forked from cjdoucette/ovs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtest-controller.8.in
186 lines (186 loc) · 6.8 KB
/
test-controller.8.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
.\" -*- nroff -*-
.de IQ
. br
. ns
. IP "\\$1"
..
.TH test\-controller 8 "@VERSION@" "Open vSwitch" "Open vSwitch Manual"
.ds PN test\-controller
.
.SH NAME
test\-controller \- simple OpenFlow controller for testing
.
.SH SYNOPSIS
.B test\-controller
[\fIoptions\fR] \fImethod\fR \fB[\fImethod\fR]\&...
.
.SH DESCRIPTION
.PP
\fBtest\-controller\fR is a simple OpenFlow controller. It is very
easy to set up, so it may be suitable for initial testing of
connectivity between an OpenFlow switch and a controller. It may also
be useful for developer testing and debugging of some Open vSwitch
features.
.PP
\fBtest\-controller\fR is not a general-purpose OpenFlow controller.
It does not make sense to deploy it routinely or in production.
\fBtest\-controller\fR does not provide any features that are not
built into Open vSwitch, and lacks many that are built in to Open
vSwitch, so adding it to an Open vSwitch deployment actually reduces
functionality and performance while increasing latency.
.PP
\fBtest\-controller\fR manages any number of remote switches over
OpenFlow protocol, causing them to function as L2 MAC-learning
switches or hub. The switches it controls are specified as one or
more of the following OpenFlow connection methods:
.
.RS
.so lib/vconn-passive.man
.so lib/vconn-active.man
.RE
.
.SH OPTIONS
.IP "\fB\-n\fR"
.IQ "\fB\-\-noflow\fR"
By default, \fBtest\-controller\fR sets up a flow in each OpenFlow switch
whenever it receives a packet whose destination is known due through
MAC learning. This option disables flow setup, so that every packet
in the network passes through the controller.
.IP
This option is most useful for debugging. It reduces switching
performance, so it should not be used in production.
.
.TP
\fB\-\-max\-idle=\fIsecs\fR|\fBpermanent\fR
Sets \fIsecs\fR as the number of seconds that a flow set up by the
controller will remain in the switch's flow table without any matching
packets being seen. If \fBpermanent\fR is specified, which is not
recommended, flows will never expire. The default is 60 seconds.
.IP
This option has no effect when \fB\-n\fR (or \fB\-\-noflow\fR) is in use
(because the controller does not set up flows in that case).
.
.IP "\fB\-H\fR"
.IQ "\fB\-\-hub\fR"
By default, the controller acts as an L2 MAC-learning switch. This
option changes its behavior to that of a hub that floods packets on
all but the incoming port.
.IP
If \fB\-H\fR (or \fB\-\-hub\fR) and \fB\-n\fR (or \fB\-\-noflow\fR) are used
together, then the cumulative effect is that every packet passes
through the controller and every packet is flooded.
.IP
This option is most useful for debugging. It reduces switching
performance, so it should not be used in production.
.
.IP "\fB\-w\fR[\fIwildcard_mask\fR]"
.IQ "\fB\-\-wildcards\fR[\fB=\fIwildcard_mask\fR]\fR"
By default, \fBtest\-controller\fR sets up exact-match flows. This
option allows it to set up wildcarded flows, which may reduce
flow setup latency by causing less traffic to be sent up to the
controller.
.IP
The optional \fIwildcard_mask\fR is an OpenFlow wildcard bitmask in
hexadecimal that specifies the fields to wildcard. If no
\fIwildcard_mask\fR is specified, the default value 0x2820F0 is used
which specifies L2-only switching and wildcards L3 and L4 fields.
Another interesting value is 0x2000EC, which specifies L3-only
switching and wildcards L2 and L4 fields.
.IP
This option has no effect when \fB\-n\fR (or \fB\-\-noflow\fR) is in use
(because the controller does not set up flows in that case).
.
.IP "\fB\-N\fR"
.IQ "\fB\-\-normal\fR"
By default, \fBtest\-controller\fR directs packets to a particular port
or floods them. This option causes it to direct non-flooded packets
to the OpenFlow \fBOFPP_NORMAL\fR port. This allows the switch itself
to make decisions about packet destinations. Support for
\fBOFPP_NORMAL\fR is optional in OpenFlow, so this option may not well
with some non-Open vSwitch switches.
.
.IP "\fB\-\-mute\fR"
Prevents test\-controller from replying to any OpenFlow messages sent
to it by switches.
.IP
This option is only for debugging the Open vSwitch implementation of
``fail open'' mode. It must not be used in production.
.
.IP "\fB\-q \fIid\fR"
.IQ "\fB\-\-queue=\fIid\fR"
By default, \fBtest\-controller\fR uses the default OpenFlow queue for
sending packets and setting up flows. Use one of these options,
supplying \fIid\fR as an OpenFlow queue ID as a decimal number, to
instead use that specific queue.
.IP
This option is incompatible with \fB\-N\fR or \fB\-\-normal\fR and
with \fB\-H\fR or \fB\-\-hub\fR. If more than one is specified then
this option takes precedence.
.IP
This option may be useful for testing or debugging quality of service
setups.
.
.IP "\fB\-Q \fIport-name\fB:\fIqueue-id\fR"
.IP "\fB\-\-port\-queue \fIport-name\fB:\fIqueue-id\fR"
Configures packets received on the port named \fIport-name\fR
(e.g. \fBeth0\fR) to be output on OpenFlow queue ID \fIqueue-id\fR
(specified as a decimal number). For the specified port, this option
overrides the default specified on \fB\-q\fR or \fB\-\-queue\fR.
.IP
This option may be specified any number of times with different
\fIport-name\fR arguments.
.IP
This option is incompatible with \fB\-N\fR or \fB\-\-normal\fR and
with \fB\-H\fR or \fB\-\-hub\fR. If more than one is specified then
this option takes precedence.
.IP
This option may be useful for testing or debugging quality of service
setups.
.
.IP "\fB\-\-with\-flows \fIfile\fR"
When a switch connects, push the flow entries as described in
\fIfile\fR. Each line in \fIfile\fR is a flow entry in the format
described for the \fBadd\-flows\fR command in the \fBFlow Syntax\fR
section of the \fBovs\-ofctl\fR(8) man page.
.IP
Use this option more than once to add flows from multiple files.
.
.SS "Public Key Infrastructure Options"
.so lib/ssl.man
.so lib/ssl-peer-ca-cert.man
.ds DD
.so lib/daemon.man
.so lib/vlog.man
.so lib/unixctl.man
.so lib/common.man
.so so lib/ofp-version.man
.
.SH EXAMPLES
.PP
To bind locally to port 6633 (the default) and wait for incoming
connections from OpenFlow switches:
.IP
\fB% test\-controller ptcp:\fR
.PP
In the future, the default port number will change to 6653, which is the
IANA-defined value.
.SH "BUGS"
.PP
Configuring a Citrix XenServer to connect to a particular controller
only points the remote OVSDB management connection to that controller.
It does not also configure OpenFlow connections, because the manager
is expected to do that over the management protocol.
\fBtest\-controller\fR is not an Open vSwitch manager and does not know
how to do that.
.PP
As a stopgap workaround, \fBovs\-vsctl\fR can wait for an OVSDB
connection and set the controller, e.g.:
.IP
\fB% ovs\-vsctl \-t0 \-\-db=pssl: \-\-certificate=cert.pem
\-\-ca\-cert=none \-\-private\-key=privkey.pem
\-\-peer\-ca\-cert=cacert.pem set\-controller ssl:\fIip\fR
.SH "SEE ALSO"
.
.BR ovs\-appctl (8),
.BR ovs\-ofctl (8),
.BR ovs\-dpctl (8)