Each row represents one L2 logical switch.
</p>
+ <p>
+ There are two kinds of logical switches, that is, ones that fully
+ virtualize the network (overlay logical switches) and ones that provide
+ simple connectivity to a physical network (bridged logical switches).
+ They work in the same way when providing connectivity between logical
+ ports on same chasis, but differently when connecting remote logical
+ ports. Overlay logical switches connect remote logical ports by tunnels,
+ while bridged logical switches provide connectivity to remote ports by
+ bridging the packets to directly connected physical L2 segment with the
+ help of <code>localnet</code> ports. Each bridged logical switch has
+ one and only one <code>localnet</code> port, which has only one special
+ address <code>unknown</code>.
+ </p>
+
<column name="name">
<p>
A name for the logical switch. This name has no special meaning or purpose
<dd>
A connection to a locally accessible network from each
<code>ovn-controller</code> instance. A logical switch can only
- have a single <code>localnet</code> port attached and at most one
- regular logical port. This is used to model direct connectivity to
- an existing network.
+ have a single <code>localnet</code> port attached. This is used
+ to model direct connectivity to an existing network.
</dd>
<dt><code>vtep</code></dt>
</p>
<p>
- A given logical switch may have at most one logical port of type
- <code>router</code>. (This is not a significant restriction because
- logical routers may be connected into arbitrary topologies.)
+ If a given logical switch has multiple <code>router</code> ports, the
+ <ref table="Logical_Router_Port"/> rows that they reference must be
+ all on the same <ref table="Logical_Router"/> (for different
+ subnets).
</p>
- <column name="options" key="router-port" type='{"type": "uuid"}'>
- Required. The UUID of the <ref table="Logical_Router_Port"/> to
- which this logical switch port is connected.
+ <column name="options" key="router-port">
+ Required. The <ref column="name"/> of the <ref
+ table="Logical_Router_Port"/> to which this logical switch port is
+ connected.
</column>
</group>
Required. A logical switch name connected by the VTEP gateway.
</column>
</group>
+
+ <group title="VMI (or VIF) Options">
+ <p>
+ These options apply to logical ports with <ref column="type"/> having
+ (empty string)
+ </p>
+
+ <column name="options" key="policing_rate">
+ If set, indicates the maximum rate for data sent from this interface,
+ in kbps. Data exceeding this rate is dropped.
+ </column>
+
+ <column name="options" key="policing_burst">
+ If set, indicates the maximum burst size for data sent from this
+ interface, in kb.
+ </column>
+ </group>
</group>
<group title="Containers">
</p>
<dl>
- <dt><code><var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var></code></dt>
+ <dt><code>Ethernet address followed by zero or more IPv4 or IPv6 addresses (or both)</code></dt>
<dd>
<p>
- An Ethernet address owned by the logical port. Like a physical
- Ethernet NIC, a logical port ordinarily has a single fixed
- Ethernet address.
+ An Ethernet address defined is owned by the logical port.
+ Like a physical Ethernet NIC, a logical port ordinarily has
+ a single fixed Ethernet address.
</p>
<p>
if a MAC learning process had learned that MAC address on the
port.
</p>
- </dd>
- <dt><code><var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var>:<var>xx</var> <var>a</var>.<var>b</var>.<var>c</var>.<var>d</var></code></dt>
- <dd>
<p>
- This form has all the effects of the previous form. It also
- indicates that the logical port owns the given IPv4 address.
+ If IPv4 or IPv6 address(es) (or both) are defined, it indicates
+ that the logical port owns the given IP addresses.
+ </p>
+
+ <p>
+ If IPv4 address(es) are defined, the OVN logical switch uses this
+ information to synthesize responses to ARP requests without
+ traversing the physical network. The OVN logical router connected
+ to the logical switch, if any, uses this information to avoid
+ issuing ARP requests for logical switch ports.
</p>
<p>
- The OVN logical switch uses this information to synthesize
- responses to ARP requests without traversing the physical
- network. The OVN logical router connected to the logical switch,
- if any, uses this information to avoid issuing ARP requests for
- logical switch ports.
+ Note that the order here is important. The Ethernet address must
+ be listed before the IP address(es) if defined.
</p>
+
+ <p>
+ Examples:
+ </p>
+
+ <dl>
+ <dt><code>80:fa:5b:06:72:b7</code></dt>
+ <dd>
+ This indicates that the logical port owns the above mac address.
+ </dd>
+
+ <dt><code>80:fa:5b:06:72:b7 10.0.0.4 20.0.0.4</code></dt>
+ <dd>
+ This indicates that the logical port owns the mac address and two
+ IPv4 addresses.
+ </dd>
+
+ <dt><code>80:fa:5b:06:72:b7 fdaa:15f2:72cf:0:f816:3eff:fe20:3f41</code></dt>
+ <dd>
+ This indicates that the logical port owns the mac address and
+ 1 IPv6 address.
+ </dd>
+
+ <dt><code>80:fa:5b:06:72:b7 10.0.0.4 fdaa:15f2:72cf:0:f816:3eff:fe20:3f41</code></dt>
+ <dd>
+ This indicates that the logical port owns the mac address and
+ 1 IPv4 address and 1 IPv6 address.
+ </dd>
+ </dl>
</dd>
<dt><code>unknown</code></dt>
column="action"/> column for the highest-<ref column="priority"/>
matching row in this table determines a packet's treatment. If no row
matches, packets are allowed by default. (Default-deny treatment is
- possible: add a rule with <ref column="priority"/> 1, <code>1</code> as
+ possible: add a rule with <ref column="priority"/> 0, <code>0</code> as
<ref column="match"/>, and <code>deny</code> as <ref column="action"/>.)
</p>
restrictive policy, it is important to remember to allow flows
such as ARP and IPv6 neighbor discovery packets.
</p>
+
+ <p>
+ Note that you can not create an ACL matching on a port with
+ type=router.
+ </p>
+
+ <p>
+ Note that when <code>localnet</code> port exists in a lswitch, for
+ <code>to-lport</code> direction, the <code>inport</code> works only if
+ the <code>to-lport</code> is located on the same chassis as the
+ <code>inport</code>.
+ </p>
</column>
<column name="action">
<column name="name">
<p>
- A name for the logical router port. This name has no special meaning or purpose
- other than to provide convenience for human interaction with the ovn-nb
- database. There is no requirement for the name to be unique. The
- logical router port's UUID should be used as the unique identifier.
+ A name for the logical router port.
+ </p>
+
+ <p>
+ In addition to provide convenience for human interaction with the
+ ovn-nb database, this column is used as reference by its patch port in
+ <ref table="Logical_Port"/> or another logical router port in <ref
+ table="Logical_Router_Port"/>.
</p>
</column>
<li>
To attach a logical switch to a logical router. A logical router
port of this type is referenced by exactly one <ref
- table="Logical_Port"/> of type <code>router</code>. The <ref
- column="peer"/> column is empty.
+ table="Logical_Port"/> of type <code>router</code>. The value of
+ <ref column="name"/> is set as <code>router-port</code> in column
+ <ref column="options"/> of <ref table="Logical_Port"/>.
+ In this case <ref column="peer"/> column is empty.
</li>
<li>
<column name="peer">
<p>
For a router port used to connect two logical routers, this
- identifies the other router port in the pair.
+ identifies the other router port in the pair by <ref column="name"/>.
</p>
<p>
projects / cascardo / ovs.git / blobdiff