Use the IANA-assigned ports for OpenFlow and OVSDB.

We've been warning about the change since 2.1, which was released a year
ago.

Signed-off-by: Justin Pettit <[email protected]>
Acked-by: Ben Pfaff <[email protected]>

FAQ.md

@@ -110,6 +110,15 @@ A: You can start by joining the mailing lists and helping to answer
 
    http://openvswitch.org/mlists/
 
+### Q: Why can I no longer connect to my OpenFlow controller or OVSDB
+manager?
+
+A: Starting in OVS 2.4, we switched the default ports to the
+   IANA-specified port numbers for OpenFlow (6633->6653) and OVSDB
+   (6632->6640).  We recommend using these port numbers, but if you
+   cannot, all the programs allow overriding the default port.  See the
+   appropriate man page.
+
 
 Releases
 --------
@@ -1188,7 +1197,7 @@ A: The configuration for VLANs in the Open vSwitch database (e.g. via
    tags, like this:
 
        ovs-vsctl add-br br0
-       ovs-vsctl set-controller br0 tcp:192.168.0.10:6633
+       ovs-vsctl set-controller br0 tcp:192.168.0.10:6653
        ovs-vsctl add-port br0 eth0
        ovs-vsctl add-port br0 tap0 tag=9
        ovs-vsctl add-port br0 tap1 tag=10

INSTALL.Windows.md

@@ -148,11 +148,11 @@ Steps to run the user processes & configure VXLAN ports
 ovsdb\ovsdb-tool.exe create conf.db .\vswitchd\vswitch.ovsschema
 
 02> Run ovsdb-server
-ovsdb\ovsdb-server.exe -v --remote=ptcp:6632:127.0.0.1 conf.db
+ovsdb\ovsdb-server.exe -v --remote=ptcp:6640:127.0.0.1 conf.db
 
 03> Create integration bridge & pif bridge
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 add-br br-int
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 add-br br-pif
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 add-br br-int
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 add-br br-pif
 
 04> Dump the ports
 utilities\ovs-dpctl.exe show
@@ -176,24 +176,24 @@ system@ovs-system:
 
 
 05> Add the physical NIC and the internal port to br-pif
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 add-port br-pif <port name>
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 add-port br-pif <port name>
 
 Eg:
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 add-port br-pif external.1
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 add-port br-pif internal
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 add-port br-pif external.1
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 add-port br-pif internal
 
 06> Add the VIFs to br-int
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 add-port br-int <port name>
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 add-port br-int <port name>
 
 Eg:
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 add-port br-int vmNICEmu.1000048
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 add-port br-int vmNICSyn.1000049
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 add-port br-int vmNICEmu.1000048
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 add-port br-int vmNICSyn.1000049
 
 07> Verify the status
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 show
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 show
 
 Eg:
-$ utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 show
+$ utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 show
 4cd86499-74df-48bd-a64d-8d115b12a9f2
     Bridge br-pif
         Port internal
@@ -214,28 +214,28 @@ $ utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 show
 
 
 09> Run vswitchd
-vswitchd\ovs-vswitchd.exe -v tcp:127.0.0.1:6632
+vswitchd\ovs-vswitchd.exe -v tcp:127.0.0.1:6640
 
 10> You can figure out the port name to MAC address mapping now. (optional)
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 list interface
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 list interface
 
 //********** VXLAN PORT CONFIGURATION (Supports Multiple ports) ************//
 (Remove all patch ports added to create VLAN networks.)
 11> Add the vxlan port between 172.168.201.101 <-> 172.168.201.102
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 add-port br-int vxlan-1
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 set Interface vxlan-1 type=vxlan
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 set Interface vxlan-1 options:local_ip=172.168.201.101
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 set Interface vxlan-1 options:remote_ip=172.168.201.102
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 set Interface vxlan-1 options:in_key=flow
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 set Interface vxlan-1 options:out_key=flow
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 add-port br-int vxlan-1
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 set Interface vxlan-1 type=vxlan
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 set Interface vxlan-1 options:local_ip=172.168.201.101
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 set Interface vxlan-1 options:remote_ip=172.168.201.102
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 set Interface vxlan-1 options:in_key=flow
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 set Interface vxlan-1 options:out_key=flow
 
 12> Add the vxlan port between 172.168.201.101 <-> 172.168.201.105
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 add-port br-int vxlan-2
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 set Interface vxlan-2 type=vxlan
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 set Interface vxlan-2 options:local_ip=172.168.201.102
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 set Interface vxlan-2 options:remote_ip=172.168.201.105
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 set Interface vxlan-2 options:in_key=flow
-utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6632 set Interface vxlan-2 options:out_key=flow
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 add-port br-int vxlan-2
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 set Interface vxlan-2 type=vxlan
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 set Interface vxlan-2 options:local_ip=172.168.201.102
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 set Interface vxlan-2 options:remote_ip=172.168.201.105
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 set Interface vxlan-2 options:in_key=flow
+utilities\ovs-vsctl.exe --db=tcp:127.0.0.1:6640 set Interface vxlan-2 options:out_key=flow
 
 
 //********** VLAN CONFIGURATION (Using patch ports) ************//

NEWS

@@ -69,6 +69,8 @@ Post-v2.3.0
    - Initial support for the IETF Auto-Attach SPBM draft standard. This
      contains rudimentary support for the LLDP protocol as needed for
      Auto-Attach.
+   - The default OpenFlow and OVSDB ports are now the IANA-assigned
+     numbers.  OpenFlow is 6653 and OVSDB is 6640.
 
 
 v2.3.0 - 14 Aug 2014

debian/openvswitch-testcontroller.default

@@ -5,11 +5,11 @@
 # This is a space-delimited list of connection methods:
 #
 # * "pssl:[PORT]": Listen for SSL connections on the specified PORT
-#   (default: 6633).  The private key, certificate, and CA certificate
+#   (default: 6653).  The private key, certificate, and CA certificate
 #   must be specified below.
 #
 # * "ptcp:[PORT]": Listen for TCP connections on the specified PORT
-#   (default: 6633).  Not recommended for security reasons.
+#   (default: 6653).  Not recommended for security reasons.
 #
 LISTEN="pssl:"
 

lib/jsonrpc.c

@@ -63,17 +63,15 @@ static void jsonrpc_error(struct jsonrpc *, int error);
 int
 jsonrpc_stream_open(const char *name, struct stream **streamp, uint8_t dscp)
 {
-    return stream_open_with_default_port(name, OVSDB_OLD_PORT,
-                                         streamp, dscp);
+    return stream_open_with_default_port(name, OVSDB_PORT, streamp, dscp);
 }
 
 /* This is just the same as pstream_open() except that it uses the default
  * JSONRPC port if none is specified. */
 int
 jsonrpc_pstream_open(const char *name, struct pstream **pstreamp, uint8_t dscp)
 {
-    return pstream_open_with_default_port(name, OVSDB_OLD_PORT,
-                                          pstreamp, dscp);
+    return pstream_open_with_default_port(name, OVSDB_PORT, pstreamp, dscp);
 }
 
 /* Returns a new JSON-RPC stream that uses 'stream' for input and output.  The

lib/jsonrpc.h

@@ -35,9 +35,7 @@ struct stream;
 /* Default port numbers.
  *
  * OVSDB_OLD_PORT defines the original port number used by OVS.
- * OVSDB_PORT defines the official port number assigned by IANA.  By
- * default, we still uses OVSDB_OLD_PORT, but we present a warning that
- * that will change. */
+ * OVSDB_PORT defines the official port number assigned by IANA. */
 #define OVSDB_OLD_PORT 6632
 #define OVSDB_PORT 6640
 

lib/stream-ssl.c

@@ -317,7 +317,7 @@ ssl_open(const char *name, char *suffix, struct stream **streamp, uint8_t dscp)
         return error;
     }
 
-    error = inet_open_active(SOCK_STREAM, suffix, OFP_OLD_PORT, NULL, &fd,
+    error = inet_open_active(SOCK_STREAM, suffix, OFP_PORT, NULL, &fd,
                              dscp);
     if (fd >= 0) {
         int state = error ? STATE_TCP_CONNECTING : STATE_SSL_CONNECTING;
@@ -800,7 +800,7 @@ pssl_open(const char *name OVS_UNUSED, char *suffix, struct pstream **pstreamp,
         return retval;
     }
 
-    fd = inet_open_passive(SOCK_STREAM, suffix, OFP_OLD_PORT, &ss, dscp, true);
+    fd = inet_open_passive(SOCK_STREAM, suffix, OFP_PORT, &ss, dscp, true);
     if (fd < 0) {
         return -fd;
     }

lib/stream.c

@@ -676,13 +676,13 @@ stream_open_with_default_port(const char *name_,
 
     if ((!strncmp(name_, "tcp:", 4) || !strncmp(name_, "ssl:", 4))
         && count_fields(name_) < 3) {
-        if (default_port == OFP_OLD_PORT) {
-            VLOG_WARN_ONCE("The default OpenFlow port number will change "
-                           "from %d to %d in a future release",
+        if (default_port == OFP_PORT) {
+            VLOG_WARN_ONCE("The default OpenFlow port number has changed "
+                           "from %d to %d",
                            OFP_OLD_PORT, OFP_PORT);
-        } else if (default_port == OVSDB_OLD_PORT) {
-            VLOG_WARN_ONCE("The default OVSDB port number will change "
-                           "from %d to %d in a future release",
+        } else if (default_port == OVSDB_PORT) {
+            VLOG_WARN_ONCE("The default OVSDB port number has changed "
+                           "from %d to %d",
                            OVSDB_OLD_PORT, OVSDB_PORT);
         }
         name = xasprintf("%s:%d", name_, default_port);

lib/vconn-active.man

@@ -3,12 +3,10 @@
 The specified \fIport\fR on the host at the given \fIip\fR, which must
 be expressed as an IP address (not a DNS name) in IPv4 or IPv6 address
 format.  Wrap IPv6 addresses in square brackets,
-e.g. \fBtcp:[::1]:6633\fR.  For \fBssl\fR, the \fB\-\-private\-key\fR,
+e.g. \fBtcp:[::1]:6653\fR.  For \fBssl\fR, the \fB\-\-private\-key\fR,
 \fB\-\-certificate\fR, and \fB\-\-ca\-cert\fR options are mandatory.
 .IP
-If \fIport\fR is not specified, it currently defaults to 6633.  In the
-future, the default will change to 6653, which is the IANA-defined
-value.
+If \fIport\fR is not specified, it defaults to 6653.
 .TP
 \fBunix:\fIfile\fR
 On POSIX, a Unix domain server socket named \fIfile\fR.

lib/vconn-passive.man

@@ -1,10 +1,9 @@
 .IP "\fBpssl:\fR[\fIport\fR][\fB:\fIip\fR]"
 .IQ "\fBptcp:\fR[\fIport\fR][\fB:\fIip\fR]"
 Listens for OpenFlow connections on \fIport\fR.  The default
-\fIport\fR is 6633, but a future version of Open vSwitch will change
-the default to the IANA-defined port 6653.  By default, connections
+\fIport\fR is 6653.  By default, connections
 are allowed from any IPv4 address.  Specify \fIip\fR as an IPv4
-address or a bracketed IPv6 address (e.g. \fBptcp:6633:[::1]\fR).  DNS
+address or a bracketed IPv6 address (e.g. \fBptcp:6653:[::1]\fR).  DNS
 names may not be used.  For \fBpssl\fR, the
 \fB\-\-private\-key\fR,\fB\-\-certificate\fR, and \fB\-\-ca\-cert\fR
 options are mandatory.

lib/vconn-stream.c

@@ -78,7 +78,7 @@ vconn_stream_open(const char *name, uint32_t allowed_versions,
     struct stream *stream;
     int error;
 
-    error = stream_open_with_default_port(name, OFP_OLD_PORT, &stream, dscp);
+    error = stream_open_with_default_port(name, OFP_PORT, &stream, dscp);
     if (!error) {
         error = stream_connect(stream);
         if (!error || error == EAGAIN) {
@@ -311,8 +311,7 @@ pvconn_pstream_listen(const char *name, uint32_t allowed_versions,
     struct pstream *pstream;
     int error;
 
-    error = pstream_open_with_default_port(name, OFP_OLD_PORT,
-                                           &pstream, dscp);
+    error = pstream_open_with_default_port(name, OFP_PORT, &pstream, dscp);
     if (error) {
         return error;
     }

lib/vconn.c

@@ -138,10 +138,10 @@ vconn_usage(bool active, bool passive, bool bootstrap OVS_UNUSED)
     if (active) {
         printf("Active OpenFlow connection methods:\n");
         printf("  tcp:IP[:PORT]           "
-               "PORT (default: %d) at remote IP\n", OFP_OLD_PORT);
+               "PORT (default: %d) at remote IP\n", OFP_PORT);
 #ifdef HAVE_OPENSSL
         printf("  ssl:IP[:PORT]           "
-               "SSL PORT (default: %d) at remote IP\n", OFP_OLD_PORT);
+               "SSL PORT (default: %d) at remote IP\n", OFP_PORT);
 #endif
         printf("  unix:FILE               Unix domain socket named FILE\n");
     }
@@ -150,11 +150,11 @@ vconn_usage(bool active, bool passive, bool bootstrap OVS_UNUSED)
         printf("Passive OpenFlow connection methods:\n");
         printf("  ptcp:[PORT][:IP]        "
                "listen to TCP PORT (default: %d) on IP\n",
-               OFP_OLD_PORT);
+               OFP_PORT);
 #ifdef HAVE_OPENSSL
         printf("  pssl:[PORT][:IP]        "
                "listen for SSL on PORT (default: %d) on IP\n",
-               OFP_OLD_PORT);
+               OFP_PORT);
 #endif
         printf("  punix:FILE              "
                "listen on Unix domain socket FILE\n");

ofproto/connmgr.c

@@ -740,8 +740,7 @@ update_in_band_remotes(struct connmgr *mgr)
         } sa;
 
         if (ofconn->band == OFPROTO_IN_BAND
-            && stream_parse_target_with_default_port(target, OFP_OLD_PORT,
-                                                     &sa.ss)
+            && stream_parse_target_with_default_port(target, OFP_PORT, &sa.ss)
             && sa.ss.ss_family == AF_INET) {
             addrs[n_addrs++] = sa.in;
         }

ovsdb/ovsdb-server.1.in

@@ -251,10 +251,6 @@ vSwitch 2.4 and later extend <condition> to allow the use of \fB<\fR,
 of 0 or 1 integer'' and ``set of 0 or 1 real''.  These conditions
 evaluate to false when the column is empty, and otherwise as described
 in RFC 7047 for integer and real types.
-.
-.IP "6. IANA Considerations"
-\fBovsdb\-server\fR currently defaults to its historical port number
-6632.  Future versions will adopt IANA-assigned port 6640 as default.
 
 .SH "SEE ALSO"
 .

ovsdb/remote-active.man

@@ -2,14 +2,14 @@
 The specified SSL \fIport\fR on the host at the given \fIip\fR, which
 must be expressed as an IP address (not a DNS name) in IPv4 or IPv6 address
 format.  If \fIip\fR is an IPv6 address, then wrap \fIip\fR with square
-brackets, e.g.: \fBssl:[::1]:6632\fR.
+brackets, e.g.: \fBssl:[::1]:6640\fR.
 The \fB\-\-private\-key\fR, \fB\-\-certificate\fR, and \fB\-\-ca\-cert\fR
 options are mandatory when this form is used.
 .
 .IP "\fBtcp:\fIip\fB:\fIport\fR"
 Connect to the given TCP \fIport\fR on \fIip\fR, where \fIip\fR can be IPv4
 or IPv6 address. If \fIip\fR is an IPv6 address, then wrap \fIip\fR with
-square brackets, e.g.: \fBtcp:[::1]:6632\fR.
+square brackets, e.g.: \fBtcp:[::1]:6640\fR.
 .
 .IP "\fBunix:\fIfile\fR"
 On POSIX, connect to the Unix domain server socket named \fIfile\fR.

ovsdb/remote-passive.man

@@ -5,7 +5,7 @@ it listens only on IPv4 (but not IPv6) addresses, but
 specifying \fIip\fR limits connections to those from the given
 \fIip\fR, either IPv4 or IPv6 address.  If \fIip\fR is
 an IPv6 address, then wrap \fIip\fR with square brackets, e.g.:
-\fBpssl:6632:[::1]\fR.  The \fB\-\-private\-key\fR,
+\fBpssl:6640:[::1]\fR.  The \fB\-\-private\-key\fR,
 \fB\-\-certificate\fR, and \fB\-\-ca\-cert\fR options are mandatory
 when this form is used.
 .
@@ -16,7 +16,7 @@ it listens only on IPv4 (but not IPv6) addresses, but
 \fIip\fR may be specified to listen only for connections to the given
 \fIip\fR, either IPv4 or IPv6 address.  If \fIip\fR is
 an IPv6 address, then wrap \fIip\fR with square brackets, e.g.:
-\fBptcp:6632:[::1]\fR.
+\fBptcp:6640:[::1]\fR.
 .
 .IP "\fBpunix:\fIfile\fR"
 On POSIX, listen on the Unix domain server socket named \fIfile\fR for a

tests/run-ryu

@@ -77,7 +77,7 @@ do
                datapath-type=dummy fail-mode=secure \
                protocols='[OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13]' \
                other-config:datapath-id=$dpid \
-        -- set-controller $bridge tcp:127.0.0.1:6633 \
+        -- set-controller $bridge tcp:127.0.0.1:6653 \
         -- set controller $bridge connection-mode=out-of-band \
                                   max-backoff=1000 \
         -- add-port $bridge $port1 \

third-party/README.md

@@ -27,7 +27,7 @@ Clearly, tcpdump can only parse unencrypted packets, so you will need to
 connect the controller and datapath using plain TCP.  To look at the
 traffic, tcpdump will be started in a manner similar to the following:
 
-    sudo ./tcpdump -s0 -i eth0 port 6633
+    sudo ./tcpdump -s0 -i eth0 port 6653
 
 The "-s0" flag indicates that tcpdump should capture the entire packet.
 If the OpenFlow message is not received in its entirety, "[|openflow]" will 

third-party/ofp-tcpdump.patch

@@ -125,7 +125,7 @@
          else if (length > 0 && (sport == LDP_PORT || dport == LDP_PORT)) {
                  ldp_print(bp, length);
 -        }
-+        } else if (sport == OFP_OLD_PORT || dport == OFP_OLD_PORT) {
++        } else if (sport == OFP_PORT || dport == OFP_PORT) {
 +                   openflow_print(bp, length);
 +        }
 

utilities/ovs-testcontroller.8.in

@@ -147,13 +147,10 @@ Use this option more than once to add flows from multiple files.
 .
 .SH EXAMPLES
 .PP
-To bind locally to port 6633 (the default) and wait for incoming
+To bind locally to port 6653 (the default) and wait for incoming
 connections from OpenFlow switches:
 .IP
 \fB% ovs\-testcontroller ptcp:\fR
-.PP
-In the future, the default port number will change to 6653, which is the
-IANA-defined value.
 .SH "BUGS"
 .PP
 Configuring a Citrix XenServer to connect to a particular controller

vswitchd/bridge.c

@@ -535,7 +535,7 @@ collect_in_band_managers(const struct ovsrec_open_vswitch *ovs_cfg,
                 struct sockaddr_in in;
             } sa;
 
-            if (stream_parse_target_with_default_port(target, OVSDB_OLD_PORT,
+            if (stream_parse_target_with_default_port(target, OVSDB_PORT,
                                                       &sa.ss)
                 && sa.ss.ss_family == AF_INET) {
                 managers[n_managers++] = sa.in;