Mapping of unicast MAC addresses to tunnels (physical
locators). This table is written by the NVC, so it contains the
@@ -754,7 +804,7 @@
- A MAC address that has been learned by the VTEP.
+ A MAC address that has been learned by the VTEP.
The keyword unknown-dst
is used as a special
@@ -833,10 +883,10 @@
A logical router, or VRF. A logical router may be connected to one or more
- logical switches. Subnet addresses and interface addresses may be configured on the
+ logical switches. Subnet addresses and interface addresses may be configured on the
interfaces.
-
+
Maps from an IPv4 or IPv6 address prefix in CIDR notation to a
logical switch. Multiple prefixes may map to the same switch. By
@@ -851,6 +901,15 @@
One or more static routes, mapping IP prefixes to next hop IP addresses.
+
+ Maps ACLs to logical router interfaces. The router interfaces
+ are indicated using IP address notation, and must be the same
+ interfaces created in the
+ column. For example, an ACL could be associated with the logical
+ router interface with an address of 192.68.1.1 as defined in the
+ example above.
+
+
Symbolic name for the logical router.
@@ -860,6 +919,28 @@
An extended description for the logical router.
+
+
+
+ An entry in this column indicates to the NVC that the HSC has
+ encountered a fault in configuring state related to the
+ logical router.
+
+
+
+ Indicates that an error has occurred in associating an ACL
+ with a logical router port.
+
+
+
+
+ Indicates that an error has occurred in configuring the
+ logical router but that no
+ more specific information is available.
+
+
+
+
@@ -925,7 +1006,7 @@
table="Physical_Locator"/> records.''
-
+
@@ -935,24 +1016,17 @@
- For the vxlan_over_ipv4
encapsulation, the only
- encapsulation defined so far, all endpoints associated with a given must use a common tunnel key, which is carried
- in the column of .
-
-
-
- For some encapsulations yet to be defined, we expect to identify both an endpoint and a tunnel key.
- When the first such encapsulation is defined, we expect to add a
- ``tunnel_key'' column to to allow the
- tunnel key to be defined.
-
-
-
- See the ``Per Logical-Switch Tunnel Key'' section in the table for further discussion of the model.
+ The vxlan_over_ipv4
encapsulation, the only encapsulation
+ defined so far, can use either tunnel key model described in the ``Per
+ Logical-Switch Tunnel Key'' section in the
+ table. When the tunnel key per model is in
+ use, the column in the
+ table is filled with a VNI and the column in this table is empty; in the
+ key-per-tunnel model, the opposite is true. The former model is older,
+ and thus likely to be more widely supported. See the ``Per
+ Logical-Switch Tunnel Key'' section in the
+ table for further discussion of the model.
@@ -971,6 +1045,228 @@
-
+
+
+ This column is used only in the tunnel key per + model (see
+ above).
+
+
+
+ For vxlan_over_ipv4
encapsulation, when the + model is in
+ use, this column is the VXLAN VNI. It must be in the range 0 to
+ 16,777,215.
+
+
+
+
+
+ Describes the individual entries that comprise an Access Control List.
+
+
+ Each entry in the table is a single rule to match on certain
+ header fields. While there are a large number of fields that can
+ be matched on, most hardware cannot match on arbitrary
+ combinations of fields. It is common to match on either L2
+ fields (described below in the L2 group of columns) or L3/L4 fields
+ (the L3/L4 group of columns) but not both. The hardware switch
+ controller may log an error if an ACL entry requires it to match
+ on an incompatible mixture of fields.
+
+
+
+ The sequence number for the ACL entry for the purpose of
+ ordering entries in an ACL. Lower numbered entries are matched
+ before higher numbered entries.
+
+
+
+
+
+ Source MAC address, in the form
+ xx:xx:xx:xx:xx:xx
+
+
+
+
+ Destination MAC address, in the form
+ xx:xx:xx:xx:xx:xx
+
+
+
+
+ Ethertype in hexadecimal, in the form
+ 0xAAAA
+
+
+
+
+
+
+ Source IP address, in the form
+ xx.xx.xx.xx for IPv4 or appropriate
+ colon-separated hexadecimal notation for IPv6.
+
+
+
+
+ Mask that determines which bits of source_ip to match on, in the form
+ xx.xx.xx.xx for IPv4 or appropriate
+ colon-separated hexadecimal notation for IPv6.
+
+
+
+
+ Destination IP address, in the form
+ xx.xx.xx.xx for IPv4 or appropriate
+ colon-separated hexadecimal notation for IPv6.
+
+
+
+
+ Mask that determines which bits of dest_ip to match on, in the form
+ xx.xx.xx.xx for IPv4 or appropriate
+ colon-separated hexadecimal notation for IPv6.
+
+
+
+
+ Protocol number in the IPv4 header, or value of the "next
+ header" field in the IPv6 header.
+
+
+
+
+ Lower end of the range of source port values. The value
+ specified is included in the range.
+
+
+
+
+ Upper end of the range of source port values. The value
+ specified is included in the range.
+
+
+
+
+ Lower end of the range of destination port values. The value
+ specified is included in the range.
+
+
+
+
+ Upper end of the range of destination port values. The value
+ specified is included in the range.
+
+
+
+
+ Integer representing the value of TCP flags to match. For
+ example, the SYN flag is the second least significant bit in
+ the TCP flags. Hence a value of 2 would indicate that the "SYN"
+ flag should be set (assuming an appropriate mask).
+
+
+
+
+ Integer representing the mask to apply when matching TCP
+ flags. For example, a value of 2 would imply that the "SYN"
+ flag should be matched and all other flags ignored.
+
+
+
+
+ ICMP type to be matched.
+
+
+
+
+ ICMP code to be matched.
+
+
+
+
+
+ Direction of traffic to match on the specified port, either
+ "ingress" (toward the logical switch or router) or "egress"
+ (leaving the logical switch or router).
+
+
+
+
+ Action to take for this rule, either "permit" or "deny".
+
+
+
+
+ An entry in this column indicates to the NVC that the ACL
+ could not be configured as requested. The switch must clear this column when the error
+ has been cleared.
+
+
+
+ Indicates that an ACL entry requested by
+ the controller could not be instantiated by the switch,
+ e.g. because it requires an unsupported combination of
+ fields to be matched.
+
+
+
+
+ Indicates that an error has occurred in configuring the ACL
+ entry but no
+ more specific information is available.
+
+
+
+
+