Provided by: openvswitch-switch_1.4.0-1ubuntu1_i386 bug

Open_vSwitch DATABASE

       A  database  with  this  schema  holds  the  configuration for one Open
       vSwitch daemon.  The top-level configuration  for  the  daemon  is  the
       Open_vSwitch  table,  which  must  have exactly one record.  Records in
       other tables are significant only when they can be reached directly  or
       indirectly from the Open_vSwitch table.  Records that are not reachable
       from  the  Open_vSwitch  table  are  automatically  deleted  from   the
       database,  except  for  records  in  a  few  distinguished ``root set''
       tables.

   Common Columns
       Most  tables  contain  two  special  columns,  named  other_config  and
       external_ids.   These columns have the same form and purpose each place
       that they appear, so we describe them here to save space later.

              other_config: map of string-string pairs
                     Key-value pairs for  configuring  rarely  used  features.
                     Supported  keys,  along  with  the  forms  taken by their
                     values, are documented individually for each table.

                     A few tables do not have other_config columns because  no
                     key-value pairs have yet been defined for them.

              external_ids: map of string-string pairs
                     Key-value  pairs  for  use  by  external  frameworks that
                     integrate with Open vSwitch, rather than by Open  vSwitch
                     itself.   System  integrators  should either use the Open
                     vSwitch development mailing list to coordinate on  common
                     key-value  definitions,  or  choose  key  names  that are
                     likely to be unique.   In  some  cases,  where  key-value
                     pairs  have  been  defined  that  are likely to be widely
                     useful, they are documented individually for each table.

TABLE SUMMARY

       The following list summarizes the purpose of each of the tables in  the
       Open_vSwitch  database.   Each  table  is described in more detail on a
       later page.

       Table     Purpose
       Open_vSwitch
                 Open vSwitch configuration.
       Bridge    Bridge configuration.
       Port      Port configuration.
       Interface One physical network device in a Port.
       QoS       Quality of Service configuration
       Queue     QoS output queue.
       Mirror    Port mirroring.
       Controller
                 OpenFlow controller configuration.
       Manager   OVSDB management connection.
       NetFlow   NetFlow configuration.
       SSL       SSL configuration.
       sFlow     sFlow configuration.
       Capability
                 Capability configuration.

Open_vSwitch TABLE

       Configuration for an Open vSwitch daemon.  There must  be  exactly  one
       record in the Open_vSwitch table.

   Summary:
       Configuration:
         bridges                     set of Bridges
         ssl                         optional SSL
         external_ids : system-id    optional string
         external_ids : xs-system-uuid
                                     optional string
       Status:
         next_cfg                    integer
         cur_cfg                     integer
         capabilities                map of string-Capability pairs
         Statistics:
            other_config : enable-statistics
                                     optional string, either true or false
            statistics : cpu         optional  string,  containing an integer,
                                     at least 1
            statistics : load_average
                                     optional string
            statistics : memory      optional string
            statistics : process_NAME
                                     optional string
            statistics : file_systems
                                     optional string
       Version Reporting:
         ovs_version                 optional string
         db_version                  optional string
         system_type                 optional string
         system_version              optional string
       Database Configuration:
         manager_options             set of Managers
       Common Columns:
         other_config                map of string-string pairs
         external_ids                map of string-string pairs

   Details:
     Configuration:

       bridges: set of Bridges
              Set of bridges managed by the daemon.

       ssl: optional SSL
              SSL used globally by the daemon.

       external_ids : system-id: optional string
              A unique identifier for the Open vSwitch's physical  host.   The
              form  of  the  identifier depends on the type of the host.  On a
              Citrix  XenServer,   this   will   likely   be   the   same   as
              external_ids:xs-system-uuid.

       external_ids : xs-system-uuid: optional string
              The  Citrix  XenServer  universally  unique  identifier  for the
              physical host as displayed by xe host-list.

     Status:

       next_cfg: integer
              Sequence number for client to increment.  When a client modifies
              any  part  of  the database configuration and wishes to wait for
              Open vSwitch to finish applying the changes,  it  may  increment
              this sequence number.

       cur_cfg: integer
              Sequence  number  that Open vSwitch sets to the current value of
              next_cfg after it  finishes  applying  a  set  of  configuration
              changes.

       capabilities: map of string-Capability pairs
              Describes  functionality  supported by the hardware and software
              platform on which this Open vSwitch is  based.   Clients  should
              not  modify  this  column.   See  the Capability description for
              defined capability categories  and  the  meaning  of  associated
              Capability records.

     Statistics:
       The  statistics  column contains key-value pairs that report statistics
       about a system running an Open vSwitch.  These are updated periodically
       (currently,   every   5  seconds).   Key-value  pairs  that  cannot  be
       determined or that do not apply to a platform are omitted.

       other_config : enable-statistics: optional string, either true or false
              Statistics are disabled by default  to  avoid  overhead  in  the
              common  case  when statistics gathering is not useful.  Set this
              value to true to enable populating the statistics column  or  to
              false to explicitly disable it.

       statistics : cpu: optional string, containing an integer, at least 1
              Number of CPU processors, threads, or cores currently online and
              available to the operating  system  on  which  Open  vSwitch  is
              running,  as  an  integer.   This  may  be  less than the number
              installed, if some are not online or if they are  not  available
              to the operating system.

              Open  vSwitch userspace processes are not multithreaded, but the
              Linux kernel-based datapath is.

       statistics : load_average: optional string
              A  comma-separated  list  of   three   floating-point   numbers,
              representing  the system load average over the last 1, 5, and 15
              minutes, respectively.

       statistics : memory: optional string
              A comma-separated list of integers, each of which  represents  a
              quantity  of  memory  in  kilobytes that describes the operating
              system on which Open vSwitch is running.  In  respective  order,
              these values are:

              1.
                Total amount of RAM allocated to the OS.

              2.
                RAM allocated to the OS that is in use.

              3.
                RAM  that can be flushed out to disk or otherwise discarded if
                that space is needed for  another  purpose.   This  number  is
                necessarily less than or equal to the previous value.

              4.
                Total disk space allocated for swap.

              5.
                Swap space currently in use.

              On  Linux,  all  five values can be determined and are included.
              On other operating systems, only the first  two  values  can  be
              determined, so the list will only have two values.

       statistics : process_NAME: optional string
              One  such  key-value pair, with NAME replaced by a process name,
              will exist for each running Open vSwitch  daemon  process,  with
              name  replaced by the daemon's name (e.g. process_ovs-vswitchd).
              The value is a comma-separated list of integers.   The  integers
              represent  the  following, with memory measured in kilobytes and
              durations in milliseconds:

              1.
                The process's virtual memory size.

              2.
                The process's resident set size.

              3.
                The amount of  user  and  system  CPU  time  consumed  by  the
                process.

              4.
                The  number  of  times  that  the process has crashed and been
                automatically restarted by the monitor.

              5.
                The duration since the process was started.

              6.
                The duration for which the process has been running.

              The interpretation of some of these values  depends  on  whether
              the process was started with the --monitor.  If it was not, then
              the crash count will always be 0  and  the  two  durations  will
              always  be  the  same.   If  --monitor was given, then the crash
              count may be positive; if it is,  the  latter  duration  is  the
              amount of time since the most recent crash and restart.

              There will be one key-value pair for each file in Open vSwitch's
              ``run directory'' (usually /var/run/openvswitch) whose name ends
              in .pid, whose contents are a process ID, and which is locked by
              a running process.  The name is taken from the pidfile's name.

              Currently Open vSwitch is only able to obtain all of  the  above
              detail  on  Linux systems.  On other systems, the same key-value
              pairs will be present but the values will always  be  the  empty
              string.

       statistics : file_systems: optional string
              A  space-separated  list  of information on local, writable file
              systems.  Each item in the list describes one  file  system  and
              consists in turn of a comma-separated list of the following:

              1.
                Mount  point, e.g. / or /var/log.  Any spaces or commas in the
                mount point are replaced by underscores.

              2.
                Total size, in kilobytes, as an integer.

              3.
                Amount of storage in use, in kilobytes, as an integer.

              This key-value pair is omitted if there are no  local,  writable
              file  systems  or  if  Open  vSwitch  cannot  obtain  the needed
              information.

     Version Reporting:
       These columns report  the  types  and  versions  of  the  hardware  and
       software  running  Open vSwitch.  We recommend in general that software
       should test whether specific features are supported instead of  relying
       on  version  number  checks.   These  values are primarily intended for
       reporting to human administrators.

       ovs_version: optional string
              The Open vSwitch version number, e.g. 1.1.0.   If  Open  vSwitch
              was  configured  with  a build number, then it is also included,
              e.g. 1.1.0+build6579.

       db_version: optional string
              The   database   schema   version    number    in    the    form
              major.minor.tweak,  e.g. 1.2.3.  Whenever the database schema is
              changed in a non-backward compatible way (e.g. deleting a column
              or  a table), major is incremented.  When the database schema is
              changed in a backward compatible way (e.g. adding a new column),
              minor  is  incremented.   When  the  database  schema is changed
              cosmetically   (e.g.   reindenting   its   syntax),   tweak   is
              incremented.

              The  schema  version  is  part of the database schema, so it can
              also be retrieved by fetching the schema using the Open  vSwitch
              database protocol.

       system_type: optional string
              An  identifier  for  the  type  of  system  on top of which Open
              vSwitch runs, e.g. XenServer or KVM.

              System integrators are responsible for choosing and  setting  an
              appropriate value for this column.

       system_version: optional string
              The  version  of  the  system  identified  by  system_type, e.g.
              5.6.100-39265p on XenServer 5.6.100 build 39265.

              System integrators are responsible for choosing and  setting  an
              appropriate value for this column.

     Database Configuration:
       These   columns   primarily   configure   the   Open  vSwitch  database
       (ovsdb-server), not the Open vSwitch switch (ovs-vswitchd).  The  OVSDB
       database also uses the ssl settings.

       The  Open  vSwitch  switch  does  read  the  database  configuration to
       determine remote IP addresses to which in-band control should apply.

       manager_options: set of Managers
              Database clients to  which  the  Open  vSwitch  database  server
              should  connect or to which it should listen, along with options
              for how these connection should be configured.  See the  Manager
              table for more information.

     Common Columns:
       The  overall purpose of these columns is described under Common Columns
       at the beginning of this document.

       other_config: map of string-string pairs

       external_ids: map of string-string pairs

Bridge TABLE

       Configuration for a bridge within an Open_vSwitch.

       A Bridge  record  represents  an  Ethernet  switch  with  one  or  more
       ``ports,''  which are the Port records pointed to by the Bridge's ports
       column.

   Summary:
       Core Features:
         name                        string (must be unique within table)
         ports                       set of Ports
         mirrors                     set of Mirrors
         netflow                     optional NetFlow
         sflow                       optional sFlow
         flood_vlans                 set of up to 4,096 integers, in  range  0
                                     to 4,095
       OpenFlow Configuration:
         controller                  set of Controllers
         fail_mode                   optional   string,   either   secure   or
                                     standalone
         datapath_id                 optional string
         other_config : datapath-id  optional string
         other_config : disable-in-band
                                     optional string, either true or false
         other_config : in-band-queue
                                     optional string, containing  an  integer,
                                     in range 0 to 4,294,967,295
       Spanning Tree Configuration:
         stp_enable                  boolean
         other_config : stp-system-id
                                     optional string
         other_config : stp-priority
                                     optional  string,  containing an integer,
                                     in range 0 to 65,535
         other_config : stp-hello-time
                                     optional string, containing  an  integer,
                                     in range 1 to 10
         other_config : stp-max-age  optional  string,  containing an integer,
                                     in range 6 to 40
         other_config : stp-forward-delay
                                     optional string, containing  an  integer,
                                     in range 4 to 30
       Other Features:
         datapath_type               string
         external_ids : bridge-id    optional string
         external_ids : xs-network-uuids
                                     optional string
         other_config : hwaddr       optional string
         other_config : flow-eviction-threshold
                                     optional  string,  containing an integer,
                                     at least 0
         other_config : forward-bpdu
                                     optional string, either true or false
       Bridge Status:
         status                      map of string-string pairs
         status : stp_bridge_id      optional string
         status : stp_designated_root
                                     optional string
         status : stp_root_path_cost
                                     optional string
       Common Columns:
         other_config                map of string-string pairs
         external_ids                map of string-string pairs

   Details:
     Core Features:

       name: string (must be unique within table)
              Bridge identifier.  Should be  alphanumeric  and  no  more  than
              about  8  bytes  long.  Must be unique among the names of ports,
              interfaces, and bridges on a host.

       ports: set of Ports
              Ports included in the bridge.

       mirrors: set of Mirrors
              Port mirroring configuration.

       netflow: optional NetFlow
              NetFlow configuration.

       sflow: optional sFlow
              sFlow configuration.

       flood_vlans: set of up to 4,096 integers, in range 0 to 4,095
              VLAN IDs of VLANs  on  which  MAC  address  learning  should  be
              disabled,  so  that packets are flooded instead of being sent to
              specific ports that are believed to contain packets' destination
              MACs.  This should ordinarily be used to disable MAC learning on
              VLANs used for mirroring (RSPAN VLANs).  It may also  be  useful
              for debugging.

              SLB  bonding  (see  the  bond_mode  column in the Port table) is
              incompatible with flood_vlans.  Consider using  another  bonding
              mode or a different type of mirror instead.

     OpenFlow Configuration:

       controller: set of Controllers
              OpenFlow controller set.  If unset, then no OpenFlow controllers
              will be used.

       fail_mode: optional string, either secure or standalone
              When a controller is configured, it is, ordinarily,  responsible
              for setting up all flows on the switch.  Thus, if the connection
              to the controller fails, no new network connections can  be  set
              up.  If the connection to the controller stays down long enough,
              no packets can pass through the switch  at  all.   This  setting
              determines the switch's response to such a situation.  It may be
              set to one of the following:

              standalone
                     If no message is received from the controller  for  three
                     times     the     inactivity    probe    interval    (see
                     inactivity_probe),  then  Open  vSwitch  will  take  over
                     responsibility  for setting up flows.  In this mode, Open
                     vSwitch causes the bridge to act like  an  ordinary  MAC-
                     learning  switch.   Open  vSwitch  will continue to retry
                     connecting to the controller in the background and,  when
                     the   connection   succeeds,   it  will  discontinue  its
                     standalone behavior.

              secure Open vSwitch will not set up flows on its  own  when  the
                     controller  connection  fails  or when no controllers are
                     defined.  The bridge will continue to retry connecting to
                     any defined controllers forever.

              If this value is unset, the default is implementation-specific.

              When  more  than  one  controller  is  configured,  fail_mode is
              considered only when none of the configured controllers  can  be
              contacted.

       datapath_id: optional string
              Reports the OpenFlow datapath ID in use.  Exactly 16 hex digits.
              (Setting  this  column  has  no  useful  effect.    Set   other-
              config:datapath-id instead.)

       other_config : datapath-id: optional string
              Exactly  16  hex  digits  to  set  the OpenFlow datapath ID to a
              specific value.  May not be all-zero.

       other_config : disable-in-band: optional string, either true or false
              If set to true, disable in-band control on the bridge regardless
              of controller and manager settings.

       other_config  :  in-band-queue: optional string, containing an integer,
       in range 0 to 4,294,967,295
              A queue ID as a nonnegative integer.   This  sets  the  OpenFlow
              queue ID that will be used by flows set up by in-band control on
              this bridge.  If unset, or  if  the  port  used  by  an  in-band
              control  flow  does not have QoS configured, or if the port does
              not have a queue with the specified ID,  the  default  queue  is
              used instead.

     Spanning Tree Configuration:
       The IEEE 802.1D Spanning Tree Protocol (STP) is a network protocol that
       ensures loop-free topologies.  It allows redundant links to be included
       in  the  network  to provide automatic backup paths if the active links
       fails.

       stp_enable: boolean
              Enable spanning tree on the bridge.  By default, STP is disabled
              on  bridges.  Bond, internal, and mirror ports are not supported
              and will not participate in the spanning tree.

       other_config : stp-system-id: optional string
              The bridge's STP identifier (the lower 48 bits of the bridge-id)
              in  the  form  xx:xx:xx:xx:xx:xx.  By default, the identifier is
              the MAC address of the bridge.

       other_config : stp-priority: optional string, containing an integer, in
       range 0 to 65,535
              The  bridge's  relative  priority value for determining the root
              bridge (the upper 16 bits of the bridge-id).  A bridge with  the
              lowest  bridge-id is elected the root.  By default, the priority
              is 0x8000.

       other_config : stp-hello-time: optional string, containing an  integer,
       in range 1 to 10
              The   interval   between  transmissions  of  hello  messages  by
              designated ports, in seconds.  By default the hello interval  is
              2 seconds.

       other_config  : stp-max-age: optional string, containing an integer, in
       range 6 to 40
              The maximum age of the information  transmitted  by  the  bridge
              when it is the root bridge, in seconds.  By default, the maximum
              age is 20 seconds.

       other_config  :  stp-forward-delay:  optional  string,  containing   an
       integer, in range 4 to 30
              The  delay  to  wait  between  transitioning root and designated
              ports to forwarding, in seconds.   By  default,  the  forwarding
              delay is 15 seconds.

     Other Features:

       datapath_type: string
              Name of datapath provider.  The kernel datapath has type system.
              The userspace datapath has type netdev.

       external_ids : bridge-id: optional string
              A unique identifier of the bridge.   On  Citrix  XenServer  this
              will commonly be the same as external_ids:xs-network-uuids.

       external_ids : xs-network-uuids: optional string
              Semicolon-delimited  set of universally unique identifier(s) for
              the network with which this bridge is  associated  on  a  Citrix
              XenServer  host.   The network identifiers are RFC 4122 UUIDs as
              displayed by, e.g., xe network-list.

       other_config : hwaddr: optional string
              An Ethernet address in the form  xx:xx:xx:xx:xx:xx  to  set  the
              hardware  address  of  the local port and influence the datapath
              ID.

       other_config : flow-eviction-threshold: optional string, containing  an
       integer, at least 0
              A number of flows as a nonnegative integer.  This sets number of
              flows at which eviction from  the  kernel  flow  table  will  be
              triggered.  If there are a large number of flows then increasing
              this value to around the number of flows present can  result  in
              reduced CPU usage and packet loss.

              The  default  is  1000.   Values below 100 will be rounded up to
              100.

       other_config : forward-bpdu: optional string, either true or false
              Option to allow forwarding of BPDU frames when NORMAL action  is
              invoked.   Frames  with  reserved  Ethernet  addresses (e.g. STP
              BPDU) will be forwarded when this  option  is  enabled  and  the
              switch  is  not providing that functionality.  If STP is enabled
              on the port, STP BPDUs will never be  forwarded.   If  the  Open
              vSwitch  bridge  is used to connect different Ethernet networks,
              and if Open vSwitch node does not  run  STP,  then  this  option
              should be enabled.  Default is disabled, set to true to enable.

     Bridge Status:
       Status information about bridges.

       status: map of string-string pairs
              Key-value pairs that report bridge status.

       status : stp_bridge_id: optional string
              The  bridge-id  (in  hex)  used in spanning tree advertisements.
              Configuring the bridge-id is described in the stp-system-id  and
              stp-priority keys of the other_config section earlier.

       status : stp_designated_root: optional string
              The designated root (in hex) for this spanning tree.

       status : stp_root_path_cost: optional string
              The path cost of reaching the designated bridge.  A lower number
              is better.

     Common Columns:
       The overall purpose of these columns is described under Common  Columns
       at the beginning of this document.

       other_config: map of string-string pairs

       external_ids: map of string-string pairs

Port TABLE

       A port within a Bridge.

       Most  commonly, a port has exactly one ``interface,'' pointed to by its
       interfaces column.  Such a port logically corresponds to a  port  on  a
       physical  Ethernet  switch.   A  port with more than one interface is a
       ``bonded port'' (see Bonding Configuration).

       Some properties that one  might  think  as  belonging  to  a  port  are
       actually part of the port's Interface members.

   Summary:
       name                          string (must be unique within table)
       interfaces                    set of 1 or more Interfaces
       VLAN Configuration:
         vlan_mode                   optional    string,    one   of   access,
                                     native-tagged, native-untagged, or trunk
         tag                         optional integer, in range 0 to 4,095
         trunks                      set of up to 4,096 integers, in  range  0
                                     to 4,095
         other_config : priority-tags
                                     optional string, either true or false
       Bonding Configuration:
         bond_mode                   optional  string,  one  of active-backup,
                                     balance-tcp, balance-slb, or stable
         Link Failure Detection:
            other_config : bond-detect-mode
                                     optional string, either miimon or carrier
            other_config : bond-miimon-interval
                                     optional string, containing an integer
            bond_updelay             integer
            bond_downdelay           integer
         LACP Configuration:
            lacp                     optional string, one of active,  passive,
                                     or off
            other_config : lacp-system-id
                                     optional string
            other_config : lacp-system-priority
                                     optional  string,  containing an integer,
                                     in range 1 to 65,535
            other_config : lacp-time optional string
            other_config : lacp-heartbeat
                                     optional string, either true or false
            other_config : bond-hash-basis
                                     optional string, containing an integer
         SLB Configuration:
            other_config : bond-rebalance-interval
                                     optional string, containing  an  integer,
                                     in range 1,000 to 10,000
         bond_fake_iface             boolean
       Spanning Tree Configuration:
         other_config : stp-enable   optional string, either true or false
         other_config : stp-port-num
                                     optional  string,  containing an integer,
                                     in range 1 to 255
         other_config : stp-port-priority
                                     optional string, containing  an  integer,
                                     in range 0 to 255
         other_config : stp-path-cost
                                     optional  string,  containing an integer,
                                     in range 0 to 65,535
       Other Features:
         qos                         optional QoS
         mac                         optional string
         fake_bridge                 boolean
         external_ids : fake-bridge-id-*
                                     optional string
       Port Status:
         status                      map of string-string pairs
         status : stp_port_id        optional string
         status : stp_state          optional   string,   one   of   disabled,
                                     forwarding,   learning,   listening,   or
                                     blocking
         status : stp_sec_in_state   optional string, containing  an  integer,
                                     at least 0
         status : stp_role           optional   string,   one  of  designated,
                                     alternate, or root
       Port Statistics:
         Statistics: STP transmit and receive counters:
            statistics : stp_tx_count
                                     optional integer
            statistics : stp_rx_count
                                     optional integer
            statistics : stp_error_count
                                     optional integer
       Common Columns:
         other_config                map of string-string pairs
         external_ids                map of string-string pairs

   Details:
       name: string (must be unique within table)
              Port name.  Should be alphanumeric and  no  more  than  about  8
              bytes  long.   May  be  the same as the interface name, for non-
              bonded ports.  Must otherwise  be  unique  among  the  names  of
              ports, interfaces, and bridges on a host.

       interfaces: set of 1 or more Interfaces
              The  port's  interfaces.   If  there is more than one, this is a
              bonded Port.

     VLAN Configuration:
       Bridge ports support the following types of VLAN configuration:

              trunk  A trunk port carries packets on  one  or  more  specified
                     VLANs  specified  in  the  trunks column (often, on every
                     VLAN).  A packet that ingresses on a trunk port is in the
                     VLAN  specified  in  its  802.1Q header, or VLAN 0 if the
                     packet has no 802.1Q  header.   A  packet  that  egresses
                     through a trunk port will have an 802.1Q header if it has
                     a nonzero VLAN ID.

                     Any packet that ingresses on a trunk port tagged  with  a
                     VLAN that the port does not trunk is dropped.

              access An  access  port  carries  packets  on  exactly  one VLAN
                     specified in the tag column.   Packets  egressing  on  an
                     access port have no 802.1Q header.

                     Any  packet  with an 802.1Q header with a nonzero VLAN ID
                     that ingresses on an access port is  dropped,  regardless
                     of whether the VLAN ID in the header is the access port's
                     VLAN ID.

              native-tagged
                     A native-tagged port resembles a  trunk  port,  with  the
                     exception  that  a  packet  without an 802.1Q header that
                     ingresses on a native-tagged  port  is  in  the  ``native
                     VLAN'' (specified in the tag column).

              native-untagged
                     A  native-untagged  port  resembles a native-tagged port,
                     with the exception that  a  packet  that  egresses  on  a
                     native-untagged  port in the native VLAN will not have an
                     802.1Q header.

       A packet will only egress through bridge ports that carry the  VLAN  of
       the packet, as described by the rules above.

       vlan_mode:    optional    string,   one   of   access,   native-tagged,
       native-untagged, or trunk
              The VLAN mode of the port, as described above.  When this column
              is empty, a default mode is selected as follows:

              o      If tag contains a value, the port is an access port.  The
                     trunks column should be empty.

              o      Otherwise, the port is a trunk port.  The  trunks  column
                     value is honored if it is present.

       tag: optional integer, in range 0 to 4,095
              For  an  access  port, the port's implicitly tagged VLAN.  For a
              native-tagged or native-untagged port, the port's  native  VLAN.
              Must be empty if this is a trunk port.

       trunks: set of up to 4,096 integers, in range 0 to 4,095
              For  a trunk, native-tagged, or native-untagged port, the 802.1Q
              VLAN or VLANs that this port trunks; if it is  empty,  then  the
              port trunks all VLANs.  Must be empty if this is an access port.

              A native-tagged or native-untagged port always trunks its native
              VLAN, regardless of whether trunks includes that VLAN.

       other_config : priority-tags: optional string, either true or false
              An 802.1Q header contains two important pieces of information: a
              VLAN  ID  and a priority.  A frame with a zero VLAN ID, called a
              ``priority-tagged'' frame, is supposed to be  treated  the  same
              way  as  a frame without an 802.1Q header at all (except for the
              priority).

              However, some network elements ignore any frame that has  802.1Q
              header  at  all,  even  when the VLAN ID is zero.  Therefore, by
              default Open vSwitch does  not  output  priority-tagged  frames,
              instead  omitting  the  802.1Q header entirely if the VLAN ID is
              zero.  Set this key to true to enable priority-tagged frames  on
              a port.

              Regardless of this setting, Open vSwitch omits the 802.1Q header
              on output if both the VLAN ID and priority would be zero.

              All frames output to native-tagged ports have a nonzero VLAN ID,
              so this setting is not meaningful on native-tagged ports.

     Bonding Configuration:
       A  port  that has more than one interface is a ``bonded port.'' Bonding
       allows for load balancing and fail-over.  Some kinds  of  bonding  will
       work with any kind of upstream switch:

              balance-slb
                     Balances  flows  among slaves based on source MAC address
                     and output VLAN, with  periodic  rebalancing  as  traffic
                     patterns change.

              active-backup
                     Assigns  all flows to one slave, failing over to a backup
                     slave when the active slave is disabled.

       The following modes require the upstream switch to support 802.3ad with
       successful   LACP   negotiation.    If   LACP  negotiation  fails  then
       balance-slb style flow hashing is used as a fallback:

              balance-tcp
                     Balances flows among slaves  based  on  L2,  L3,  and  L4
                     protocol  information such as destination MAC address, IP
                     address, and TCP port.

              stable Attempts to always assign a given flow to the same  slave
                     consistently.   In  an  effort  to maintain stability, no
                     load balancing is done.  Uses a similar hashing  strategy
                     to  balance-tcp,  always  taking  into  account L3 and L4
                     fields even if LACP negotiations are unsuccessful.

                     Slave   selection   decisions   are   made    based    on
                     other_config:bond-stable-id  if set.  Otherwise, OpenFlow
                     port number is used.  Decisions are consistent across all
                     ovs-vswitchd instances with equivalent other_config:bond-
                     stable-id values.

       These columns apply only to bonded ports.  Their values  are  otherwise
       ignored.

       bond_mode:   optional   string,   one  of  active-backup,  balance-tcp,
       balance-slb, or stable
              The type of  bonding  used  for  a  bonded  port.   Defaults  to
              balance-slb if unset.

     Link Failure Detection:
       An  important  part of link bonding is detecting that links are down so
       that they may be disabled.  These settings determine how  Open  vSwitch
       detects link failure.

       other_config  :  bond-detect-mode:  optional  string,  either miimon or
       carrier
              The means used to detect link  failures.   Defaults  to  carrier
              which  uses  each  interface's carrier to detect failures.  When
              set  to  miimon,  will  check  for  failures  by  polling   each
              interface's MII.

       other_config  :  bond-miimon-interval:  optional  string, containing an
       integer
              The interval, in milliseconds, between  successive  attempts  to
              poll    each    interface's    MII.     Relevant    only    when
              other_config:bond-detect-mode is miimon.

       bond_updelay: integer
              The number of milliseconds for which carrier must stay up on  an
              interface  before the interface is considered to be up.  Specify
              0 to enable the interface immediately.

              This setting is honored only when at least one bonded  interface
              is  already  enabled.   When no interfaces are enabled, then the
              first bond interface to come up is enabled immediately.

       bond_downdelay: integer
              The number of milliseconds for which carrier must stay  down  on
              an  interface  before  the  interface  is considered to be down.
              Specify 0 to disable the interface immediately.

     LACP Configuration:
       LACP, the Link Aggregation Control Protocol, is an IEEE  standard  that
       allows  switches  to  automatically  detect  that they are connected by
       multiple links  and  aggregate  across  those  links.   These  settings
       control LACP behavior.

       lacp: optional string, one of active, passive, or off
              Configures  LACP  on  this port.  LACP allows directly connected
              switches to negotiate which links may be bonded.   LACP  may  be
              enabled on non-bonded ports for the benefit of any switches they
              may be connected to.  active ports are allowed to initiate  LACP
              negotiations.   passive ports are allowed to participate in LACP
              negotiations initiated by a remote switch, but  not  allowed  to
              initiate  such  negotiations  themselves.   Defaults  to  off if
              unset.

       other_config : lacp-system-id: optional string
              The LACP system ID of this Port.  The system ID of a  LACP  bond
              is  used  to identify itself to its partners.  Must be a nonzero
              MAC address.

       other_config : lacp-system-priority:  optional  string,  containing  an
       integer, in range 1 to 65,535
              The  LACP  system  priority of this Port.  In LACP negotiations,
              link  status  decisions  are  made  by  the  system   with   the
              numerically lower priority.

       other_config : lacp-time: optional string
              The  LACP  timing  which  should be used on this Port.  Possible
              values are fast, slow and a positive number of milliseconds.  By
              default   slow  is  used.   When  configured  to  be  fast  LACP
              heartbeats are requested at a rate of once  per  second  causing
              connectivity  problems  to  be  detected  more quickly.  In slow
              mode, heartbeats are requested  at  a  rate  of  once  every  30
              seconds.

              Users may manually set a heartbeat transmission rate to increase
              the fault detection  speed  further.   When  manually  set,  OVS
              expects  the  partner  switch  to  be  configured  with the same
              transmission rate.   Manually  setting  lacp-time  to  something
              other   than   fast  or  slow  is  not  supported  by  the  LACP
              specification.

       other_config : lacp-heartbeat: optional string, either true or false
              Treat LACP like a  simple  heartbeat  protocol  for  link  state
              monitoring.   Most  features  of  the LACP protocol are disabled
              when this mode is in use.   The  default  if  not  specified  is
              false.

       other_config : bond-hash-basis: optional string, containing an integer
              An  integer hashed along with flows when choosing output slaves.
              When changed, all flows will be assigned different  hash  values
              possibly causing slave selection decisions to change.

     SLB Configuration:
       These  settings  control  behavior  when a bond is in balance-slb mode,
       regardless of whether the bond was intentionally configured in SLB mode
       or it fell back to SLB mode because LACP negotiation failed.

       other_config  : bond-rebalance-interval: optional string, containing an
       integer, in range 1,000 to 10,000
              For an SLB bonded  port,  the  number  of  milliseconds  between
              successive  attempts  to  rebalance  the  bond, that is, to move
              source MACs and their flows from one interface on  the  bond  to
              another  in  an  attempt to keep usage of each interface roughly
              equal.

       bond_fake_iface: boolean
              For a bonded port, whether to create a fake  internal  interface
              with  the  name  of  the  port.  Use only for compatibility with
              legacy software that requires this.

     Spanning Tree Configuration:

       other_config : stp-enable: optional string, either true or false
              If spanning tree is enabled on  the  bridge,  member  ports  are
              enabled  by  default  (with the exception of bond, internal, and
              mirror ports which do not work  with  STP).   If  this  column's
              value is false spanning tree is disabled on the port.

       other_config : stp-port-num: optional string, containing an integer, in
       range 1 to 255
              The port number used for the lower 8 bits of  the  port-id.   By
              default,  the  numbers  will  be assigned automatically.  If any
              port's number is manually configured on a bridge, then they must
              all be.

       other_config   :  stp-port-priority:  optional  string,  containing  an
       integer, in range 0 to 255
              The port's relative priority value for determining the root port
              (the  upper 8 bits of the port-id).  A port with a lower port-id
              will be chosen as the root port.  By default,  the  priority  is
              0x80.

       other_config  :  stp-path-cost: optional string, containing an integer,
       in range 0 to 65,535
              Spanning tree path cost for the port.  A lower number  indicates
              a  faster  link.   By  default, the cost is based on the maximum
              speed of the link.

     Other Features:

       qos: optional QoS
              Quality of Service configuration for this port.

       mac: optional string
              The MAC address to use for this port for the purpose of choosing
              the  bridge's  MAC  address.   This  column does not necessarily
              reflect the port's actual  MAC  address,  nor  will  setting  it
              change the port's actual MAC address.

       fake_bridge: boolean
              Does this port represent a sub-bridge for its tagged VLAN within
              the Bridge?  See ovs-vsctl(8) for more information.

       external_ids : fake-bridge-id-*: optional string
              External IDs for a fake bridge (see the fake_bridge column)  are
              defined   by   prefixing   a   Bridge   external_ids   key  with
              fake-bridge-, e.g. fake-bridge-xs-network-uuids.

     Port Status:
       Status information about ports attached to bridges.

       status: map of string-string pairs
              Key-value pairs that report port status.

       status : stp_port_id: optional string
              The port-id (in hex) used in spanning  tree  advertisements  for
              this   port.   Configuring  the  port-id  is  described  in  the
              stp-port-num and  stp-port-priority  keys  of  the  other_config
              section earlier.

       status  :  stp_state:  optional  string,  one  of disabled, forwarding,
       learning, listening, or blocking
              STP state of the port.

       status : stp_sec_in_state: optional string, containing an  integer,  at
       least 0
              The amount of time (in seconds) port has been in the current STP
              state.

       status : stp_role: optional string, one of  designated,  alternate,  or
       root
              STP role of the port.

     Port Statistics:
       Key-value pairs that report port statistics.

     Statistics: STP transmit and receive counters:

       statistics : stp_tx_count: optional integer
              Number  of  STP  BPDUs  sent  on  this port by the spanning tree
              library.

       statistics : stp_rx_count: optional integer
              Number of STP BPDUs received on this port and  accepted  by  the
              spanning tree library.

       statistics : stp_error_count: optional integer
              Number  of  bad  STP  BPDUs  received  on  this port.  Bad BPDUs
              include runt packets and those with an unexpected protocol ID.

     Common Columns:
       The overall purpose of these columns is described under Common  Columns
       at the beginning of this document.

       other_config: map of string-string pairs

       external_ids: map of string-string pairs

Interface TABLE

       An interface within a Port.

   Summary:
       Core Features:
         name                        string (must be unique within table)
         mac                         optional string
         ofport                      optional integer
       System-Specific Details:
         type                        string
       Tunnel Options:
         options : remote_ip         optional string
         options : local_ip          optional string
         options : in_key            optional string
         options : out_key           optional string
         options : key               optional string
         options : tos               optional string
         options : ttl               optional string
         options : df_inherit        optional string, either true or false
         options : df_default        optional string, either true or false
         options : pmtud             optional string, either true or false
         Tunnel Options: gre only:
            options : header_cache   optional string, either true or false
         Tunnel Options: gre and ipsec_gre only:
            options : csum           optional string, either true or false
         Tunnel Options: ipsec_gre only:
            options : peer_cert      optional string
            options : certificate    optional string
            options : private_key    optional string
            options : psk            optional string
       Patch Options:
         options : peer              optional string
       Interface Status:
         admin_state                 optional string, either down or up
         link_state                  optional string, either down or up
         link_resets                 optional integer
         link_speed                  optional integer
         duplex                      optional string, either full or half
         mtu                         optional integer
         lacp_current                optional boolean
         status                      map of string-string pairs
         status : driver_name        optional string
         status : driver_version     optional string
         status : firmware_version   optional string
         status : source_ip          optional string
         status : tunnel_egress_iface
                                     optional string
         status : tunnel_egress_iface_carrier
                                     optional string, either down or up
       Statistics:
         Statistics: Successful transmit and receive counters:
            statistics : rx_packets  optional integer
            statistics : rx_bytes    optional integer
            statistics : tx_packets  optional integer
            statistics : tx_bytes    optional integer
         Statistics: Receive errors:
            statistics : rx_dropped  optional integer
            statistics : rx_frame_err
                                     optional integer
            statistics : rx_over_err optional integer
            statistics : rx_crc_err  optional integer
            statistics : rx_errors   optional integer
         Statistics: Transmit errors:
            statistics : tx_dropped  optional integer
            statistics : collisions  optional integer
            statistics : tx_errors   optional integer
       Ingress Policing:
         ingress_policing_rate       integer, at least 0
         ingress_policing_burst      integer, at least 0
       Connectivity Fault Management:
         cfm_mpid                    optional integer
         cfm_fault                   optional boolean
         cfm_remote_mpids            set of integers
         other_config : cfm_interval
                                     optional string, containing an integer
         other_config : cfm_extended
                                     optional string, either true or false
         other_config : cfm_opstate  optional string, either down or up
         other_config : cfm_ccm_vlan
                                     optional  string,  containing an integer,
                                     in range 1 to 4,095
       Bonding Configuration:
         other_config : bond-stable-id
                                     optional string, containing  an  integer,
                                     at least 1
         other_config : lacp-port-id
                                     optional  string,  containing an integer,
                                     in range 1 to 65,535
         other_config : lacp-port-priority
                                     optional string, containing  an  integer,
                                     in range 1 to 65,535
         other_config : lacp-aggregation-key
                                     optional  string,  containing an integer,
                                     in range 1 to 65,535
       Virtual Machine Identifiers:
         external_ids : attached-mac
                                     optional string
         external_ids : iface-id     optional string
         external_ids : xs-vif-uuid  optional string
         external_ids : xs-network-uuid
                                     optional string
         external_ids : xs-vm-uuid   optional string
       VLAN Splinters:
         other_config : enable-vlan-splinters
                                     optional string, either true or false
       Common Columns:
         other_config                map of string-string pairs
         external_ids                map of string-string pairs

   Details:
     Core Features:

       name: string (must be unique within table)
              Interface name.  Should be alphanumeric and no more than about 8
              bytes  long.   May  be the same as the port name, for non-bonded
              ports.  Must otherwise be  unique  among  the  names  of  ports,
              interfaces, and bridges on a host.

       mac: optional string
              Ethernet  address  to set for this interface.  If unset then the
              default MAC address is used:

              o      For the local  interface,  the  default  is  the  lowest-
                     numbered MAC address among the other bridge ports, either
                     the value of the mac in its Port record, if set,  or  its
                     actual  MAC (for bonded ports, the MAC of its slave whose
                     name is first in alphabetical order).  Internal ports and
                     bridge ports that are used as port mirroring destinations
                     (see the Mirror table) are ignored.

              o      For  other  internal  interfaces,  the  default  MAC   is
                     randomly generated.

              o      External   interfaces   typically   have  a  MAC  address
                     associated with their hardware.

              Some  interfaces  may  not  have  a  software-controllable   MAC
              address.

       ofport: optional integer
              OpenFlow  port  number for this interface.  Unlike most columns,
              this column's value should be set only by Open  vSwitch  itself.
              Other  clients  should  set  this  column  to  an empty set (the
              default) when creating an Interface.

              Open vSwitch populates this column when the port number  becomes
              known.   If  the interface is successfully added, ofport will be
              set to a number between 1 and 65535  (generally  either  in  the
              range  1  to 65279, inclusive, or 65534, the port number for the
              OpenFlow ``local port'').  If the interface cannot be added then
              Open vSwitch sets this column to -1.

     System-Specific Details:

       type: string
              The interface type, one of:

              system An   ordinary   network   device,  e.g.  eth0  on  Linux.
                     Sometimes referred to as  ``external  interfaces''  since
                     they are generally connected to hardware external to that
                     on which the Open vSwitch is running.  The  empty  string
                     is a synonym for system.

              internal
                     A  simulated  network  device  that  sends  and  receives
                     traffic.  An internal interface whose name is the same as
                     its  bridge's name is called the ``local interface.''  It
                     does not make sense to bond an internal interface, so the
                     terms   ``port''   and   ``interface''   are  often  used
                     imprecisely for internal interfaces.

              tap    A TUN/TAP device managed by Open vSwitch.

              gre    An Ethernet over RFC 2890 Generic  Routing  Encapsulation
                     over  IPv4 tunnel.  See Tunnel Options for information on
                     configuring GRE tunnels.

              ipsec_gre
                     An Ethernet over RFC 2890 Generic  Routing  Encapsulation
                     over IPv4 IPsec tunnel.

              capwap An  Ethernet  tunnel  over  the  UDP transport portion of
                     CAPWAP (RFC 5415).   This  allows  interoperability  with
                     certain  switches  that  do  not  support  GRE.  Only the
                     tunneling component of the protocol is implemented.   UDP
                     ports  58881  and  58882  are  used  as  the  source  and
                     destination  ports  respectively.   CAPWAP  is  currently
                     supported only with the Linux kernel datapath with kernel
                     version 2.6.26 or later.

              patch  A pair of virtual devices that act as a patch cable.

              null   An ignored interface.

     Tunnel Options:
       These options apply to interfaces with  type  of  gre,  ipsec_gre,  and
       capwap.

       Each  tunnel  must  be  uniquely identified by the combination of type,
       options:remote_ip, options:local_ip, and options:in_key.  If two  ports
       are defined that are the same except one has an optional identifier and
       the  other  does  not,  the  more  specific  one  is   matched   first.
       options:in_key  is  considered more specific than options:local_ip if a
       port defines one and another port defines the other.

       options : remote_ip: optional string
              Required.  The tunnel endpoint.  Unicast and multicast endpoints
              are both supported.

              When  a  multicast endpoint is specified, a routing table lookup
              occurs only when the tunnel is  created.   Following  a  routing
              change,  delete  and  then  re-create  the tunnel to force a new
              routing table lookup.

       options : local_ip: optional string
              Optional.  The destination IP that received packets must  match.
              Default  is  to  match  all  addresses.   Must  be  omitted when
              options:remote_ip is a multicast address.

       options : in_key: optional string
              Optional.  The key that received packets must contain, one of:

              o      0.  The tunnel receives packets with no key or with a key
                     of 0.  This is equivalent to specifying no options:in_key
                     at all.

              o      A positive  32-bit  (for  GRE)  or  64-bit  (for  CAPWAP)
                     number.   The  tunnel  receives  only  packets  with  the
                     specified key.

              o      The word flow.  The tunnel accepts packets with any  key.
                     The  key  will be placed in the tun_id field for matching
                     in the flow table.  The ovs-ofctl  manual  page  contains
                     additional  information about matching fields in OpenFlow
                     flows.

       options : out_key: optional string
              Optional.  The key to be set on outgoing packets, one of:

              o      0.  Packets sent through the tunnel  will  have  no  key.
                     This  is  equivalent  to specifying no options:out_key at
                     all.

              o      A positive  32-bit  (for  GRE)  or  64-bit  (for  CAPWAP)
                     number.   Packets  sent  through the tunnel will have the
                     specified key.

              o      The word flow.  Packets sent through the tunnel will have
                     the  key  set using the set_tunnel Nicira OpenFlow vendor
                     extension (0 is used in the absence of an  action).   The
                     ovs-ofctl  manual  page  contains  additional information
                     about the Nicira OpenFlow vendor extensions.

       options : key: optional string
              Optional.  Shorthand to set in_key and out_key at the same time.

       options : tos: optional string
              Optional.   The  value  of  the  ToS  bits  to  be  set  on  the
              encapsulating packet.  It may also be the word inherit, in which
              case the ToS will be copied from the inner packet if it is  IPv4
              or  IPv6  (otherwise  it  will be 0).  The ECN fields are always
              inherited.  Default is 0.

       options : ttl: optional string
              Optional.  The TTL to be set on the  encapsulating  packet.   It
              may  also  be  the  word  inherit, in which case the TTL will be
              copied from the inner packet if it is IPv4 or IPv6 (otherwise it
              will  be  the  system  default,  typically  64).  Default is the
              system default TTL.

       options : df_inherit: optional string, either true or false
              Optional.  If enabled, the Don't Fragment  bit  will  be  copied
              from the inner IP headers (those of the encapsulated traffic) to
              the outer (tunnel) headers.  Default is disabled; set to true to
              enable.

       options : df_default: optional string, either true or false
              Optional.   If  enabled,  the  Don't Fragment bit will be set by
              default on tunnel headers if the df_inherit option is  not  set,
              or  if  the  encapsulated packet is not IP.  Default is enabled;
              set to false to disable.

       options : pmtud: optional string, either true or false
              Optional.  Enable tunnel path MTU discovery.  If enabled  ``ICMP
              Destination  Unreachable  - Fragmentation Needed'' messages will
              be generated for IPv4 packets with  the  DF  bit  set  and  IPv6
              packets  above  the  minimum  MTU if the packet size exceeds the
              path MTU minus the size of the tunnel headers.  Note  that  this
              option  causes  behavior  that is typically reserved for routers
              and therefore is not entirely in compliance with the IEEE 802.1D
              specification  for bridges.  Default is enabled; set to false to
              disable.

     Tunnel Options: gre only:
       Only gre interfaces support these options.

       options : header_cache: optional string, either true or false
              Enable caching of tunnel headers and the output path.  This  can
              lead  to  a  significant  performance  increase without changing
              behavior.  In general it should not be necessary to adjust  this
              setting.   However, the caching can bypass certain components of
              the IP stack (such as iptables) and it may be useful to  disable
              it  if  these  features  are required or as a debugging measure.
              Default is enabled, set to false to disable.

     Tunnel Options: gre and ipsec_gre only:
       Only gre and ipsec_gre interfaces support these options.

       options : csum: optional string, either true or false
              Optional.  Compute GRE checksums on outgoing  packets.   Default
              is  disabled,  set  to  true  to  enable.   Checksums present on
              incoming packets will be validated regardless of this setting.

              GRE checksums impose a significant performance  penalty  because
              they  cover  the entire packet.  The encapsulated L3, L4, and L7
              packet contents typically have  their  own  checksums,  so  this
              additional checksum only adds value for the GRE and encapsulated
              L2 headers.

              This option is supported for ipsec_gre, but not  useful  because
              GRE checksums are weaker than, and redundant with, IPsec payload
              authentication.

     Tunnel Options: ipsec_gre only:
       Only ipsec_gre interfaces support these options.

       options : peer_cert: optional string
              Required for certificate authentication.   A  string  containing
              the  peer's  certificate in PEM format.  Additionally the host's
              certificate must be specified with the certificate option.

       options : certificate: optional string
              Required for certificate authentication.  The name of a PEM file
              containing  a  certificate  that  will  be presented to the peer
              during authentication.

       options : private_key: optional string
              Optional for certificate authentication.  The name of a PEM file
              containing  the  private  key  associated  with certificate.  If
              certificate  contains  the  private  key,  this  option  may  be
              omitted.

       options : psk: optional string
              Required  for  pre-shared  key authentication.  Specifies a pre-
              shared key for authentication that must  be  identical  on  both
              sides of the tunnel.

     Patch Options:
       Only patch interfaces support these options.

       options : peer: optional string
              The  name of the Interface for the other side of the patch.  The
              named Interface's own peer option must specify this  Interface's
              name.  That is, the two patch interfaces must have reversed name
              and peer values.

     Interface Status:
       Status information about interfaces attached to bridges, updated  every
       5  seconds.   Not  all interfaces have all of these properties; virtual
       interfaces don't  have  a  link  speed,  for  example.   Non-applicable
       columns will have empty values.

       admin_state: optional string, either down or up
              The administrative state of the physical network link.

       link_state: optional string, either down or up
              The  observed  state  of  the  physical  network  link.  This is
              ordinarily the link's carrier status.  If the  interface's  Port
              is  a  bond  configured for miimon monitoring, it is instead the
              network link's miimon status.

       link_resets: optional integer
              The number of times Open vSwitch has observed the link_state  of
              this Interface change.

       link_speed: optional integer
              The negotiated speed of the physical network link.  Valid values
              are positive integers greater than 0.

       duplex: optional string, either full or half
              The duplex mode of the physical network link.

       mtu: optional integer
              The MTU (maximum transmission unit); i.e. the largest amount  of
              data  that  can  fit into a single Ethernet frame.  The standard
              Ethernet MTU is 1500 bytes.  Some physical media and many  kinds
              of virtual interfaces can be configured with higher MTUs.

              This column will be empty for an interface that does not have an
              MTU as, for example, some kinds of tunnels do not.

       lacp_current: optional boolean
              Boolean value indicating LACP status  for  this  interface.   If
              true, this interface has current LACP information about its LACP
              partner.  This information may be used to monitor the health  of
              interfaces in a LACP enabled port.  This column will be empty if
              LACP is not enabled.

       status: map of string-string pairs
              Key-value pairs  that  report  port  status.   Supported  status
              values  are type-dependent; some interfaces may not have a valid
              status:driver_name, for example.

       status : driver_name: optional string
              The name of the device driver controlling the network adapter.

       status : driver_version: optional string
              The version string of the device driver controlling the  network
              adapter.

       status : firmware_version: optional string
              The  version  string  of  the  network  adapter's  firmware,  if
              available.

       status : source_ip: optional string
              The source IP address used for an IPv4 tunnel end-point, such as
              gre or capwap.

       status : tunnel_egress_iface: optional string
              Egress  interface  for tunnels.  Currently only relevant for GRE
              and CAPWAP tunnels.  On Linux systems, this column will show the
              name  of  the interface which is responsible for routing traffic
              destined for the configured options:remote_ip.  This could be an
              internal interface such as a bridge port.

       status  :  tunnel_egress_iface_carrier: optional string, either down or
       up
              Whether carrier is detected on status:tunnel_egress_iface.

     Statistics:
       Key-value  pairs  that  report  interface  statistics.    The   current
       implementation    updates    these   counters   periodically.    Future
       implementations may update them when an interface is created, when they
       are  queried (e.g. using an OVSDB select operation), and just before an
       interface  is  deleted  due  to  virtual  interface  hot-unplug  or  VM
       shutdown,  and  perhaps at other times, but not on any regular periodic
       basis.

       These are the same  statistics  reported  by  OpenFlow  in  its  struct
       ofp_port_stats  structure.   If  an  interface does not support a given
       statistic, then that pair is omitted.

     Statistics: Successful transmit and receive counters:

       statistics : rx_packets: optional integer
              Number of received packets.

       statistics : rx_bytes: optional integer
              Number of received bytes.

       statistics : tx_packets: optional integer
              Number of transmitted packets.

       statistics : tx_bytes: optional integer
              Number of transmitted bytes.

     Statistics: Receive errors:

       statistics : rx_dropped: optional integer
              Number of packets dropped by RX.

       statistics : rx_frame_err: optional integer
              Number of frame alignment errors.

       statistics : rx_over_err: optional integer
              Number of packets with RX overrun.

       statistics : rx_crc_err: optional integer
              Number of CRC errors.

       statistics : rx_errors: optional integer
              Total number of receive errors, greater than or equal to the sum
              of the above.

     Statistics: Transmit errors:

       statistics : tx_dropped: optional integer
              Number of packets dropped by TX.

       statistics : collisions: optional integer
              Number of collisions.

       statistics : tx_errors: optional integer
              Total  number  of  transmit errors, greater than or equal to the
              sum of the above.

     Ingress Policing:
       These settings control ingress policing for packets  received  on  this
       interface.   On  a  physical  interface,  this limits the rate at which
       traffic is allowed into the system  from  the  outside;  on  a  virtual
       interface (one connected to a virtual machine), this limits the rate at
       which the VM is able to transmit.

       Policing is a simple  form  of  quality-of-service  that  simply  drops
       packets  received  in  excess  of  the  configured  rate.   Due  to its
       simplicity, policing is usually less accurate and less  effective  than
       egress QoS (which is configured using the QoS and Queue tables).

       Policing   is   currently   implemented   only  on  Linux.   The  Linux
       implementation uses a simple ``token bucket'' approach:

              o      The    size    of    the    bucket     corresponds     to
                     ingress_policing_burst.  Initially the bucket is full.

              o      Whenever  a  packet  is  received, its size (converted to
                     tokens) is compared to the number of tokens currently  in
                     the  bucket.   If  the  required  number  of  tokens  are
                     available, they are removed and the packet is  forwarded.
                     Otherwise, the packet is dropped.

              o      Whenever  it  is  not  full,  the bucket is refilled with
                     tokens at the rate specified by ingress_policing_rate.

       Policing interacts badly with some network  protocols,  and  especially
       with  fragmented  IP  packets.   Suppose  that  there is enough network
       activity to keep the bucket nearly empty all the time.  Then this token
       bucket  algorithm will forward a single packet every so often, with the
       period depending on packet size and on the configured rate.  All of the
       fragments  of an IP packets are normally transmitted back-to-back, as a
       group.  In such a situation, therefore, only  one  of  these  fragments
       will  be  forwarded  and the rest will be dropped.  IP does not provide
       any way for the intended  recipient  to  ask  for  only  the  remaining
       fragments.   In such a case there are two likely possibilities for what
       will happen next: either  all  of  the  fragments  will  eventually  be
       retransmitted  (as  TCP  will  do), in which case the same problem will
       recur, or the sender will not realize that its packet has been  dropped
       and  data  will  simply  be lost (as some UDP-based protocols will do).
       Either way, it is possible that no forward progress will ever occur.

       ingress_policing_rate: integer, at least 0
              Maximum rate for data received on this interface, in kbps.  Data
              received  faster  than  this  rate  is  dropped.   Set to 0 (the
              default) to disable policing.

       ingress_policing_burst: integer, at least 0
              Maximum burst size for data received on this interface,  in  kb.
              The  default  burst size if set to 0 is 1000 kb.  This value has
              no effect if ingress_policing_rate is 0.

              Specifying a larger  burst  size  lets  the  algorithm  be  more
              forgiving,  which is important for protocols like TCP that react
              severely to dropped packets.  The burst size should be at  least
              the  size  of  the  interface's MTU.  Specifying a value that is
              numerically at least as large as  10%  of  ingress_policing_rate
              helps TCP come closer to achieving the full rate.

     Connectivity Fault Management:
       802.1ag   Connectivity   Fault  Management  (CFM)  allows  a  group  of
       Maintenance Points (MPs)  called  a  Maintenance  Association  (MA)  to
       detect  connectivity  problems with each other.  MPs within a MA should
       have complete and exclusive interconnectivity.   This  is  verified  by
       occasionally   broadcasting  Continuity  Check  Messages  (CCMs)  at  a
       configurable transmission interval.

       According to the 802.1ag specification, each Maintenance  Point  should
       be  configured  out-of-band with a list of Remote Maintenance Points it
       should  have  connectivity  to.   Open   vSwitch   differs   from   the
       specification  in  this area.  It simply assumes the link is faulted if
       no Remote Maintenance  Points  are  reachable,  and  considers  it  not
       faulted otherwise.

       cfm_mpid: optional integer
              A  Maintenance Point ID (MPID) uniquely identifies each endpoint
              within a Maintenance Association.  The MPID is used to  identify
              this  endpoint  to other Maintenance Points in the MA.  Each end
              of a link being monitored should have a different MPID.  Must be
              configured to enable CFM on this Interface.

       cfm_fault: optional boolean
              Indicates  a  connectivity  fault  triggered  by an inability to
              receive heartbeats from any remote endpoint.  When  a  fault  is
              triggered  on  Interfaces  participating  in bonds, they will be
              disabled.

              Faults can be triggered for several reasons.   Most  importantly
              they are triggered when no CCMs are received for a period of 3.5
              times the transmission interval. Faults are also triggered  when
              any  CCMs  indicate  that  a  Remote  Maintenance  Point  is not
              receiving CCMs but able to  send  them.   Finally,  a  fault  is
              triggered  if  a  CCM  is  received  which  indicates unexpected
              configuration.  Notably, this case arises when a CCM is received
              which advertises the local MPID.

       cfm_remote_mpids: set of integers
              When  CFM is properly configured, Open vSwitch will occasionally
              receive CCM broadcasts.  These broadcasts contain  the  MPID  of
              the  sending  Maintenance  Point.   The list of MPIDs from which
              this  Interface  is  receiving  broadcasts  from  is   regularly
              collected and written to this column.

       other_config : cfm_interval: optional string, containing an integer
              The  interval,  in  milliseconds,  between  transmissions of CFM
              heartbeats.   Three  missed  heartbeat  receptions  indicate   a
              connectivity fault.  Defaults to 1000.

       other_config : cfm_extended: optional string, either true or false
              When true, the CFM module operates in extended mode. This causes
              it to use a nonstandard destination address to avoid conflicting
              with compliant implementations which may be running concurrently
              on  the  network.  Furthermore,  extended  mode  increases   the
              accuracy of the cfm_interval configuration parameter by breaking
              wire  compatibility  with  802.1ag  compliant   implementations.
              Defaults to false.

       other_config : cfm_opstate: optional string, either down or up
              When  down,  the  CFM  module  marks  all  CCMs  it generates as
              operationally down without  triggering  a  fault.   This  allows
              remote  maintenance  points  to choose not to forward traffic to
              the Interface on which this CFM module is  running.   Currently,
              in  Open  vSwitch,  the  opdown  bit  of CCMs affects Interfaces
              participating in bonds, and the  bundle  OpenFlow  action.  This
              setting  is  ignored when CFM is not in extended mode.  Defaults
              to up.

       other_config : cfm_ccm_vlan: optional string, containing an integer, in
       range 1 to 4,095
              When  set,  the  CFM module will apply a VLAN tag to all CCMs it
              generates with the given value.

     Bonding Configuration:

       other_config : bond-stable-id: optional string, containing an  integer,
       at least 1
              Used  in  stable  bond  mode  to make slave selection decisions.
              Allocating   other_config:bond-stable-id   values   consistently
              across   interfaces  participating  in  a  bond  will  guarantee
              consistent  slave  selection   decisions   across   ovs-vswitchd
              instances when using stable bonding mode.

       other_config : lacp-port-id: optional string, containing an integer, in
       range 1 to 65,535
              The LACP port ID of this Interface.  Port IDs are used  in  LACP
              negotiations  to  identify  individual  ports participating in a
              bond.

       other_config  :  lacp-port-priority:  optional  string,  containing  an
       integer, in range 1 to 65,535
              The  LACP port priority of this Interface.  In LACP negotiations
              Interfaces with numerically lower priorities are  preferred  for
              aggregation.

       other_config  :  lacp-aggregation-key:  optional  string, containing an
       integer, in range 1 to 65,535
              The LACP aggregation key of  this  Interface.   Interfaces  with
              different aggregation keys may not be active within a given Port
              at the same time.

     Virtual Machine Identifiers:
       These  key-value  pairs  specifically  apply  to  an   interface   that
       represents a virtual Ethernet interface connected to a virtual machine.
       These key-value  pairs  should  not  be  present  for  other  types  of
       interfaces.   Keys  whose  names end in -uuid have values that uniquely
       identify the entity in question.  For a  Citrix  XenServer  hypervisor,
       these  values  are UUIDs in RFC 4122 format.  Other hypervisors may use
       other formats.

       external_ids : attached-mac: optional string
              The MAC address programmed into  the  ``virtual  hardware''  for
              this  interface,  in  the  form  xx:xx:xx:xx:xx:xx.   For Citrix
              XenServer, this is the value of the MAC field in the VIF  record
              for this interface.

       external_ids : iface-id: optional string
              A  system-unique  identifier  for  the interface.  On XenServer,
              this will commonly be the same as external_ids:xs-vif-uuid.

       external_ids : xs-vif-uuid: optional string
              The virtual interface associated with this interface.

       external_ids : xs-network-uuid: optional string
              The virtual network to which this interface is attached.

       external_ids : xs-vm-uuid: optional string
              The VM to which this interface belongs.

     VLAN Splinters:
       The ``VLAN splinters'' feature  increases  Open  vSwitch  compatibility
       with  buggy  network  drivers  in  old  versions  of  Linux that do not
       properly support VLANs when VLAN devices are not used, at some cost  in
       memory and performance.

       When VLAN splinters are enabled on a particular interface, Open vSwitch
       creates a VLAN device for each in-use VLAN.  For sending traffic tagged
       with  a VLAN on the interface, it substitutes the VLAN device.  Traffic
       received on the VLAN device is treated as if it had  been  received  on
       the interface on the particular VLAN.

       VLAN splinters consider a VLAN to be in use if:

              o      The VLAN is the tag value in any Port record.

              o      The  VLAN  is listed within the trunks column of the Port
                     record of  an  interface  on  which  VLAN  splinters  are
                     enabled.   An  empty trunks does not influence the in-use
                     VLANs: creating 4,096 VLAN devices is impractical because
                     it will exceed the current 1,024 port per datapath limit.

              o      An OpenFlow flow within any bridge matches the VLAN.

       The  same  set of in-use VLANs applies to every interface on which VLAN
       splinters are enabled.  That is, the set is not chosen  separately  for
       each interface but selected once as the union of all in-use VLANs based
       on the rules above.

       It does not make sense to enable VLAN splinters on an interface for  an
       access port, or on an interface that is not a physical port.

       VLAN  splinters  are  deprecated.   When  broken  device drivers are no
       longer in widespread use, we will delete this feature.

       other_config : enable-vlan-splinters: optional string, either  true  or
       false
              Set  to  true  to  enable  VLAN  splinters  on  this  interface.
              Defaults to false.

              VLAN splinters increase kernel and userspace memory overhead, so
              do not use them unless they are needed.

     Common Columns:
       The  overall purpose of these columns is described under Common Columns
       at the beginning of this document.

       other_config: map of string-string pairs

       external_ids: map of string-string pairs

QoS TABLE

       Quality of Service (QoS) configuration for each  Port  that  references
       it.

   Summary:
       type                          string
       queues                        map  of integer-Queue pairs, key in range
                                     0 to 4,294,967,295
       Configuration for linux-htb and linux-hfsc:
         other_config : max-rate     optional string, containing an integer
       Common Columns:
         other_config                map of string-string pairs
         external_ids                map of string-string pairs

   Details:
       type: string
              The type of QoS to implement.  The capabilities  column  in  the
              Open_vSwitch  table  identifies the types that a switch actually
              supports.  The currently defined types are listed below:

              linux-htb
                     Linux ``hierarchy token  bucket''  classifier.   See  tc-
                     htb(8)  (also  at  http://linux.die.net/man/8/tc-htb) and
                     the                      HTB                       manual
                     (http://luxik.cdi.cz/~devik/qos/htb/manual/userg.htm) for
                     information on how  this  classifier  works  and  how  to
                     configure it.

              linux-hfsc
                     Linux  "Hierarchical Fair Service Curve" classifier.  See
                     http://linux-ip.net/articles/hfsc.en/ for information  on
                     how this classifier works.

       queues: map of integer-Queue pairs, key in range 0 to 4,294,967,295
              A  map from queue numbers to Queue records.  The supported range
              of queue numbers depend on type.  The queue numbers are the same
              as  the  queue_id  used in OpenFlow in struct ofp_action_enqueue
              and other structures.   Queue  0  is  used  by  OpenFlow  output
              actions that do not specify a specific queue.

     Configuration for linux-htb and linux-hfsc:
       The  linux-htb  and  linux-hfsc classes support the following key-value
       pair:

       other_config : max-rate: optional string, containing an integer
              Maximum rate shared by all queued traffic, in bit/s.   Optional.
              If  not  specified,  for physical interfaces, the default is the
              link rate.  For other interfaces or if the link rate  cannot  be
              determined, the default is currently 100 Mbps.

     Common Columns:
       The  overall purpose of these columns is described under Common Columns
       at the beginning of this document.

       other_config: map of string-string pairs

       external_ids: map of string-string pairs

Queue TABLE

       A configuration for a port output queue, used in configuring Quality of
       Service  (QoS)  features.   May  be  referenced by queues column in QoS
       table.

   Summary:
       dscp                          optional integer, in range 0 to 63
       Configuration for min-rate QoS:
         other_config : min-rate     optional string, containing  an  integer,
                                     at least 12,000
       Configuration for linux-htb QoS:
         other_config : min-rate     optional  string,  containing an integer,
                                     at least 1
         other_config : max-rate     optional string, containing  an  integer,
                                     at least 1
         other_config : burst        optional  string,  containing an integer,
                                     at least 1
         other_config : priority     optional string, containing  an  integer,
                                     in range 0 to 4,294,967,295
       Configuration for linux-hfsc QoS:
         other_config : min-rate     optional  string,  containing an integer,
                                     at least 1
         other_config : max-rate     optional string, containing  an  integer,
                                     at least 1
       Common Columns:
         other_config                map of string-string pairs
         external_ids                map of string-string pairs

   Details:
       dscp: optional integer, in range 0 to 63
              If  set, Open vSwitch will mark all traffic egressing this Queue
              with the given DSCP bits.  Traffic egressing the  default  Queue
              is only marked if it was explicitly selected as the Queue at the
              time the packet was output.  If unset, the DSCP bits of  traffic
              egressing this Queue will remain unchanged.

     Configuration for min-rate QoS:
       These key-value pairs are defined for QoS type of min-rate.

       other_config  :  min-rate:  optional  string, containing an integer, at
       least 12,000
              Minimum guaranteed bandwidth, in bit/s.   Required.   The  floor
              value is 1500 bytes/s (12,000 bit/s).

     Configuration for linux-htb QoS:
       These key-value pairs are defined for QoS type of linux-htb.

       other_config  :  min-rate:  optional  string, containing an integer, at
       least 1
              Minimum guaranteed bandwidth, in bit/s.

       other_config : max-rate: optional string,  containing  an  integer,  at
       least 1
              Maximum  allowed  bandwidth, in bit/s.  Optional.  If specified,
              the queue's rate will not be allowed  to  exceed  the  specified
              value,  even  if excess bandwidth is available.  If unspecified,
              defaults to no limit.

       other_config : burst: optional string, containing an integer, at  least
       1
              Burst  size, in bits.  This is the maximum amount of ``credits''
              that a  queue  can  accumulate  while  it  is  idle.   Optional.
              Details  of the linux-htb implementation require a minimum burst
              size, so a too-small burst will be silently ignored.

       other_config : priority: optional string,  containing  an  integer,  in
       range 0 to 4,294,967,295
              A  queue  with  a  smaller  priority will receive all the excess
              bandwidth that it can use before a queue  with  a  larger  value
              receives  any.   Specific  priority values are unimportant; only
              relative ordering matters.  Defaults to 0 if unspecified.

     Configuration for linux-hfsc QoS:
       These key-value pairs are defined for QoS type of linux-hfsc.

       other_config : min-rate: optional string,  containing  an  integer,  at
       least 1
              Minimum guaranteed bandwidth, in bit/s.

       other_config  :  max-rate:  optional  string, containing an integer, at
       least 1
              Maximum allowed bandwidth, in bit/s.  Optional.   If  specified,
              the  queue's  rate  will  not be allowed to exceed the specified
              value, even if excess bandwidth is available.   If  unspecified,
              defaults to no limit.

     Common Columns:
       The  overall purpose of these columns is described under Common Columns
       at the beginning of this document.

       other_config: map of string-string pairs

       external_ids: map of string-string pairs

Mirror TABLE

       A port mirror within a Bridge.

       A port mirror configures a bridge to send selected  frames  to  special
       ``mirrored''   ports,   in   addition  to  their  normal  destinations.
       Mirroring traffic may also be referred to as SPAN or  RSPAN,  depending
       on how the mirrored traffic is sent.

   Summary:
       name                          string
       Selecting Packets for Mirroring:
         select_all                  boolean
         select_dst_port             set of weak reference to Ports
         select_src_port             set of weak reference to Ports
         select_vlan                 set  of  up to 4,096 integers, in range 0
                                     to 4,095
       Mirroring Destination Configuration:
         output_port                 optional weak reference to Port
         output_vlan                 optional integer, in range 1 to 4,095
       Statistics: Mirror counters:
         statistics : tx_packets     optional integer
         statistics : tx_bytes       optional integer
       Common Columns:
         external_ids                map of string-string pairs

   Details:
       name: string
              Arbitrary identifier for the Mirror.

     Selecting Packets for Mirroring:
       To be selected for mirroring, a given packet must enter  or  leave  the
       bridge  through  a  selected  port  and  it  must also be in one of the
       selected VLANs.

       select_all: boolean
              If true, every packet arriving  or  departing  on  any  port  is
              selected for mirroring.

       select_dst_port: set of weak reference to Ports
              Ports on which departing packets are selected for mirroring.

       select_src_port: set of weak reference to Ports
              Ports on which arriving packets are selected for mirroring.

       select_vlan: set of up to 4,096 integers, in range 0 to 4,095
              VLANs on which packets are selected for mirroring.  An empty set
              selects packets on all VLANs.

     Mirroring Destination Configuration:
       These columns are mutually exclusive.  Exactly  one  of  them  must  be
       nonempty.

       output_port: optional weak reference to Port
              Output port for selected packets, if nonempty.

              Specifying   a   port  for  mirror  output  reserves  that  port
              exclusively for mirroring.  No frames other than those  selected
              for mirroring via this column will be forwarded to the port, and
              any frames received on the port will be discarded.

              The output port may be  any  kind  of  port  supported  by  Open
              vSwitch.   It  may  be,  for example, a physical port (sometimes
              called SPAN) or a GRE tunnel.

       output_vlan: optional integer, in range 1 to 4,095
              Output VLAN for selected packets, if nonempty.

              The frames will be sent out all ports that trunk output_vlan, as
              well  as  any  ports  with  implicit  VLAN  output_vlan.  When a
              mirrored frame is sent out a trunk port, the  frame's  VLAN  tag
              will  be set to output_vlan, replacing any existing tag; when it
              is sent out an implicit VLAN port, the frame will not be tagged.
              This type of mirroring is sometimes called RSPAN.

              The  following destination MAC addresses will not be mirrored to
              a VLAN to avoid confusing switches that interpret the  protocols
              that they represent:

              01:80:c2:00:00:00
                     IEEE 802.1D Spanning Tree Protocol (STP).

              01:80:c2:00:00:01
                     IEEE Pause frame.

              01:80:c2:00:00:0x
                     Other reserved protocols.

              01:00:0c:cc:cc:cc
                     Cisco  Discovery  Protocol  (CDP), VLAN Trunking Protocol
                     (VTP), Dynamic Trunking Protocol (DTP), Port  Aggregation
                     Protocol (PAgP), and others.

              01:00:0c:cc:cc:cd
                     Cisco Shared Spanning Tree Protocol PVSTP+.

              01:00:0c:cd:cd:cd
                     Cisco STP Uplink Fast.

              01:00:0c:00:00:00
                     Cisco Inter Switch Link.

              Please  note:  Mirroring  to  a  VLAN can disrupt a network that
              contains unmanaged switches.   Consider  an  unmanaged  physical
              switch  with  two  ports:  port 1, connected to an end host, and
              port 2, connected  to  an  Open  vSwitch  configured  to  mirror
              received  packets into VLAN 123 on port 2.  Suppose that the end
              host sends a packet on port 1 that the physical switch  forwards
              to  port  2.   The  Open  vSwitch  forwards  this  packet to its
              destination and then reflects it back on port  2  in  VLAN  123.
              This  reflected  packet  causes the unmanaged physical switch to
              replace the MAC learning table entry, which correctly pointed to
              port  1, with one that incorrectly points to port 2.  Afterward,
              the physical switch will direct packets  destined  for  the  end
              host  to  the Open vSwitch on port 2, instead of to the end host
              on port 1, disrupting connectivity.  If mirroring to a  VLAN  is
              desired  in  this  scenario,  then  the  physical switch must be
              replaced by one that learns Ethernet  addresses  on  a  per-VLAN
              basis.   In  addition,  learning  should be disabled on the VLAN
              containing  mirrored  traffic.  If  this  is   not   done   then
              intermediate  switches  will  learn  the MAC address of each end
              host from the mirrored traffic.  If packets being sent  to  that
              end  host are also mirrored, then they will be dropped since the
              switch will attempt to send them out the input  port.  Disabling
              learning  for  the  VLAN will cause the switch to correctly send
              the packet out all ports configured  for  that  VLAN.   If  Open
              vSwitch is being used as an intermediate switch, learning can be
              disabled by adding the  mirrored  VLAN  to  flood_vlans  in  the
              appropriate Bridge table or tables.

              Mirroring  to a GRE tunnel has fewer caveats than mirroring to a
              VLAN and should generally be preferred.

     Statistics: Mirror counters:
       Key-value pairs that report mirror statistics.

       statistics : tx_packets: optional integer
              Number of packets transmitted through this mirror.

       statistics : tx_bytes: optional integer
              Number of bytes transmitted through this mirror.

     Common Columns:
       The overall purpose of these columns is described under Common  Columns
       at the beginning of this document.

       external_ids: map of string-string pairs

Controller TABLE

       An OpenFlow controller.

       Open vSwitch supports two kinds of OpenFlow controllers:

              Primary controllers
                     This is the kind of controller envisioned by the OpenFlow
                     1.0  specification.   Usually,   a   primary   controller
                     implements  a  network  policy  by  taking  charge of the
                     switch's flow table.

                     Open   vSwitch   initiates   and   maintains   persistent
                     connections   to   primary   controllers,   retrying  the
                     connection each time it fails or  drops.   The  fail_mode
                     column   in   the   Bridge   table   applies  to  primary
                     controllers.

                     Open vSwitch permits a  bridge  to  have  any  number  of
                     primary   controllers.   When  multiple  controllers  are
                     configured,  Open  vSwitch  connects  to  all   of   them
                     simultaneously.   Because  OpenFlow  1.0 does not specify
                     how multiple controllers coordinate in interacting with a
                     single switch, more than one primary controller should be
                     specified only if the controllers are themselves designed
                     to  coordinate  with  each  other.   (The  Nicira-defined
                     NXT_ROLE OpenFlow vendor  extension  may  be  useful  for
                     this.)

              Service controllers
                     These   kinds  of  OpenFlow  controller  connections  are
                     intended for occasional support and maintenance use, e.g.
                     with  ovs-ofctl.   Usually  a service controller connects
                     only briefly to inspect or  modify  some  of  a  switch's
                     state.

                     Open   vSwitch  listens  for  incoming  connections  from
                     service controllers.  The  service  controllers  initiate
                     and,  if  necessary,  maintain the connections from their
                     end.  The fail_mode column in the Bridge table  does  not
                     apply to service controllers.

                     Open  vSwitch  supports configuring any number of service
                     controllers.

       The target determines the type of controller.

   Summary:
       Core Features:
         target                      string
         connection_mode             optional  string,   either   in-band   or
                                     out-of-band
       Controller Failure Detection and Handling:
         max_backoff                 optional integer, at least 1,000
         inactivity_probe            optional integer
       OpenFlow Rate Limiting:
         controller_rate_limit       optional integer, at least 100
         controller_burst_limit      optional integer, at least 25
       Additional In-Band Configuration:
         local_ip                    optional string
         local_netmask               optional string
         local_gateway               optional string
       Controller Status:
         is_connected                boolean
         role                        optional  string, one of slave, other, or
                                     master
         status : last_error         optional string
         status : state              optional string,  one  of  ACTIVE,  VOID,
                                     CONNECTING, IDLE, or BACKOFF
         status : sec_since_connect  optional  string,  containing an integer,
                                     at least 0
         status : sec_since_disconnect
                                     optional string, containing  an  integer,
                                     at least 1
       Common Columns:
         external_ids                map of string-string pairs

   Details:
     Core Features:

       target: string
              Connection method for controller.

              The  following  connection  methods  are currently supported for
              primary controllers:

              ssl:ip[:port]
                     The specified SSL port (default: 6633) on the host at the
                     given ip, which must be expressed as an IP address (not a
                     DNS name).  The ssl column in the Open_vSwitch table must
                     point  to  a  valid  SSL  configuration when this form is
                     used.

                     SSL support is an optional feature  that  is  not  always
                     built as part of Open vSwitch.

              tcp:ip[:port]
                     The specified TCP port (default: 6633) on the host at the
                     given ip, which must be expressed as an IP address (not a
                     DNS name).

              The  following  connection  methods  are currently supported for
              service controllers:

              pssl:[port][:ip]
                     Listens for SSL connections on  the  specified  TCP  port
                     (default: 6633).  If ip, which must be expressed as an IP
                     address (not a DNS name), is specified, then  connections
                     are restricted to the specified local IP address.

                     The  ssl column in the Open_vSwitch table must point to a
                     valid SSL configuration when this form is used.

                     SSL support is an optional feature  that  is  not  always
                     built as part of Open vSwitch.

              ptcp:[port][:ip]
                     Listens   for  connections  on  the  specified  TCP  port
                     (default: 6633).  If ip, which must be expressed as an IP
                     address  (not a DNS name), is specified, then connections
                     are restricted to the specified local IP address.

              When multiple controllers are configured for  a  single  bridge,
              the target values must be unique.  Duplicate target values yield
              unspecified results.

       connection_mode: optional string, either in-band or out-of-band
              If it is specified, this setting must be one  of  the  following
              strings  that  describes how Open vSwitch contacts this OpenFlow
              controller over the network:

              in-band
                     In this mode, this controller's OpenFlow traffic  travels
                     over  the  bridge  associated  with the controller.  With
                     this setting, Open vSwitch allows traffic to and from the
                     controller  regardless  of  the  contents of the OpenFlow
                     flow table.  (Otherwise, Open vSwitch would never be able
                     to  connect  to the controller, because it did not have a
                     flow to enable it.)  This is the most  common  connection
                     mode   because  it  is  not  necessary  to  maintain  two
                     independent networks.

              out-of-band
                     In this mode, OpenFlow traffic  uses  a  control  network
                     separate from the bridge associated with this controller,
                     that is, the bridge does not use any of its  own  network
                     devices  to communicate with the controller.  The control
                     network must be configured separately,  before  or  after
                     ovs-vswitchd is started.

              If not specified, the default is implementation-specific.

     Controller Failure Detection and Handling:

       max_backoff: optional integer, at least 1,000
              Maximum  number  of  milliseconds  to  wait  between  connection
              attempts.  Default is implementation-specific.

       inactivity_probe: optional integer
              Maximum number of milliseconds of idle  time  on  connection  to
              controller  before sending an inactivity probe message.  If Open
              vSwitch  does  not  communicate  with  the  controller  for  the
              specified  number  of  seconds,  it  will  send  a  probe.  If a
              response is not received for the same additional amount of time,
              Open vSwitch assumes the connection has been broken and attempts
              to reconnect.  Default is implementation-specific.  A value of 0
              disables inactivity probes.

     OpenFlow Rate Limiting:

       controller_rate_limit: optional integer, at least 100
              The  maximum  rate  at  which  packets  in unknown flows will be
              forwarded to the OpenFlow controller,  in  packets  per  second.
              This  feature  prevents  a  single  bridge from overwhelming the
              controller.  If not specified, the  default  is  implementation-
              specific.

              In  addition,  when  a  high  rate  triggers rate-limiting, Open
              vSwitch queues controller packets for each  port  and  transmits
              them  to  the  controller at the configured rate.  The number of
              queued packets is limited by the  controller_burst_limit  value.
              The packet queue is shared fairly among the ports on a bridge.

              Open vSwitch maintains two such packet rate-limiters per bridge.
              One of these applies  to  packets  sent  up  to  the  controller
              because  they  do not correspond to any flow.  The other applies
              to packets sent up to the controller  by  request  through  flow
              actions.  When  both  rate-limiters are filled with packets, the
              actual rate that packets are sent to the  controller  is  up  to
              twice the specified rate.

       controller_burst_limit: optional integer, at least 25
              In conjunction with controller_rate_limit, the maximum number of
              unused packet credits that the bridge will allow to  accumulate,
              in  packets.   If  not specified, the default is implementation-
              specific.

     Additional In-Band Configuration:
       These  values  are  considered  only  in  in-band  control  mode   (see
       connection_mode).

       When  multiple  controllers  are  configured  on a single bridge, there
       should be only one set of unique values in these columns.  If different
       values  are  set for these columns in different controllers, the effect
       is unspecified.

       local_ip: optional string
              The  IP  address  to  configure  on   the   local   port,   e.g.
              192.168.0.123.   If  this value is unset, then local_netmask and
              local_gateway are ignored.

       local_netmask: optional string
              The  IP  netmask  to  configure  on   the   local   port,   e.g.
              255.255.255.0.  If local_ip is set but this value is unset, then
              the default is chosen based on whether the IP address  is  class
              A, B, or C.

       local_gateway: optional string
              The IP address of the gateway to configure on the local port, as
              a string, e.g. 192.168.0.1.  Leave this  column  unset  if  this
              network has no gateway.

     Controller Status:

       is_connected: boolean
              true if currently connected to this controller, false otherwise.

       role: optional string, one of slave, other, or master
              The  level  of  authority  this controller has on the associated
              bridge. Possible values are:

              other  Allows the controller access to all OpenFlow features.

              master Equivalent to other, except that there may be at most one
                     master   controller   at   a  time.   When  a  controller
                     configures itself  as  master,  any  existing  master  is
                     demoted to the slaverole.

              slave  Allows   the  controller  read-only  access  to  OpenFlow
                     features.  Attempts to modify  the  flow  table  will  be
                     rejected with an error.  Slave controllers do not receive
                     OFPT_PACKET_IN or OFPT_FLOW_REMOVED messages, but they do
                     receive OFPT_PORT_STATUS messages.

       status : last_error: optional string
              A human-readable description of the last error on the connection
              to the controller; i.e. strerror(errno).  This  key  will  exist
              only if an error has occurred.

       status : state: optional string, one of ACTIVE, VOID, CONNECTING, IDLE,
       or BACKOFF
              The state of the connection to the controller:

              VOID   Connection is disabled.

              BACKOFF
                     Attempting to reconnect at an increasing period.

              CONNECTING
                     Attempting to connect.

              ACTIVE Connected, remote host responsive.

              IDLE   Connection is idle.  Waiting for response to keep-alive.

              These values may change in the future.  They are  provided  only
              for human consumption.

       status  : sec_since_connect: optional string, containing an integer, at
       least 0
              The amount of  time  since  this  controller  last  successfully
              connected  to  the  switch  (in  seconds).   Value  is  empty if
              controller has never successfully connected.

       status : sec_since_disconnect: optional string, containing an  integer,
       at least 1
              The  amount of time since this controller last disconnected from
              the switch (in seconds). Value is empty if controller has  never
              disconnected.

     Common Columns:
       The  overall purpose of these columns is described under Common Columns
       at the beginning of this document.

       external_ids: map of string-string pairs

Manager TABLE

       Configuration for a database connection to  an  Open  vSwitch  database
       (OVSDB) client.

       This   table   primarily   configures   the   Open   vSwitch   database
       (ovsdb-server), not the Open vSwitch switch (ovs-vswitchd).  The switch
       does  read the table to determine what connections should be treated as
       in-band.

       The Open vSwitch database  server  can  initiate  and  maintain  active
       connections  to  remote  clients.   It  can  also  listen  for database
       connections.

   Summary:
       Core Features:
         target                      string (must be unique within table)
         connection_mode             optional  string,   either   in-band   or
                                     out-of-band
       Client Failure Detection and Handling:
         max_backoff                 optional integer, at least 1,000
         inactivity_probe            optional integer
       Status:
         is_connected                boolean
         status : last_error         optional string
         status : state              optional  string,  one  of  ACTIVE, VOID,
                                     CONNECTING, IDLE, or BACKOFF
         status : sec_since_connect  optional string, containing  an  integer,
                                     at least 0
         status : sec_since_disconnect
                                     optional  string,  containing an integer,
                                     at least 0
         status : locks_held         optional string
         status : locks_waiting      optional string
         status : locks_lost         optional string
         status : n_connections      optional string, containing  an  integer,
                                     at least 2
       Common Columns:
         external_ids                map of string-string pairs

   Details:
     Core Features:

       target: string (must be unique within table)
              Connection method for managers.

              The following connection methods are currently supported:

              ssl:ip[:port]
                     The specified SSL port (default: 6632) on the host at the
                     given ip, which must be expressed as an IP address (not a
                     DNS name).  The ssl column in the Open_vSwitch table must
                     point to a valid SSL  configuration  when  this  form  is
                     used.

                     SSL  support  is  an  optional feature that is not always
                     built as part of Open vSwitch.

              tcp:ip[:port]
                     The specified TCP port (default: 6632) on the host at the
                     given ip, which must be expressed as an IP address (not a
                     DNS name).

              pssl:[port][:ip]
                     Listens for SSL connections on  the  specified  TCP  port
                     (default: 6632).  If ip, which must be expressed as an IP
                     address (not a DNS name), is specified, then  connections
                     are restricted to the specified local IP address.

                     The  ssl column in the Open_vSwitch table must point to a
                     valid SSL configuration when this form is used.

                     SSL support is an optional feature  that  is  not  always
                     built as part of Open vSwitch.

              ptcp:[port][:ip]
                     Listens   for  connections  on  the  specified  TCP  port
                     (default: 6632).  If ip, which must be expressed as an IP
                     address  (not a DNS name), is specified, then connections
                     are restricted to the specified local IP address.

              When multiple managers are configured, the target values must be
              unique.  Duplicate target values yield unspecified results.

       connection_mode: optional string, either in-band or out-of-band
              If  it  is  specified, this setting must be one of the following
              strings that describes how  Open  vSwitch  contacts  this  OVSDB
              client over the network:

              in-band
                     In  this  mode,  this connection's traffic travels over a
                     bridge managed by Open vSwitch.  With this setting,  Open
                     vSwitch  allows traffic to and from the client regardless
                     of the contents of the OpenFlow flow table.   (Otherwise,
                     Open  vSwitch  would  never  be  able  to  connect to the
                     client, because it did not have a  flow  to  enable  it.)
                     This is the most common connection mode because it is not
                     necessary to maintain two independent networks.

              out-of-band
                     In this mode, the client's traffic uses a control network
                     separate from that managed by Open vSwitch, that is, Open
                     vSwitch does not use any of its own  network  devices  to
                     communicate with the client.  The control network must be
                     configured separately, before or  after  ovs-vswitchd  is
                     started.

              If not specified, the default is implementation-specific.

     Client Failure Detection and Handling:

       max_backoff: optional integer, at least 1,000
              Maximum  number  of  milliseconds  to  wait  between  connection
              attempts.  Default is implementation-specific.

       inactivity_probe: optional integer
              Maximum number of milliseconds of idle time on connection to the
              client  before  sending  an  inactivity  probe message.  If Open
              vSwitch does not communicate with the client for  the  specified
              number  of  seconds, it will send a probe.  If a response is not
              received for the same additional amount of  time,  Open  vSwitch
              assumes   the   connection  has  been  broken  and  attempts  to
              reconnect.  Default is implementation-specific.  A  value  of  0
              disables inactivity probes.

     Status:

       is_connected: boolean
              true if currently connected to this manager, false otherwise.

       status : last_error: optional string
              A human-readable description of the last error on the connection
              to the manager; i.e. strerror(errno).  This key will exist  only
              if an error has occurred.

       status : state: optional string, one of ACTIVE, VOID, CONNECTING, IDLE,
       or BACKOFF
              The state of the connection to the manager:

              VOID   Connection is disabled.

              BACKOFF
                     Attempting to reconnect at an increasing period.

              CONNECTING
                     Attempting to connect.

              ACTIVE Connected, remote host responsive.

              IDLE   Connection is idle.  Waiting for response to keep-alive.

              These values may change in the future.  They are  provided  only
              for human consumption.

       status  : sec_since_connect: optional string, containing an integer, at
       least 0
              The  amount  of  time  since  this  manager  last   successfully
              connected  to  the  database  (in  seconds).  Value  is empty if
              manager has never successfully connected.

       status : sec_since_disconnect: optional string, containing an  integer,
       at least 0
              The amount of time since this manager last disconnected from the
              database (in seconds). Value  is  empty  if  manager  has  never
              disconnected.

       status : locks_held: optional string
              Space-separated  list  of  the  names  of  OVSDB  locks that the
              connection holds.  Omitted if the connection does not  hold  any
              locks.

       status : locks_waiting: optional string
              Space-separated  list  of  the  names  of  OVSDB  locks that the
              connection is currently waiting  to  acquire.   Omitted  if  the
              connection is not waiting for any locks.

       status : locks_lost: optional string
              Space-separated  list  of  the  names  of  OVSDB  locks that the
              connection has had stolen by another OVSDB client.   Omitted  if
              no locks have been stolen from this connection.

       status  :  n_connections:  optional  string,  containing an integer, at
       least 2
              When target specifies  a  connection  method  that  listens  for
              inbound  connections  (e.g.  ptcp:  or  pssl:) and more than one
              connection is actually active, the value is the number of active
              connections.  Otherwise, this key-value pair is omitted.

              When  multiple  connections  are active, status columns and key-
              value pairs (other than this  one)  report  the  status  of  one
              arbitrarily chosen connection.

     Common Columns:
       The  overall purpose of these columns is described under Common Columns
       at the beginning of this document.

       external_ids: map of string-string pairs

NetFlow TABLE

       A NetFlow target.  NetFlow is a  protocol  that  exports  a  number  of
       details about terminating IP flows, such as the principals involved and
       duration.

   Summary:
       targets                       set of 1 or more strings
       engine_id                     optional integer, in range 0 to 255
       engine_type                   optional integer, in range 0 to 255
       active_timeout                integer, at least -1
       add_id_to_interface           boolean
       Common Columns:
         external_ids                map of string-string pairs

   Details:
       targets: set of 1 or more strings
              NetFlow targets in the form ip:port.  The ip must  be  specified
              numerically, not as a DNS name.

       engine_id: optional integer, in range 0 to 255
              Engine  ID  to  use  in  NetFlow messages.  Defaults to datapath
              index if not specified.

       engine_type: optional integer, in range 0 to 255
              Engine type to use in NetFlow messages.   Defaults  to  datapath
              index if not specified.

       active_timeout: integer, at least -1
              The  interval  at  which NetFlow records are sent for flows that
              are still active, in seconds.  A value of 0 requests the default
              timeout  (currently  600 seconds); a value of -1 disables active
              timeouts.

       add_id_to_interface: boolean
              If  this  column's  value  is  false,  the  ingress  and  egress
              interface  fields  of  NetFlow  flow  records  are  derived from
              OpenFlow port numbers.  When it is true, the 7 most  significant
              bits of these fields will be replaced by the least significant 7
              bits of the engine id.  This  is  useful  because  many  NetFlow
              collectors  do  not  expect  multiple  switches  to  be  sending
              messages from the same host, so they do  not  store  the  engine
              information which could be used to disambiguate the traffic.

              When  this  option  is  enabled,  a  maximum  of  508  ports are
              supported.

     Common Columns:
       The overall purpose of these columns is described under Common  Columns
       at the beginning of this document.

       external_ids: map of string-string pairs

SSL TABLE

       SSL configuration for an Open_vSwitch.

   Summary:
       private_key                   string
       certificate                   string
       ca_cert                       string
       bootstrap_ca_cert             boolean
       Common Columns:
         external_ids                map of string-string pairs

   Details:
       private_key: string
              Name  of  a  PEM  file  containing  the  private key used as the
              switch's identity for SSL connections to the controller.

       certificate: string
              Name of a PEM file  containing  a  certificate,  signed  by  the
              certificate  authority  (CA) used by the controller and manager,
              that  certifies  the  switch's  private   key,   identifying   a
              trustworthy switch.

       ca_cert: string
              Name  of a PEM file containing the CA certificate used to verify
              that the switch is connected to a trustworthy controller.

       bootstrap_ca_cert: boolean
              If set to true, then Open vSwitch will attempt to obtain the  CA
              certificate  from the controller on its first SSL connection and
              save it to the named PEM file. If  it  is  successful,  it  will
              immediately  drop the connection and reconnect, and from then on
              all SSL connections  must  be  authenticated  by  a  certificate
              signed by the CA certificate thus obtained.  This option exposes
              the SSL connection to a man-in-the-middle attack  obtaining  the
              initial   CA   certificate.    It   may   still  be  useful  for
              bootstrapping.

     Common Columns:
       The overall purpose of these columns is described under Common  Columns
       at the beginning of this document.

       external_ids: map of string-string pairs

sFlow TABLE

       An  sFlow(R)  target.   sFlow  is  a  protocol for remote monitoring of
       switches.

   Summary:
       agent                         optional string
       header                        optional integer
       polling                       optional integer
       sampling                      optional integer
       targets                       set of 1 or more strings
       Common Columns:
         external_ids                map of string-string pairs

   Details:
       agent: optional string
              Name of the network device whose IP address should  be  reported
              as  the  ``agent address'' to collectors.  If not specified, the
              IP  address  defaults  to  the  local_ip  in   the   collector's
              Controller.   If an agent IP address cannot be determined either
              way, sFlow is disabled.

       header: optional integer
              Number of bytes of a sampled packet to send  to  the  collector.
              If not specified, the default is 128 bytes.

       polling: optional integer
              Polling   rate  in  seconds  to  send  port  statistics  to  the
              collector.  If not specified, defaults to 30 seconds.

       sampling: optional integer
              Rate at  which  packets  should  be  sampled  and  sent  to  the
              collector.   If  not specified, defaults to 400, which means one
              out of 400 packets, on average, will be sent to the collector.

       targets: set of 1 or more strings
              sFlow targets in the form ip:port.

     Common Columns:
       The overall purpose of these columns is described under Common  Columns
       at the beginning of this document.

       external_ids: map of string-string pairs

Capability TABLE

       Records  in this table describe functionality supported by the hardware
       and software platform on which this Open  vSwitch  is  based.   Clients
       should not modify this table.

       A  record  in  this table is meaningful only if it is referenced by the
       capabilities column  in  the  Open_vSwitch  table.   The  key  used  to
       reference it, called the record's ``category,'' determines the meanings
       of the details column.  The following general forms of  categories  are
       currently defined:

              qos-type
                     type is supported as the value for type in the QoS table.

   Summary:
       details                       map of string-string pairs

   Details:
       details: map of string-string pairs
              Key-value  pairs that describe capabilities.  The meaning of the
              pairs depends on the category key that the  capabilities  column
              in  the  Open_vSwitch  table  uses  to reference this record, as
              described above.

              The presence of a record for category  qos-type  indicates  that
              the  switch supports type as the value of the type column in the
              QoS table.  The following key-value pairs are defined to further
              describe QoS capabilities:

              n-queues
                     Number  of supported queues, as a positive integer.  Keys
                     in the queues column for QoS  records  whose  type  value
                     equals  type  must  range  between 0 and this value minus
                     one, inclusive.