[ovs-discuss] Secure mode
Aaron Rosen
arosen at clemson.edu
Thu Aug 9 14:48:09 UTC 2012
man 5 ovs-vswitchd.conf.db
fail_mode: optional string, either secure or standalone
When a controller is configured, it is, ordinarily,
responsible
for setting up all flows on the switch. Thus, if the
connection
to the controller fails, no new network connections can be
set
up. If the connection to the controller stays down long
enough,
no packets can pass through the switch at all. This
setting
determines the switch's response to such a situation. It may
be
set to one of the following:
standalone
If no message is received from the controller for
three
times the inactivity probe interval (see
inactiv-
ity_probe), then Open vSwitch will take over
responsibil-
ity for setting up flows. In this mode, Open
vSwitch
causes the bridge to act like an ordinary
MAC-learning
switch. Open vSwitch will continue to retry
connecting
to the controller in the background and, when the
connec-
tion succeeds, it will discontinue its standalone
behav-
ior.
*secure* Open vSwitch will not set up flows on its own when
the
controller connection fails or when no controllers
are
defined. The bridge will continue to retry connecting
to
any defined controllers forever.
If this value is unset, the default is
implementation-specific.
When more than one controller is configured, fail_mode is
con-
sidered only when none of the configured controllers can be
con-
tacted.
Changing fail_mode when no primary controllers are
configured
clears the flow table.
Aaron
On Thu, Aug 9, 2012 at 6:58 AM, <mvpbl_c at iol.pt> wrote:
> **
>
> Hello,
>
> Can someone explain me what "set-fail-mode secure" does exactly. I think
> maybe is related to mac broadcast, but I'm not sure.
>
> Thanks in advanced,
> Regards,
> Marco
>
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20120809/2c6d8e5c/attachment.html>
More information about the discuss
mailing list