Family `ovs_flow` netlink specification ¶

Contents

Family ovs_flow netlink specification

Summary ¶

OVS flow configuration over generic netlink.

Operations ¶

get ¶

Get / dump OVS flow configuration and state

value

3

attribute-set

flow-attrs

do

request

attributes: [key, ufid, ufid-flags]

reply

attributes: [key, ufid, mask, stats, actions]

dump

request

attributes: [key, ufid, ufid-flags]

reply

attributes: [key, ufid, mask, stats, actions]

new ¶

Create OVS flow configuration in a data path

value

1

attribute-set

flow-attrs

do

request

attributes: [key, ufid, mask, actions]

Definitions ¶

ovs-header ¶

type

struct

doc

Header for OVS Generic Netlink messages.

members

dp-ifindex: ifindex of local port for datapath (0 to make a request not specificto a datapath).

ovs-flow-stats ¶

type

struct

members

n-packets: Number of matched packets.
n-bytes: Number of matched bytes.

ovs-key-ethernet ¶

type

struct

members

eth-src
eth-dst

ovs-key-ipv4 ¶

type

struct

members

ipv4-src
ipv4-dst
ipv4-proto
ipv4-tos
ipv4-ttl
ipv4-frag

ovs-key-ipv6 ¶

type

struct

members

ipv6-src
ipv6-dst
ipv6-label
ipv6-proto
ipv6-tclass
ipv6-hlimit
ipv6-frag

ovs-frag-type ¶

name-prefix

ovs-frag-type-

enum-name

ovs-frag-type

type

enum

entries

none: Packet is not a fragment.
first: Packet is a fragment with offset 0.
later: Packet is a fragment with nonzero offset.
any

ovs-key-tcp ¶

type

struct

members

tcp-src
tcp-dst

ovs-key-udp ¶

type

struct

members

udp-src
udp-dst

ovs-key-sctp ¶

type

struct

members

sctp-src
sctp-dst

ovs-key-icmp ¶

type

struct

members

icmp-type
icmp-code

ovs-key-arp ¶

type

struct

members

arp-sip
arp-tip
arp-op
arp-sha
arp-tha

ovs-key-nd ¶

type

struct

members

nd_target
nd-sll
nd-tll

ovs-key-ct-tuple-ipv4 ¶

type

struct

members

ipv4-src
ipv4-dst
src-port
dst-port
ipv4-proto

ovs-action-push-vlan ¶

type

struct

members

vlan_tpid: Tag protocol identifier (TPID) to push.
vlan_tci: Tag control identifier (TCI) to push.

ovs-ufid-flags ¶

name-prefix

ovs-ufid-f-

enum-name

None

type

flags

entries

omit-key
omit-mask
omit-actions

ovs-action-hash ¶

type

struct

members

hash-alg: Algorithm used to compute hash prior to recirculation.
hash-basis: Basis used for computing hash.

ovs-hash-alg ¶

enum-name

ovs-hash-alg

type

enum

doc

Data path hash algorithm for computing Datapath hash. The algorithm type only specifiesthe fields in a flow will be used as part of the hash. Each datapath is free to use itsown hash algorithm. The hash value will be opaque to the user space daemon.

entries

ovs-hash-alg-l4

ovs-action-push-mpls ¶

type

struct

members

mpls-lse: MPLS label stack entry to push
mpls-ethertype: Ethertype to set in the encapsulating ethernet frame. The only valuesethertype should ever be given are ETH_P_MPLS_UC and ETH_P_MPLS_MC,indicating MPLS unicast or multicast. Other are rejected.

ovs-action-add-mpls ¶

type

struct

members

mpls-lse: MPLS label stack entry to push
mpls-ethertype: Ethertype to set in the encapsulating ethernet frame. The only valuesethertype should ever be given are ETH_P_MPLS_UC and ETH_P_MPLS_MC,indicating MPLS unicast or multicast. Other are rejected.
tun-flags: MPLS tunnel attributes.

ct-state-flags ¶

enum-name

None

type

flags

name-prefix

ovs-cs-f-

entries

new: Beginning of a new connection.
established: Part of an existing connenction
related: Related to an existing connection.
reply-dir: Flow is in the reply direction.
invalid: Could not track the connection.
tracked: Conntrack has occurred.
src-nat: Packet's source address/port was mangled by NAT.
dst-nat: Packet's destination address/port was mangled by NAT.

Attribute sets ¶

flow-attrs ¶

key (`nest`)¶

nested-attributes: key-attrs
doc: Nested attributes specifying the flow key. Always present innotifications. Required for all requests (except dumps).

actions (`nest`)¶

nested-attributes: action-attrs
doc: Nested attributes specifying the actions to take for packets thatmatch the key. Always present in notifications. Required forOVS_FLOW_CMD_NEW requests, optional for OVS_FLOW_CMD_SET requests. AnOVS_FLOW_CMD_SET without OVS_FLOW_ATTR_ACTIONS will not modify theactions. To clear the actions, an OVS_FLOW_ATTR_ACTIONS without anynested attributes must be given.

stats (`binary`)¶

struct: ovs-flow-stats
doc: Statistics for this flow. Present in notifications if the stats wouldbe nonzero. Ignored in requests.

tcp-flags (`u8`)¶

doc: An 8-bit value giving the ORed value of all of the TCP flags seen onpackets in this flow. Only present in notifications for TCP flows, andonly if it would be nonzero. Ignored in requests.

used (`u64`)¶

doc: A 64-bit integer giving the time, in milliseconds on the systemmonotonic clock, at which a packet was last processed for thisflow. Only present in notifications if a packet has been processed forthis flow. Ignored in requests.

clear (`flag`)¶

doc: If present in a OVS_FLOW_CMD_SET request, clears the last-used time,accumulated TCP flags, and statistics for this flow. Otherwiseignored in requests. Never present in notifications.

mask (`nest`)¶

nested-attributes: key-attrs
doc: Nested attributes specifying the mask bits for wildcarded flowmatch. Mask bit value '1' specifies exact match with correspondingflow key bit, while mask bit value '0' specifies a wildcardedmatch. Omitting attribute is treated as wildcarding all correspondingfields. Optional for all requests. If not present, all flow key bitsare exact match bits.

probe (`binary`)¶

doc: Flow operation is a feature probe, error logging should be suppressed.

ufid (`binary`)¶

doc: A value between 1-16 octets specifying a unique identifier for theflow. Causes the flow to be indexed by this value rather than thevalue of the OVS_FLOW_ATTR_KEY attribute. Optional for allrequests. Present in notifications if the flow was created with thisattribute.
display-hint: uuid

ufid-flags (`u32`)¶

enum: ovs-ufid-flags
doc: A 32-bit value of ORed flags that provide alternative semantics forflow installation and retrieval. Optional for all requests.

pad (`binary`)¶

key-attrs ¶

encap (`nest`)¶

nested-attributes: key-attrs

priority (`u32`)¶

in-port (`u32`)¶

ethernet (`binary`)¶

struct: ovs-key-ethernet
doc: struct ovs_key_ethernet

vlan (`u16`)¶

byte-order: big-endian

ethertype (`u16`)¶

byte-order: big-endian

ipv4 (`binary`)¶

struct: ovs-key-ipv4

ipv6 (`binary`)¶

struct: ovs-key-ipv6
doc: struct ovs_key_ipv6

tcp (`binary`)¶

struct: ovs-key-tcp

udp (`binary`)¶

struct: ovs-key-udp

icmp (`binary`)¶

struct: ovs-key-icmp

icmpv6 (`binary`)¶

struct: ovs-key-icmp

arp (`binary`)¶

struct: ovs-key-arp
doc: struct ovs_key_arp

nd (`binary`)¶

struct: ovs-key-nd
doc: struct ovs_key_nd

skb-mark (`u32`)¶

tunnel (`nest`)¶

nested-attributes: tunnel-key-attrs

sctp (`binary`)¶

struct: ovs-key-sctp

tcp-flags (`u16`)¶

byte-order: big-endian

dp-hash (`u32`)¶

doc: Value 0 indicates the hash is not computed by the datapath.

recirc-id (`u32`)¶

mpls (`binary`)¶

struct: ovs-key-mpls

ct-state (`u32`)¶

enum: ct-state-flags
enum-as-flags: True

ct-zone (`u16`)¶

doc: connection tracking zone

ct-mark (`u32`)¶

doc: connection tracking mark

ct-labels (`binary`)¶

display-hint: hex
doc: 16-octet connection tracking label

ct-orig-tuple-ipv4 (`binary`)¶

struct: ovs-key-ct-tuple-ipv4

ct-orig-tuple-ipv6 (`binary`)¶

doc: struct ovs_key_ct_tuple_ipv6

nsh (`nest`)¶

nested-attributes: ovs-nsh-key-attrs

packet-type (`u32`)¶

byte-order: big-endian
doc: Should not be sent to the kernel

nd-extensions (`binary`)¶

doc: Should not be sent to the kernel

tunnel-info (`binary`)¶

doc: struct ip_tunnel_info

ipv6-exthdrs (`binary`)¶

struct: ovs-key-ipv6-exthdrs
doc: struct ovs_key_ipv6_exthdr

action-attrs ¶

output (`u32`)¶

doc: ovs port number in datapath

userspace (`nest`)¶

nested-attributes: userspace-attrs

set (`nest`)¶

nested-attributes: key-attrs
doc: Replaces the contents of an existing header. The single nested attribute specifies a header to modify and its value.

push-vlan (`binary`)¶

struct: ovs-action-push-vlan
doc: Push a new outermost 802.1Q or 802.1ad header onto the packet.

pop-vlan (`flag`)¶

doc: Pop the outermost 802.1Q or 802.1ad header from the packet.

sample (`nest`)¶

nested-attributes: sample-attrs
doc: Probabilistically executes actions, as specified in the nested attributes.

recirc (`u32`)¶

doc: recirc id

hash (`binary`)¶

struct: ovs-action-hash

push-mpls (`binary`)¶

struct: ovs-action-push-mpls
doc: Push a new MPLS label stack entry onto the top of the packets MPLSlabel stack. Set the ethertype of the encapsulating frame to eitherETH_P_MPLS_UC or ETH_P_MPLS_MC to indicate the new packet contents.

pop-mpls (`u16`)¶

byte-order: big-endian
doc: ethertype

set-masked (`nest`)¶

nested-attributes: key-attrs
doc: Replaces the contents of an existing header. A nested attributespecifies a header to modify, its value, and a mask. For every bit setin the mask, the corresponding bit value is copied from the value tothe packet header field, rest of the bits are left unchanged. Thenon-masked value bits must be passed in as zeroes. Masking is notsupported for the OVS_KEY_ATTR_TUNNEL attribute.

ct (`nest`)¶

nested-attributes: ct-attrs
doc: Track the connection. Populate the conntrack-related entriesin the flow key.

trunc (`u32`)¶

doc: struct ovs_action_trunc is a u32 max length

push-eth (`binary`)¶

doc: struct ovs_action_push_eth

pop-eth (`flag`)¶

ct-clear (`flag`)¶

push-nsh (`nest`)¶

nested-attributes: ovs-nsh-key-attrs
doc: Push NSH header to the packet.

pop-nsh (`flag`)¶

doc: Pop the outermost NSH header off the packet.

meter (`u32`)¶

doc: Run packet through a meter, which may drop the packet, or modify thepacket (e.g., change the DSCP field)

clone (`nest`)¶

nested-attributes: action-attrs
doc: Make a copy of the packet and execute a list of actions withoutaffecting the original packet and key.

check-pkt-len (`nest`)¶

nested-attributes: check-pkt-len-attrs
doc: Check the packet length and execute a set of actions if greater thanthe specified packet length, else execute another set of actions.

add-mpls (`binary`)¶

struct: ovs-action-add-mpls
doc: Push a new MPLS label stack entry at the start of the packet or at thestart of the l3 header depending on the value of l3 tunnel flag in thetun_flags field of this OVS_ACTION_ATTR_ADD_MPLS argument.