1 <?xml version="1.0" encoding="utf-8"?>
2 <database name="ovn-nb" title="OVN Northbound Database">
4 This database is the interface between OVN and the cloud management system
5 (CMS), such as OpenStack, running above it. The CMS produces almost all of
6 the contents of the database. The <code>ovn-northd</code> program
7 monitors the database contents, transforms it, and stores it into the <ref
8 db="OVN_Southbound"/> database.
12 We generally speak of ``the'' CMS, but one can imagine scenarios in
13 which multiple CMSes manage different parts of an OVN deployment.
19 Each of the tables in this database contains a special column, named
20 <code>external_ids</code>. This column has the same form and purpose each
25 <dt><code>external_ids</code>: map of string-string pairs</dt>
27 Key-value pairs for use by the CMS. The CMS might use certain pairs, for
28 example, to identify entities in its own configuration that correspond to
29 those in this database.
33 <table name="Logical_Switch" title="L2 logical switch">
35 Each row represents one L2 logical switch.
39 There are two kinds of logical switches, that is, ones that fully
40 virtualize the network (overlay logical switches) and ones that provide
41 simple connectivity to a physical network (bridged logical switches).
42 They work in the same way when providing connectivity between logical
43 ports on same chasis, but differently when connecting remote logical
44 ports. Overlay logical switches connect remote logical ports by tunnels,
45 while bridged logical switches provide connectivity to remote ports by
46 bridging the packets to directly connected physical L2 segment with the
47 help of <code>localnet</code> ports. Each bridged logical switch has
48 one and only one <code>localnet</code> port, which has only one special
49 address <code>unknown</code>.
54 A name for the logical switch. This name has no special meaning or purpose
55 other than to provide convenience for human interaction with the ovn-nb
56 database. There is no requirement for the name to be unique. The
57 logical switch's UUID should be used as the unique identifier.
63 The logical ports connected to the logical switch.
67 It is an error for multiple logical switches to include the same
72 <column name="load_balancer">
73 Load balance a virtual ipv4 address to a set of logical port endpoint
78 Access control rules that apply to packets within the logical switch.
81 <group title="Common Columns">
82 <column name="external_ids">
83 See <em>External IDs</em> at the beginning of this document.
88 <table name="Logical_Switch_Port" title="L2 logical switch port">
90 A port within an L2 logical switch.
93 <group title="Core Features">
96 The logical port name.
100 For entities (VMs or containers) that are spawned in the hypervisor,
101 the name used here must match those used in the <ref key="iface-id"
102 table="Interface" column="external_ids" db="Open_vSwitch"/> in the
103 <ref db="Open_vSwitch"/> database's <ref table="Interface"
104 db="Open_vSwitch"/> table, because hypervisors use <ref key="iface-id"
105 table="Interface" column="external_ids" db="Open_vSwitch"/> as a lookup
106 key to identify the network interface of that entity.
110 For containers that share a VIF within a VM, the name can be any
111 unique identifier. See <code>Containers</code>, below, for more
118 Specify a type for this logical port. Logical ports can be used to
119 model other types of connectivity into an OVN logical switch. The
120 following types are defined:
124 <dt>(empty string)</dt>
126 A VM (or VIF) interface.
129 <dt><code>router</code></dt>
131 A connection to a logical router.
134 <dt><code>localnet</code></dt>
136 A connection to a locally accessible network from each
137 <code>ovn-controller</code> instance. A logical switch can only
138 have a single <code>localnet</code> port attached. This is used
139 to model direct connectivity to an existing network.
142 <dt><code>l2gateway</code></dt>
144 A connection to a physical network.
147 <dt><code>vtep</code></dt>
149 A port to a logical switch on a VTEP gateway.
155 <group title="Options">
156 <column name="options">
157 This column provides key/value settings specific to the logical port
158 <ref column="type"/>. The type-specific options are described
162 <group title="Options for router ports">
164 These options apply when <ref column="type"/> is <code>router</code>.
167 <column name="options" key="router-port">
168 Required. The <ref column="name"/> of the <ref
169 table="Logical_Router_Port"/> to which this logical switch port is
174 <group title="Options for localnet ports">
176 These options apply when <ref column="type"/> is
177 <code>localnet</code>.
180 <column name="options" key="network_name">
181 Required. The name of the network to which the <code>localnet</code>
182 port is connected. Each hypervisor, via <code>ovn-controller</code>,
183 uses its local configuration to determine exactly how to connect to
184 this locally accessible network.
188 <group title="Options for l2gateway ports">
190 These options apply when <ref column="type"/> is
191 <code>l2gateway</code>.
194 <column name="options" key="network_name">
195 Required. The name of the network to which the <code>l2gateway</code>
196 port is connected. The L2 gateway, via <code>ovn-controller</code>,
197 uses its local configuration to determine exactly how to connect to
201 <column name="options" key="l2gateway-chassis">
202 Required. The chassis on which the <code>l2gateway</code> logical
203 port should be bound to. <code>ovn-controller</code> running on the
204 defined chassis will connect this logical port to the physical network.
209 <group title="Options for vtep ports">
211 These options apply when <ref column="type"/> is <code>vtep</code>.
214 <column name="options" key="vtep-physical-switch">
215 Required. The name of the VTEP gateway.
218 <column name="options" key="vtep-logical-switch">
219 Required. A logical switch name connected by the VTEP gateway.
223 <group title="VMI (or VIF) Options">
225 These options apply to logical ports with <ref column="type"/> having
229 <column name="options" key="policing_rate">
230 If set, indicates the maximum rate for data sent from this interface,
231 in kbps. Data exceeding this rate is dropped.
234 <column name="options" key="policing_burst">
235 If set, indicates the maximum burst size for data sent from this
241 <group title="Containers">
243 When a large number of containers are nested within a VM, it may be too
244 expensive to dedicate a VIF to each container. OVN can use VLAN tags
245 to support such cases. Each container is assigned a VLAN ID and each
246 packet that passes between the hypervisor and the VM is tagged with the
247 appropriate ID for the container. Such VLAN IDs never appear on a
248 physical wire, even inside a tunnel, so they need not be unique except
249 relative to a single VM on a hypervisor.
253 These columns are used for VIFs that represent nested containers using
254 shared VIFs. For VMs and for containers that have dedicated VIFs, they
258 <column name="parent_name">
259 The VM interface through which the nested container sends its network
260 traffic. This must match the <ref column="name"/> column for some
261 other <ref table="Logical_Switch_Port"/>.
266 The VLAN tag in the network traffic associated with a container's
271 When <ref column="type"/> is set to <code>localnet</code>, this can
272 be set to indicate that the port represents a connection to a
273 specific VLAN on a locally accessible network. The VLAN ID is used to
274 match incoming traffic and is also added to outgoing traffic.
279 <group title="Port State">
281 This column is populated by <code>ovn-northd</code>, rather than by the
282 CMS plugin as is most of this database. When a logical port is bound
283 to a physical location in the OVN Southbound database <ref
284 db="OVN_Southbound" table="Binding"/> table, <code>ovn-northd</code>
285 sets this column to <code>true</code>; otherwise, or if the port
286 becomes unbound later, it sets it to <code>false</code>. This allows
287 the CMS to wait for a VM's (or container's) networking to become active
288 before it allows the VM (or container) to start.
291 <column name="enabled">
292 This column is used to administratively set port state. If this column
293 is empty or is set to <code>true</code>, the port is enabled. If this
294 column is set to <code>false</code>, the port is disabled. A disabled
295 port has all ingress and egress traffic dropped.
300 <group title="Addressing">
301 <column name="addresses">
303 Addresses owned by the logical port.
307 Each element in the set must take one of the following forms:
311 <dt><code>Ethernet address followed by zero or more IPv4 or IPv6 addresses (or both)</code></dt>
314 An Ethernet address defined is owned by the logical port.
315 Like a physical Ethernet NIC, a logical port ordinarily has
316 a single fixed Ethernet address.
320 When a OVN logical switch processes a unicast Ethernet frame
321 whose destination MAC address is in a logical port's <ref
322 column="addresses"/> column, it delivers it only to that port, as
323 if a MAC learning process had learned that MAC address on the
328 If IPv4 or IPv6 address(es) (or both) are defined, it indicates
329 that the logical port owns the given IP addresses.
333 If IPv4 address(es) are defined, the OVN logical switch uses this
334 information to synthesize responses to ARP requests without
335 traversing the physical network. The OVN logical router connected
336 to the logical switch, if any, uses this information to avoid
337 issuing ARP requests for logical switch ports.
341 Note that the order here is important. The Ethernet address must
342 be listed before the IP address(es) if defined.
350 <dt><code>80:fa:5b:06:72:b7</code></dt>
352 This indicates that the logical port owns the above mac address.
355 <dt><code>80:fa:5b:06:72:b7 10.0.0.4 20.0.0.4</code></dt>
357 This indicates that the logical port owns the mac address and two
361 <dt><code>80:fa:5b:06:72:b7 fdaa:15f2:72cf:0:f816:3eff:fe20:3f41</code></dt>
363 This indicates that the logical port owns the mac address and
367 <dt><code>80:fa:5b:06:72:b7 10.0.0.4 fdaa:15f2:72cf:0:f816:3eff:fe20:3f41</code></dt>
369 This indicates that the logical port owns the mac address and
370 1 IPv4 address and 1 IPv6 address.
375 <dt><code>unknown</code></dt>
377 This indicates that the logical port has an unknown set of Ethernet
378 addresses. When an OVN logical switch processes a unicast Ethernet
379 frame whose destination MAC address is not in any logical port's
380 <ref column="addresses"/> column, it delivers it to the port (or
381 ports) whose <ref column="addresses"/> columns include
382 <code>unknown</code>.
387 <column name="port_security">
389 This column controls the addresses from which the host attached to the
390 logical port (``the host'') is allowed to send packets and to which it
391 is allowed to receive packets. If this column is empty, all addresses
396 Each element in the set must begin with one Ethernet address.
397 This would restrict the host to sending packets from and receiving
398 packets to the ethernet addresses defined in the logical port's
399 <ref column="port_security"/> column. It also restricts the inner
400 source MAC addresses that the host may send in ARP and IPv6
401 Neighbor Discovery packets. The host is always allowed to receive packets
402 to multicast and broadcast Ethernet addresses.
406 Each element in the set may additionally contain one or more IPv4 or
407 IPv6 addresses (or both), with optional masks. If a mask is given, it
408 must be a CIDR mask. In addition to the restrictions described for
409 Ethernet addresses above, such an element restricts the IPv4 or IPv6
410 addresses from which the host may send and to which it may receive
411 packets to the specified addresses. A masked address, if the host part
412 is zero, indicates that the host is allowed to use any address in the
413 subnet; if the host part is nonzero, the mask simply indicates the size
414 of the subnet. In addition:
420 If any IPv4 address is given, the host is also allowed to receive
421 packets to the IPv4 local broadcast address 255.255.255.255 and to
422 IPv4 multicast addresses (224.0.0.0/4). If an IPv4 address with a
423 mask is given, the host is also allowed to receive packets to the
424 broadcast address in that specified subnet.
428 If any IPv4 address is given, the host is additionally restricted
429 to sending ARP packets with the specified source IPv4 address.
430 (RARP is not restricted.)
436 If any IPv6 address is given, the host is also allowed to receive
437 packets to IPv6 multicast addresses (ff00::/8).
441 If any IPv6 address is given, the host is additionally restricted
442 to sending IPv6 Neighbor Discovery Solicitation or Advertisement
443 packets with the specified source address or, for solicitations,
444 the unspecified address.
450 If an element includes an IPv4 address, but no IPv6 addresses, then
451 IPv6 traffic is not allowed. If an element includes an IPv6 address,
452 but no IPv4 address, then IPv4 and ARP traffic is not allowed.
456 This column uses the same lexical syntax as the <ref column="match"
457 table="Pipeline" db="OVN_Southbound"/> column in the OVN Southbound
458 database's <ref table="Pipeline" db="OVN_Southbound"/> table. Multiple
459 addresses within an element may be space or comma separated.
463 This column is provided as a convenience to cloud management systems,
464 but all of the features that it implements can be implemented as ACLs
465 using the <ref table="ACL"/> table.
473 <dt><code>80:fa:5b:06:72:b7</code></dt>
475 The host may send traffic from and receive traffic to the specified
476 MAC address, and to receive traffic to Ethernet multicast and
477 broadcast addresses, but not otherwise. The host may not send ARP or
478 IPv6 Neighbor Discovery packets with inner source Ethernet addresses
479 other than the one specified.
482 <dt><code>80:fa:5b:06:72:b7 192.168.1.10/24</code></dt>
484 This adds further restrictions to the first example. The host may
485 send IPv4 packets from or receive IPv4 packets to only 192.168.1.10,
486 except that it may also receive IPv4 packets to 192.168.1.255 (based
487 on the subnet mask), 255.255.255.255, and any address in 224.0.0.0/4.
488 The host may not send ARPs with a source Ethernet address other than
489 80:fa:5b:06:72:b7 or source IPv4 address other than 192.168.1.10.
490 The host may not send or receive any IPv6 (including IPv6 Neighbor
494 <dt><code>"80:fa:5b:12:42:ba", "80:fa:5b:06:72:b7 192.168.1.10/24"</code></dt>
496 The host may send traffic from and receive traffic to the
497 specified MAC addresses, and
498 to receive traffic to Ethernet multicast and broadcast addresses,
499 but not otherwise. With MAC 80:fa:5b:12:42:ba, the host may
500 send traffic from and receive traffic to any L3 address.
501 With MAC 80:fa:5b:06:72:b7, the host may send IPv4 packets from or
502 receive IPv4 packets to only 192.168.1.10, except that it may also
503 receive IPv4 packets to 192.168.1.255 (based on the subnet mask),
504 255.255.255.255, and any address in 224.0.0.0/4. The host may not
505 send or receive any IPv6 (including IPv6 Neighbor Discovery) traffic.
511 <group title="Common Columns">
512 <column name="dhcpv4_options">
513 This column defines the DHCPv4 Options to be included by the
514 <code>ovn-controller</code> when it replies to the DHCPv4 requests.
515 Please see the <ref table="DHCP_Options"/> table.
518 <column name="external_ids">
519 See <em>External IDs</em> at the beginning of this document.
524 <table name="Address_Set" title="Address Sets">
526 Each row in this table represents a named set of addresses.
527 An address set may contain Ethernet, IPv4, or IPv6 addresses
528 with optional bitwise or CIDR masks.
529 Address set may ultimately be used in ACLs to compare against
530 fields such as <code>ip4.src</code> or <code>ip6.src</code>.
531 A single address set must contain addresses of the
532 same type. As an example, the following would create an address set
533 with three IP addresses:
537 ovn-nbctl create Address_Set name=set1 addresses='10.0.0.1 10.0.0.2 10.0.0.3'
541 Address sets may be used in the <ref column="match" table="ACL"/> column
542 of the <ref table="ACL"/> table. For syntax information, see the details
543 of the expression language used for the <ref column="match"
544 table="Logical_Flow" db="OVN_Southbound"/> column in the <ref
545 table="Logical_Flow" db="OVN_Southbound"/> table of the <ref
546 db="OVN_Southbound"/> database.
550 A name for the address set. This must be unique among all address sets.
553 <column name="addresses">
554 The set of addresses in string form.
557 <group title="Common Columns">
558 <column name="external_ids">
559 See <em>External IDs</em> at the beginning of this document.
564 <table name="Load_Balancer" title="load balancer">
566 Each row represents one load balancer.
571 A map of virtual IPv4 addresses (and an optional port number with
572 <code>:</code> as a separator) associated with this load balancer and
573 their corresponding endpoint IPv4 addresses (and optional port numbers
574 with <code>:</code> as separators) separated by commas. If
575 the destination IP address (and port number) of a packet leaving a
576 container or a VM matches the virtual IPv4 address (and port number)
577 provided here as a key, then OVN will statefully replace the
578 destination IP address by one of the provided IPv4 address (and port
579 number) in this map as a value. Examples for keys are "192.168.1.4"
580 and "172.16.1.8:80". Examples for value are "10.0.0.1, 10.0.0.2" and
581 "20.0.0.10:8800, 20.0.0.11:8800".
585 <column name="protocol">
587 Valid protocols are <code>tcp</code> or <code>udp</code>. This column
588 is useful when a port number is provided as part of the
589 <code>vips</code> column. If this column is empty and a port number
590 is provided as part of <code>vips</code> column, OVN assumes the
591 protocol to be <code>tcp</code>.
595 <group title="Common Columns">
596 <column name="external_ids">
597 See <em>External IDs</em> at the beginning of this document.
602 <table name="ACL" title="Access Control List (ACL) rule">
604 Each row in this table represents one ACL rule for a logical switch
605 that points to it through its <ref column="acls"/> column. The <ref
606 column="action"/> column for the highest-<ref column="priority"/>
607 matching row in this table determines a packet's treatment. If no row
608 matches, packets are allowed by default. (Default-deny treatment is
609 possible: add a rule with <ref column="priority"/> 0, <code>0</code> as
610 <ref column="match"/>, and <code>deny</code> as <ref column="action"/>.)
613 <column name="priority">
615 The ACL rule's priority. Rules with numerically higher priority
616 take precedence over those with lower. If two ACL rules with
617 the same priority both match, then the one actually applied to a
622 Return traffic from an <code>allow-related</code> flow is always
623 allowed and cannot be changed through an ACL.
627 <column name="direction">
628 <p>Direction of the traffic to which this rule should apply:</p>
631 <code>from-lport</code>: Used to implement filters on traffic
632 arriving from a logical port. These rules are applied to the
633 logical switch's ingress pipeline.
636 <code>to-lport</code>: Used to implement filters on traffic
637 forwarded to a logical port. These rules are applied to the
638 logical switch's egress pipeline.
643 <column name="match">
645 The packets that the ACL should match, in the same expression
646 language used for the <ref column="match" table="Logical_Flow"
647 db="OVN_Southbound"/> column in the OVN Southbound database's
648 <ref table="Logical_Flow" db="OVN_Southbound"/> table. The
649 <code>outport</code> logical port is only available in the
650 <code>to-lport</code> direction (the <code>inport</code> is
651 available in both directions).
655 By default all traffic is allowed. When writing a more
656 restrictive policy, it is important to remember to allow flows
657 such as ARP and IPv6 neighbor discovery packets.
661 Note that you can not create an ACL matching on a port with
666 Note that when <code>localnet</code> port exists in a lswitch, for
667 <code>to-lport</code> direction, the <code>inport</code> works only if
668 the <code>to-lport</code> is located on the same chassis as the
673 <column name="action">
674 <p>The action to take when the ACL rule matches:</p>
677 <code>allow</code>: Forward the packet.
681 <code>allow-related</code>: Forward the packet and related traffic
682 (e.g. inbound replies to an outbound connection).
686 <code>drop</code>: Silently drop the packet.
690 <code>reject</code>: Drop the packet, replying with a RST for TCP or
691 ICMP unreachable message for other IP-based protocols.
692 <code>Not implemented--currently treated as drop</code>
699 If set to <code>true</code>, packets that match the ACL will trigger a
700 log message on the transport node or nodes that perform ACL processing.
701 Logging may be combined with any <ref column="action"/>.
705 Logging is not yet implemented.
709 <group title="Common Columns">
710 <column name="external_ids">
711 See <em>External IDs</em> at the beginning of this document.
716 <table name="Logical_Router" title="L3 logical router">
718 Each row represents one L3 logical router.
723 A name for the logical router. This name has no special meaning or purpose
724 other than to provide convenience for human interaction with the ovn-nb
725 database. There is no requirement for the name to be unique. The
726 logical router's UUID should be used as the unique identifier.
730 <column name="ports">
734 <column name="static_routes">
735 One or more static routes for the router.
738 <column name="enabled">
739 This column is used to administratively set router state. If this column
740 is empty or is set to <code>true</code>, the router is enabled. If this
741 column is set to <code>false</code>, the router is disabled. A disabled
742 router has all ingress and egress traffic dropped.
746 One or more NAT rules for the router. NAT rules only work on the
750 <group title="Options">
752 Additional options for the logical router.
755 <column name="options" key="chassis">
757 If set, indicates that the logical router in question is a Gateway
758 router (which is centralized) and resides in the set chassis. The
759 same value is also used by <code>ovn-controller</code> to
760 uniquely identify the chassis in the OVN deployment and
761 comes from <code>external_ids:system-id</code> in the
762 <code>Open_vSwitch</code> table of Open_vSwitch database.
766 The Gateway router can only be connected to a distributed router
767 via a switch if SNAT and DNAT are to be configured in the Gateway
773 <group title="Common Columns">
774 <column name="external_ids">
775 See <em>External IDs</em> at the beginning of this document.
780 <table name="Logical_Router_Port" title="L3 logical router port">
782 A port within an L3 logical router.
786 Exactly one <ref table="Logical_Router"/> row must reference a given
792 A name for the logical router port.
796 In addition to provide convenience for human interaction with the
797 ovn-nb database, this column is used as reference by its patch port in
798 <ref table="Logical_Switch_Port"/> or another logical router port in
799 <ref table="Logical_Router_Port"/>.
803 <column name="networks">
805 The IP addresses and netmasks of the router. For example,
806 <code>192.168.0.1/24</code> indicates that the router's IP
807 address is 192.168.0.1 and that packets destined to
808 192.168.0.<var>x</var> should be routed to this port.
813 The Ethernet address that belongs to this router port.
816 <column name="enabled">
817 This column is used to administratively set port state. If this column
818 is empty or is set to <code>true</code>, the port is enabled. If this
819 column is set to <code>false</code>, the port is disabled. A disabled
820 port has all ingress and egress traffic dropped.
823 <group title="Attachment">
825 A given router port serves one of two purposes:
830 To attach a logical switch to a logical router. A logical router
831 port of this type is referenced by exactly one <ref
832 table="Logical_Switch_Port"/> of type <code>router</code>.
833 The value of <ref column="name"/> is set as
834 <code>router-port</code> in column <ref column="options"/> of
835 <ref table="Logical_Switch_Port"/>. In this case <ref
836 column="peer"/> column is empty.
840 To connect one logical router to another. This requires a pair of
841 logical router ports, each connected to a different router. Each
842 router port in the pair specifies the other in its <ref
843 column="peer"/> column. No <ref table="Logical_Switch"/> refers to
850 For a router port used to connect two logical routers, this
851 identifies the other router port in the pair by <ref column="name"/>.
855 For a router port attached to a logical switch, this column is empty.
860 <group title="Common Columns">
861 <column name="external_ids">
862 See <em>External IDs</em> at the beginning of this document.
867 <table name="Logical_Router_Static_Route" title="Logical router static routes">
869 Each record represents a static route.
872 <column name="ip_prefix">
874 IP prefix of this route (e.g. 192.168.100.0/24).
878 <column name="nexthop">
880 Nexthop IP address for this route. Nexthop IP address should be the IP
881 address of a connected router port or the IP address of a logical port.
885 <column name="output_port">
887 The name of the <ref table="Logical_Router_Port"/> via which the packet
888 needs to be sent out. This is optional and when not specified,
889 OVN will automatically figure this out based on the
890 <ref column="nexthop"/>.
895 <table name="NAT" title="NAT rules for a Gateway router.">
897 Each record represents a NAT rule in a Gateway router.
901 <p>Type of the NAT rule.</p>
904 When <ref column="type"/> is <code>dnat</code>, the externally
905 visible IP address <ref column="external_ip"/> is DNATted to the IP
906 address <ref column="logical_ip"/> in the logical space.
909 When <ref column="type"/> is <code>snat</code>, IP packets
910 with their source IP address that either matches the IP address
911 in <ref column="logical_ip"/> or is in the network provided by
912 <ref column="logical_ip"/> is SNATed into the IP address in
913 <ref column="external_ip"/>.
916 When <ref column="type"/> is <code>dnat_and_snat</code>, the
917 externally visible IP address <ref column="external_ip"/> is
918 DNATted to the IP address <ref column="logical_ip"/> in the
919 logical space. In addition, IP packets with the source IP
920 address that matches <ref column="logical_ip"/> is SNATed into
921 the IP address in <ref column="external_ip"/>.
926 <column name="external_ip">
930 <column name="logical_ip">
931 An IPv4 network (e.g 192.168.1.0/24) or an IPv4 address.
935 <table name="DHCP_Options" title="DHCP options">
937 OVN implements a native DHCPv4 support which caters to the common
938 use case of providing an IPv4 address to a booting instance by
939 providing stateless replies to DHCPv4 requests based on statically
940 configured address mappings. To do this it allows a short list of
941 DHCPv4 options to be configured and applied at each compute host
942 running ovn-controller.
947 The DHCPv4 options will be included if the logical port has the IPv4
948 address in this <ref column="cidr"/>.
952 <group title="DHCPv4 options">
954 CMS should define the set of DHCPv4 options as key/value pairs in the
955 <ref column="options"/> column of this table. For
956 <code>ovn-controller</code> to include these DHCPv4 options, the
957 <ref column="dhcpv4_options"/> of <ref table="Logical_Switch_Port"/>
958 should refer to an entry in this table.
961 <group title="Mandatory DHCPv4 options">
963 The following options must be defined.
966 <column name="options" key="server_id">
967 The IP address for the DHCP server to use. This should be in the
968 subnet of the offered IP. This is also included in the DHCP offer as
969 option 54, ``server identifier.''
972 <column name="options" key="server_mac">
973 The Ethernet address for the DHCP server to use.
976 <column name="options" key="router">
978 The IP address of a gateway for the client to use. This should be
979 in the subnet of the offered IP. The DHCPv4 option code for this
984 <column name="options" key="lease_time"
985 type='{"type": "integer", "minInteger": 0, "maxInteger": 4294967295}'>
987 The offered lease time in seconds,
991 The DHCPv4 option code for this option is 51.
996 <group title="IPv4 DHCP Options">
998 Below are the supported DHCPv4 options whose values are an IPv4
999 address, e.g. <code>192.168.1.1</code>. Some options accept multiple
1000 IPv4 addresses enclosed within curly braces, e.g. <code>{192.168.1.2,
1001 192.168.1.3}</code>. Please refer to RFC 2132 for more details on
1002 DHCPv4 options and their codes.
1005 <column name="options" key="netmask">
1007 The DHCPv4 option code for this option is 1.
1011 <column name="options" key="dns_server">
1013 The DHCPv4 option code for this option is 6.
1017 <column name="options" key="log_server">
1019 The DHCPv4 option code for this option is 7.
1023 <column name="options" key="lpr_server">
1025 The DHCPv4 option code for this option is 9.
1029 <column name="options" key="swap_server">
1031 The DHCPv4 option code for this option is 16.
1035 <column name="options" key="policy_filter">
1037 The DHCPv4 option code for this option is 21.
1041 <column name="options" key="router_solicitation">
1043 The DHCPv4 option code for this option is 32.
1047 <column name="options" key="nis_server">
1049 The DHCPv4 option code for this option is 41.
1053 <column name="options" key="ntp_server">
1055 The DHCPv4 option code for this option is 42.
1059 <column name="options" key="tftp_server">
1061 The DHCPv4 option code for this option is 66.
1065 <column name="options" key="classless_static_route">
1067 The DHCPv4 option code for this option is 121.
1071 This option can contain one or more static routes, each of which
1072 consists of a destination descriptor and the IP address of the
1073 router that should be used to reach that destination. Please see
1074 RFC 3442 for more details.
1078 Example: <code>{30.0.0.0/24,10.0.0.10, 0.0.0.0/0,10.0.0.1}</code>
1082 <column name="options" key="ms_classless_static_route">
1084 The DHCPv4 option code for this option is 249. This option is
1085 similar to <code>classless_static_route</code> supported by
1086 Microsoft Windows DHCPv4 clients.
1091 <group title="Boolean DHCP Options">
1093 These options accept a Boolean value, expressed as <code>0</code> for
1094 false or <code>1</code> for true.
1097 <column name="options" key="ip_forward_enable"
1098 type='{"type": "string", "enum": ["set", ["0", "1"]]}'>
1100 The DHCPv4 option code for this option is 19.
1104 <column name="options" key="router_discovery"
1105 type='{"type": "string", "enum": ["set", ["0", "1"]]}'>
1107 The DHCPv4 option code for this option is 31.
1111 <column name="options" key="ethernet_encap"
1112 type='{"type": "string", "enum": ["set", ["0", "1"]]}'>
1114 The DHCPv4 option code for this option is 36.
1119 <group title="Integer DHCP Options">
1121 These options accept a nonnegative integer value.
1124 <column name="options" key="default_ttl"
1125 type='{"type": "integer", "minInteger": 0, "maxInteger": 255}'>
1126 The DHCPv4 option code for this option is 23.
1129 <column name="options" key="tcp_ttl"
1130 type='{"type": "integer", "minInteger": 0, "maxInteger": 255}'>
1131 The DHCPv4 option code for this option is 37.
1134 <column name="options" key="mtu"
1135 type='{"type": "integer", "minInteger": 68, "maxInteger": 65535}'>
1136 The DHCPv4 option code for this option is 26.
1139 <column name="options" key="T1"
1140 type='{"type": "integer", "minInteger": 68, "maxInteger": 4294967295}'>
1141 This specifies the time interval from address assignment until the
1142 client begins trying to renew its address. The DHCPv4 option code
1143 for this option is 58.
1146 <column name="options" key="T2"
1147 type='{"type": "integer", "minInteger": 68, "maxInteger": 4294967295}'>
1148 This specifies the time interval from address assignment until the
1149 client begins trying to rebind its address. The DHCPv4 option code
1150 for this option is 59.
1155 <group title="Common Columns">
1156 <column name="external_ids">
1157 See <em>External IDs</em> at the beginning of this document.
projects / cascardo / ovs.git / blob