expressed as an IP address
- (not a DNS name). The
- column in the table must point to a
- valid SSL configuration when this form is used.
+ The specified SSL port on the host at the
+ given ip, which must be expressed as an IP
+ address (not a DNS name). The column in the
+ table must point to a valid SSL configuration when this form
+ is used.
+ If port is not specified, it currently
+ defaults to 6633. In the future, the default will change to
+ 6653, which is the IANA-defined value.
SSL support is an optional feature that is not always built as
part of Open vSwitch.
tcp:ip
[:port
]
- - The specified TCP port (default: 6633) on the host at
- the given ip, which must be expressed as an IP address
- (not a DNS name).
+ -
+
+ The specified TCP port on the host at the given
+ ip, which must be expressed as an IP address (not a
+ DNS name), where ip can be IPv4 or IPv6 address. If
+ ip is an IPv6 address, wrap it in square brackets,
+ e.g. tcp:[::1]:6632
.
+
+
+ If port is not specified, it currently defaults to
+ 6633. In the future, the default will change to 6653, which is
+ the IANA-defined value.
+
+
The following connection methods are currently supported for service
@@ -2514,25 +3309,47 @@
pssl:
[port][:ip
]
- Listens for SSL connections on the specified TCP port
- (default: 6633). If ip, which must be expressed as an
- IP address (not a DNS name), is specified, then connections are
- restricted to the specified local IP address.
+ Listens for SSL connections on the specified TCP port.
+ If ip, which must be expressed as an IP address (not a
+ DNS name), is specified, then connections are restricted to the
+ specified local IP address (either IPv4 or IPv6). If
+ ip is an IPv6 address, wrap it in square brackets,
+ e.g. pssl:6632:[::1]
.
- The column in the table must point to a valid SSL
- configuration when this form is used.
+ If port is not specified, it currently defaults to
+ 6633. If ip is not specified then it listens only on
+ IPv4 (but not IPv6) addresses. The
+
+ column in the table must point to a
+ valid SSL configuration when this form is used.
+
+
+ If port is not specified, it currently defaults to
+ 6633. In the future, the default will change to 6653, which is
+ the IANA-defined value.
+
+
+ SSL support is an optional feature that is not always built as
+ part of Open vSwitch.
- SSL support is an optional feature that is not always built as
- part of Open vSwitch.
ptcp:
[port][:ip
]
- Listens for connections on the specified TCP port
- (default: 6633). If ip, which must be expressed as an
- IP address (not a DNS name), is specified, then connections are
- restricted to the specified local IP address.
+
+ Listens for connections on the specified TCP port. If
+ ip, which must be expressed as an IP address (not a
+ DNS name), is specified, then connections are restricted to the
+ specified local IP address (either IPv4 or IPv6). If
+ ip is an IPv6 address, wrap it in square brackets,
+ e.g. ptcp:6632:[::1]
. If ip is not
+ specified then it listens only on IPv4 addresses.
+
+
+ If port is not specified, it currently defaults to
+ 6633. In the future, the default will change to 6653, which is
+ the IANA-defined value.
+
When multiple controllers are configured for a single bridge, the
@@ -2586,7 +3403,7 @@
-
+
OpenFlow switches send certain messages to controllers spontanenously,
that is, not in response to any request from the controller. These
@@ -2606,38 +3423,102 @@
on any messages that it does want to receive, if any.
-
+
- The maximum rate at which the switch will forward packets to the
- OpenFlow controller, in packets per second. This feature prevents a
- single bridge from overwhelming the controller. If not specified,
- the default is implementation-specific.
+ A switch can forward packets to a controller over the OpenFlow
+ protocol. Forwarding packets this way at too high a rate can
+ overwhelm a controller, frustrate use of the OpenFlow connection for
+ other purposes, increase the latency of flow setup, and use an
+ unreasonable amount of bandwidth. Therefore, Open vSwitch supports
+ limiting the rate of packet forwarding to a controller.
- In addition, when a high rate triggers rate-limiting, Open vSwitch
- queues controller packets for each port and transmits them to the
- controller at the configured rate. The value limits the number of queued
- packets. Ports on a bridge share the packet queue fairly.
+ There are two main reasons in OpenFlow for a packet to be sent to a
+ controller: either the packet ``misses'' in the flow table, that is,
+ there is no matching flow, or a flow table action says to send the
+ packet to the controller. Open vSwitch limits the rate of each kind
+ of packet separately at the configured rate. Therefore, the actual
+ rate that packets are sent to the controller can be up to twice the
+ configured rate, when packets are sent for both reasons.
- Open vSwitch maintains two such packet rate-limiters per bridge: one
- for packets sent up to the controller because they do not correspond
- to any flow, and the other for packets sent up to the controller by
- request through flow actions. When both rate-limiters are filled with
- packets, the actual rate that packets are sent to the controller is
- up to twice the specified rate.
+ This feature is specific to forwarding packets over an OpenFlow
+ connection. It is not general-purpose QoS. See the table for quality of service configuration, and in the table for ingress policing configuration.
-
-
- In conjunction with ,
- the maximum number of unused packet credits that the bridge will
- allow to accumulate, in packets. If not specified, the default
- is implementation-specific.
-
+
+
+ The maximum rate at which the switch will forward packets to the
+ OpenFlow controller, in packets per second. If no value is
+ specified, rate limiting is disabled.
+
+
+
+
+
+ When a high rate triggers rate-limiting, Open vSwitch queues
+ packets to the controller for each port and transmits them to the
+ controller at the configured rate. This value limits the number of
+ queued packets. Ports on a bridge share the packet queue fairly.
+
+
+
+ This value has no effect unless is configured. The current
+ default when this value is not specified is one-quarter of , meaning that queuing can delay
+ forwarding a packet to the controller by up to 250 ms.
+
+
+
+
+
+ These values report the effects of rate limiting. Their values are
+ relative to establishment of the most recent OpenFlow connection,
+ or since rate limiting was enabled, whichever happened more
+ recently. Each consists of two values, one with TYPE
+ replaced by miss
for rate limiting flow table misses,
+ and the other with TYPE
replaced by
+ action
for rate limiting packets sent by OpenFlow
+ actions.
+
+
+
+ These statistics are reported only when controller rate limiting is
+ enabled.
+
+
+
+ Number of packets sent directly to the controller, without queuing,
+ because the rate did not exceed the configured maximum.
+
+
+
+ Number of packets added to the queue to send later.
+
+
+
+ Number of packets added to the queue that were later dropped due to
+ overflow. This value is less than or equal to .
+
+
+
+ Number of packets currently queued. The other statistics increase
+ monotonically, but this one fluctuates between 0 and the as conditions change.
+
+
+
@@ -2687,7 +3568,7 @@
Equivalent to other
, except that there may be at
most one master controller at a time. When a controller configures
itself as master
, any existing master is demoted to
- the slave
role.
+ the slave
role.
slave
Allows the controller read-only access to OpenFlow features.
Attempts to modify the flow table will be rejected with an
@@ -2804,37 +3685,60 @@
ssl:ip
[:port
]
- The specified SSL port (default: 6632) on the host at
- the given ip, which must be expressed as an IP address
- (not a DNS name). The
- column in the table must point to a
- valid SSL configuration when this form is used.
+ The specified SSL port on the host at the given
+ ip, which must be expressed as an IP address
+ (not a DNS name). The column in the
+ table must point to a valid SSL configuration when this
+ form is used.
- SSL support is an optional feature that is not always built as
- part of Open vSwitch.
+ If port is not specified, it currently defaults
+ to 6632. In the future, the default will change to 6640,
+ which is the IANA-defined value.
+
+
+ SSL support is an optional feature that is not always
+ built as part of Open vSwitch.
tcp:ip
[:port
]
- The specified TCP port (default: 6632) on the host at
- the given ip, which must be expressed as an IP address
- (not a DNS name).
+
+ The specified TCP port on the host at the given
+ ip, which must be expressed as an IP address (not a
+ DNS name), where ip can be IPv4 or IPv6 address. If
+ ip is an IPv6 address, wrap it in square brackets,
+ e.g. tcp:[::1]:6632
.
+
+
+ If port is not specified, it currently defaults
+ to 6632. In the future, the default will change to 6640,
+ which is the IANA-defined value.
+
pssl:
[port][:ip
]
- Listens for SSL connections on the specified TCP port
- (default: 6632). If ip, which must be expressed as an
- IP address (not a DNS name), is specified, then connections are
- restricted to the specified local IP address.
-
-
+ Listens for SSL connections on the specified TCP port.
+ Specify 0 for port to have the kernel automatically
+ choose an available port. If ip, which must be
+ expressed as an IP address (not a DNS name), is specified, then
+ connections are restricted to the specified local IP address
+ (either IPv4 or IPv6 address). If ip is an IPv6
+ address, wrap in square brackets,
+ e.g. pssl:6632:[::1]
. If ip is not
+ specified then it listens only on IPv4 (but not IPv6) addresses.
The column in the table must point to a valid SSL
configuration when this form is used.
+
+ If port is not specified, it currently defaults
+ to 6632. In the future, the default will change to 6640,
+ which is the IANA-defined value.
+
SSL support is an optional feature that is not always built as
part of Open vSwitch.
@@ -2842,10 +3746,22 @@
ptcp:
[port][:ip
]
- Listens for connections on the specified TCP port
- (default: 6632). If ip, which must be expressed as an
- IP address (not a DNS name), is specified, then connections are
- restricted to the specified local IP address.
+
+ Listens for connections on the specified TCP port.
+ Specify 0 for port to have the kernel automatically
+ choose an available port. If ip, which must be
+ expressed as an IP address (not a DNS name), is specified, then
+ connections are restricted to the specified local IP address
+ (either IPv4 or IPv6 address). If ip is an IPv6
+ address, wrap it in square brackets,
+ e.g. ptcp:6632:[::1]
. If ip is not
+ specified then it listens only on IPv4 addresses.
+
+
+ If port is not specified, it currently defaults
+ to 6632. In the future, the default will change to 6640,
+ which is the IANA-defined value.
+
When multiple managers are configured, the
@@ -2989,6 +3905,14 @@
chosen connection.
+
+
+ When is ptcp:
or
+ pssl:
, this is the TCP port on which the OVSDB server is
+ listening. (This is is particularly useful when specifies a port of 0, allowing the kernel to
+ choose any available port.)
+
@@ -3108,8 +4032,8 @@
- An sFlow(R) target. sFlow is a protocol for remote monitoring
- of switches.
+ A set of sFlow(R) targets. sFlow is a protocol for remote
+ monitoring of switches.
Name of the network device whose IP address should be reported as the
@@ -3150,4 +4074,182 @@
+
+ A set of IPFIX collectors. IPFIX is a protocol that exports a
+ number of details about flows.
+
+
+ IPFIX target collectors in the form
+ ip:port
.
+
+
+
+ For per-bridge packet sampling, i.e. when this row is referenced
+ from a , the rate at which packets should
+ be sampled and sent to each target collector. If not specified,
+ defaults to 400, which means one out of 400 packets, on average,
+ will be sent to each target collector. Ignored for per-flow
+ sampling, i.e. when this row is referenced from a .
+
+
+
+ For per-bridge packet sampling, i.e. when this row is referenced
+ from a , the IPFIX Observation Domain ID
+ sent in each IPFIX packet. If not specified, defaults to 0.
+ Ignored for per-flow sampling, i.e. when this row is referenced
+ from a .
+
+
+
+ For per-bridge packet sampling, i.e. when this row is referenced
+ from a , the IPFIX Observation Point ID
+ sent in each IPFIX flow record. If not specified, defaults to
+ 0. Ignored for per-flow sampling, i.e. when this row is
+ referenced from a .
+
+
+
+ The maximum period in seconds for which an IPFIX flow record is
+ cached and aggregated before being sent. If not specified,
+ defaults to 0. If 0, caching is disabled.
+
+
+
+ The maximum number of IPFIX flow records that can be cached at a
+ time. If not specified, defaults to 0. If 0, caching is
+ disabled.
+
+
+
+ For per-bridge packet sampling, i.e. when this row is referenced
+ from a , enable sampling and reporting tunnel
+ header 7-tuples in IPFIX flow records. Disabled by default.
+ Ignored for per-flow sampling, i.e. when this row is referenced
+ from a .
+ Please note: The following enterprise entities are
+ currently used when exporting the sampled tunnel info.
+
+ - tunnelType:
+ -
+
ID: 891, and enterprise ID 6876 (VMware).
+ type: unsigned 8-bit interger.
+ data type semantics: identifier.
+ description: Identifier of the layer 2 network overlay network
+ encapsulation type: 0x01 VxLAN, 0x02 GRE, 0x03 LISP, 0x05 IPsec+GRE,
+ 0x07 GENEVE.
+
+ - tunnelKey:
+ -
+
ID: 892, and enterprise ID 6876 (VMware).
+ type: variable-length octetarray.
+ data type semantics: identifier.
+ description: Key which is used for identifying an individual
+ traffic flow within a VxLAN (24-bit VNI), GENEVE(24-bit VNI),
+ GRE (32- or 64-bit key), or LISP (24-bit instance ID) tunnel. The
+ key is encoded in this octetarray as a 3-, 4-, or 8-byte integer
+ ID in network byte order.
+
+ - tunnelSourceIPv4Address:
+ -
+
ID: 893, and enterprise ID 6876 (VMware).
+ type: unsigned 32-bit interger.
+ data type semantics: identifier.
+ description: The IPv4 source address in the tunnel IP packet
+ header.
+
+ - tunnelDestinationIPv4Address:
+ -
+
ID: 894, and enterprise ID 6876 (VMware).
+ type: unsigned 32-bit integer.
+ data type semantics: identifier.
+ description: The IPv4 destination address in the tunnel IP
+ packet header.
+
+ - tunnelProtocolIdentifier:
+ -
+
ID: 895, and enterprise ID 6876 (VMware).
+ type: unsigned 8-bit integer.
+ data type semantics: identifier.
+ description: The value of the protocol number in the tunnel
+ IP packet header. The protocol number identifies the tunnel IP
+ packet payload type.
+
+ - tunnelSourceTransportPort:
+ -
+
ID: 896, and enterprise ID 6876 (VMware).
+ type: unsigned 16-bit integer.
+ data type semantics: identifier.
+ description: The source port identifier in the tunnel transport
+ header. For the transport protocols UDP, TCP, and SCTP, this is
+ the source port number given in the respective header.
+
+ - tunnelDestinationTransportPort:
+ -
+
ID: 897, and enterprise ID 6876 (VMware).
+ type: unsigned 16-bit integer.
+ data type semantics: identifier.
+ description: The destination port identifier in the tunnel
+ transport header. For the transport protocols UDP, TCP, and SCTP,
+ this is the destination port number given in the respective header.
+
+
+
+
+
+
+ For per-bridge packet sampling, i.e. when this row is referenced
+ from a , enable sampling and reporting flows
+ at bridge port input in IPFIX flow records. Enabled by default.
+ Ignored for per-flow sampling, i.e. when this row is referenced
+ from a .
+
+
+
+ For per-bridge packet sampling, i.e. when this row is referenced
+ from a , enable sampling and reporting flows
+ at bridge port output in IPFIX flow records. Enabled by default.
+ Ignored for per-flow sampling, i.e. when this row is referenced
+ from a .
+
+
+
+ The overall purpose of these columns is described under Common
+ Columns
at the beginning of this document.
+
+
+
+
+
+
+ A set of IPFIX collectors of packet samples generated by
+ OpenFlow sample
actions.
+
+
+ The ID of this collector set, unique among the bridge's
+ collector sets, to be used as the collector_set_id
+ in OpenFlow sample
actions.
+
+
+
+ The bridge into which OpenFlow sample
actions can
+ be added to send packet samples to this set of IPFIX collectors.
+
+
+
+ Configuration of the set of IPFIX collectors to send one flow
+ record per sampled packet to.
+
+
+
+ The overall purpose of these columns is described under Common
+ Columns
at the beginning of this document.
+
+
+
+
+