ovn: Update ACL flow docs.

Apply some minor updates to the description of flows related to ACLs.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Han Zhou <zhouhan@gmail.com>
Acked-by: Ben Pfaff <blp@ovn.org>

diff --git a/ovn/northd/ovn-northd.8.xml b/ovn/northd/ovn-northd.8.xml
index 465b7c7..da776e1 100644 (file)
--- a/ovn/northd/ovn-northd.8.xml
+++ b/ovn/northd/ovn-northd.8.xml
@@ -241,9 +241,11 @@
       for the <code>from-lport</code> direction.  <code>allow</code>
       ACLs translate into logical flows with the <code>next;</code>
       action, <code>allow-related</code> ACLs translate into logical
-      flows with the <code>ct_next;</code> action, other ACLs translate
-      to <code>drop;</code>.  The <code>priority</code> values from the
-      <code>ACL</code> table are used directly.
+      flows with the <code>ct_commit; next;</code> actions, other ACLs
+      translate to <code>drop;</code>.  The <code>priority</code> values
+      from the <code>ACL</code> table have a limited range and have 1000
+      added to them to leave room for OVN default flows at both higher
+      and lower priorities.
     </p>
 
     <p>

diff --git a/ovn/ovn-sb.xml b/ovn/ovn-sb.xml
index 321bf5b..efd2f9a 100644 (file)
--- a/ovn/ovn-sb.xml
+++ b/ovn/ovn-sb.xml
@@ -940,8 +940,15 @@
 
         <dt><code>ct_commit;</code></dt>
         <dd>
-          Commit the flow to the connection tracking entry associated
-          with it by a previous call to <code>ct_next</code>.
+          <p>
+            Commit the flow to the connection tracking entry associated
+            with it by a previous call to <code>ct_next</code>.
+          </p>
+          <p>
+            Note that if you want processing to continue in the next table,
+            you must execute the <code>next</code> action after
+            <code>ct_commit</code>.
+          </p>
         </dd>
 
         <dt><code>arp { <var>action</var>; </code>...<code> };</code></dt>