| # SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) |
| |
| name: ovs_flow |
| version: 1 |
| protocol: genetlink-legacy |
| uapi-header: linux/openvswitch.h |
| |
| doc: |
| OVS flow configuration over generic netlink. |
| |
| definitions: |
| - |
| name: ovs-header |
| type: struct |
| doc: | |
| Header for OVS Generic Netlink messages. |
| members: |
| - |
| name: dp-ifindex |
| type: u32 |
| doc: | |
| ifindex of local port for datapath (0 to make a request not specific |
| to a datapath). |
| - |
| name: ovs-flow-stats |
| type: struct |
| members: |
| - |
| name: n-packets |
| type: u64 |
| doc: Number of matched packets. |
| - |
| name: n-bytes |
| type: u64 |
| doc: Number of matched bytes. |
| - |
| name: ovs-key-ethernet |
| type: struct |
| members: |
| - |
| name: eth-src |
| type: binary |
| len: 6 |
| display-hint: mac |
| - |
| name: eth-dst |
| type: binary |
| len: 6 |
| display-hint: mac |
| - |
| name: ovs-key-mpls |
| type: struct |
| members: |
| - |
| name: mpls-lse |
| type: u32 |
| byte-order: big-endian |
| - |
| name: ovs-key-ipv4 |
| type: struct |
| members: |
| - |
| name: ipv4-src |
| type: u32 |
| byte-order: big-endian |
| display-hint: ipv4 |
| - |
| name: ipv4-dst |
| type: u32 |
| byte-order: big-endian |
| display-hint: ipv4 |
| - |
| name: ipv4-proto |
| type: u8 |
| - |
| name: ipv4-tos |
| type: u8 |
| - |
| name: ipv4-ttl |
| type: u8 |
| - |
| name: ipv4-frag |
| type: u8 |
| enum: ovs-frag-type |
| - |
| name: ovs-key-ipv6 |
| type: struct |
| members: |
| - |
| name: ipv6-src |
| type: binary |
| len: 16 |
| byte-order: big-endian |
| display-hint: ipv6 |
| - |
| name: ipv6-dst |
| type: binary |
| len: 16 |
| byte-order: big-endian |
| display-hint: ipv6 |
| - |
| name: ipv6-label |
| type: u32 |
| byte-order: big-endian |
| - |
| name: ipv6-proto |
| type: u8 |
| - |
| name: ipv6-tclass |
| type: u8 |
| - |
| name: ipv6-hlimit |
| type: u8 |
| - |
| name: ipv6-frag |
| type: u8 |
| - |
| name: ovs-key-ipv6-exthdrs |
| type: struct |
| members: |
| - |
| name: hdrs |
| type: u16 |
| - |
| name: ovs-frag-type |
| name-prefix: ovs-frag-type- |
| type: enum |
| entries: |
| - |
| name: none |
| doc: Packet is not a fragment. |
| - |
| name: first |
| doc: Packet is a fragment with offset 0. |
| - |
| name: later |
| doc: Packet is a fragment with nonzero offset. |
| - |
| name: any |
| value: 255 |
| - |
| name: ovs-key-tcp |
| type: struct |
| members: |
| - |
| name: tcp-src |
| type: u16 |
| byte-order: big-endian |
| - |
| name: tcp-dst |
| type: u16 |
| byte-order: big-endian |
| - |
| name: ovs-key-udp |
| type: struct |
| members: |
| - |
| name: udp-src |
| type: u16 |
| byte-order: big-endian |
| - |
| name: udp-dst |
| type: u16 |
| byte-order: big-endian |
| - |
| name: ovs-key-sctp |
| type: struct |
| members: |
| - |
| name: sctp-src |
| type: u16 |
| byte-order: big-endian |
| - |
| name: sctp-dst |
| type: u16 |
| byte-order: big-endian |
| - |
| name: ovs-key-icmp |
| type: struct |
| members: |
| - |
| name: icmp-type |
| type: u8 |
| - |
| name: icmp-code |
| type: u8 |
| - |
| name: ovs-key-arp |
| type: struct |
| members: |
| - |
| name: arp-sip |
| type: u32 |
| byte-order: big-endian |
| - |
| name: arp-tip |
| type: u32 |
| byte-order: big-endian |
| - |
| name: arp-op |
| type: u16 |
| byte-order: big-endian |
| - |
| name: arp-sha |
| type: binary |
| len: 6 |
| display-hint: mac |
| - |
| name: arp-tha |
| type: binary |
| len: 6 |
| display-hint: mac |
| - |
| name: ovs-key-nd |
| type: struct |
| members: |
| - |
| name: nd_target |
| type: binary |
| len: 16 |
| byte-order: big-endian |
| - |
| name: nd-sll |
| type: binary |
| len: 6 |
| display-hint: mac |
| - |
| name: nd-tll |
| type: binary |
| len: 6 |
| display-hint: mac |
| - |
| name: ovs-key-ct-tuple-ipv4 |
| type: struct |
| members: |
| - |
| name: ipv4-src |
| type: u32 |
| byte-order: big-endian |
| - |
| name: ipv4-dst |
| type: u32 |
| byte-order: big-endian |
| - |
| name: src-port |
| type: u16 |
| byte-order: big-endian |
| - |
| name: dst-port |
| type: u16 |
| byte-order: big-endian |
| - |
| name: ipv4-proto |
| type: u8 |
| - |
| name: ovs-action-push-vlan |
| type: struct |
| members: |
| - |
| name: vlan_tpid |
| type: u16 |
| byte-order: big-endian |
| doc: Tag protocol identifier (TPID) to push. |
| - |
| name: vlan_tci |
| type: u16 |
| byte-order: big-endian |
| doc: Tag control identifier (TCI) to push. |
| - |
| name: ovs-ufid-flags |
| name-prefix: ovs-ufid-f- |
| type: flags |
| entries: |
| - omit-key |
| - omit-mask |
| - omit-actions |
| - |
| name: ovs-action-hash |
| type: struct |
| members: |
| - |
| name: hash-alg |
| type: u32 |
| doc: Algorithm used to compute hash prior to recirculation. |
| - |
| name: hash-basis |
| type: u32 |
| doc: Basis used for computing hash. |
| - |
| name: ovs-hash-alg |
| type: enum |
| doc: | |
| Data path hash algorithm for computing Datapath hash. The algorithm type only specifies |
| the fields in a flow will be used as part of the hash. Each datapath is free to use its |
| own hash algorithm. The hash value will be opaque to the user space daemon. |
| entries: |
| - ovs-hash-alg-l4 |
| |
| - |
| name: ovs-action-push-mpls |
| type: struct |
| members: |
| - |
| name: mpls-lse |
| type: u32 |
| byte-order: big-endian |
| doc: | |
| MPLS label stack entry to push |
| - |
| name: mpls-ethertype |
| type: u32 |
| byte-order: big-endian |
| doc: | |
| Ethertype to set in the encapsulating ethernet frame. The only values |
| ethertype should ever be given are ETH_P_MPLS_UC and ETH_P_MPLS_MC, |
| indicating MPLS unicast or multicast. Other are rejected. |
| - |
| name: ovs-action-add-mpls |
| type: struct |
| members: |
| - |
| name: mpls-lse |
| type: u32 |
| byte-order: big-endian |
| doc: | |
| MPLS label stack entry to push |
| - |
| name: mpls-ethertype |
| type: u32 |
| byte-order: big-endian |
| doc: | |
| Ethertype to set in the encapsulating ethernet frame. The only values |
| ethertype should ever be given are ETH_P_MPLS_UC and ETH_P_MPLS_MC, |
| indicating MPLS unicast or multicast. Other are rejected. |
| - |
| name: tun-flags |
| type: u16 |
| doc: | |
| MPLS tunnel attributes. |
| - |
| name: ct-state-flags |
| type: flags |
| name-prefix: ovs-cs-f- |
| entries: |
| - |
| name: new |
| doc: Beginning of a new connection. |
| - |
| name: established |
| doc: Part of an existing connenction |
| - |
| name: related |
| doc: Related to an existing connection. |
| - |
| name: reply-dir |
| doc: Flow is in the reply direction. |
| - |
| name: invalid |
| doc: Could not track the connection. |
| - |
| name: tracked |
| doc: Conntrack has occurred. |
| - |
| name: src-nat |
| doc: Packet's source address/port was mangled by NAT. |
| - |
| name: dst-nat |
| doc: Packet's destination address/port was mangled by NAT. |
| |
| attribute-sets: |
| - |
| name: flow-attrs |
| enum-name: ovs-flow-attr |
| name-prefix: ovs-flow-attr- |
| attributes: |
| - |
| name: key |
| type: nest |
| nested-attributes: key-attrs |
| doc: | |
| Nested attributes specifying the flow key. Always present in |
| notifications. Required for all requests (except dumps). |
| - |
| name: actions |
| type: nest |
| nested-attributes: action-attrs |
| doc: | |
| Nested attributes specifying the actions to take for packets that |
| match the key. Always present in notifications. Required for |
| OVS_FLOW_CMD_NEW requests, optional for OVS_FLOW_CMD_SET requests. An |
| OVS_FLOW_CMD_SET without OVS_FLOW_ATTR_ACTIONS will not modify the |
| actions. To clear the actions, an OVS_FLOW_ATTR_ACTIONS without any |
| nested attributes must be given. |
| - |
| name: stats |
| type: binary |
| struct: ovs-flow-stats |
| doc: | |
| Statistics for this flow. Present in notifications if the stats would |
| be nonzero. Ignored in requests. |
| - |
| name: tcp-flags |
| type: u8 |
| doc: | |
| An 8-bit value giving the ORed value of all of the TCP flags seen on |
| packets in this flow. Only present in notifications for TCP flows, and |
| only if it would be nonzero. Ignored in requests. |
| - |
| name: used |
| type: u64 |
| doc: | |
| A 64-bit integer giving the time, in milliseconds on the system |
| monotonic clock, at which a packet was last processed for this |
| flow. Only present in notifications if a packet has been processed for |
| this flow. Ignored in requests. |
| - |
| name: clear |
| type: flag |
| doc: | |
| If present in a OVS_FLOW_CMD_SET request, clears the last-used time, |
| accumulated TCP flags, and statistics for this flow. Otherwise |
| ignored in requests. Never present in notifications. |
| - |
| name: mask |
| type: nest |
| nested-attributes: key-attrs |
| doc: | |
| Nested attributes specifying the mask bits for wildcarded flow |
| match. Mask bit value '1' specifies exact match with corresponding |
| flow key bit, while mask bit value '0' specifies a wildcarded |
| match. Omitting attribute is treated as wildcarding all corresponding |
| fields. Optional for all requests. If not present, all flow key bits |
| are exact match bits. |
| - |
| name: probe |
| type: binary |
| doc: | |
| Flow operation is a feature probe, error logging should be suppressed. |
| - |
| name: ufid |
| type: binary |
| doc: | |
| A value between 1-16 octets specifying a unique identifier for the |
| flow. Causes the flow to be indexed by this value rather than the |
| value of the OVS_FLOW_ATTR_KEY attribute. Optional for all |
| requests. Present in notifications if the flow was created with this |
| attribute. |
| display-hint: uuid |
| - |
| name: ufid-flags |
| type: u32 |
| enum: ovs-ufid-flags |
| doc: | |
| A 32-bit value of ORed flags that provide alternative semantics for |
| flow installation and retrieval. Optional for all requests. |
| - |
| name: pad |
| type: binary |
| |
| - |
| name: key-attrs |
| enum-name: ovs-key-attr |
| name-prefix: ovs-key-attr- |
| attributes: |
| - |
| name: encap |
| type: nest |
| nested-attributes: key-attrs |
| - |
| name: priority |
| type: u32 |
| - |
| name: in-port |
| type: u32 |
| - |
| name: ethernet |
| type: binary |
| struct: ovs-key-ethernet |
| doc: struct ovs_key_ethernet |
| - |
| name: vlan |
| type: u16 |
| byte-order: big-endian |
| - |
| name: ethertype |
| type: u16 |
| byte-order: big-endian |
| - |
| name: ipv4 |
| type: binary |
| struct: ovs-key-ipv4 |
| - |
| name: ipv6 |
| type: binary |
| struct: ovs-key-ipv6 |
| doc: struct ovs_key_ipv6 |
| - |
| name: tcp |
| type: binary |
| struct: ovs-key-tcp |
| - |
| name: udp |
| type: binary |
| struct: ovs-key-udp |
| - |
| name: icmp |
| type: binary |
| struct: ovs-key-icmp |
| - |
| name: icmpv6 |
| type: binary |
| struct: ovs-key-icmp |
| - |
| name: arp |
| type: binary |
| struct: ovs-key-arp |
| doc: struct ovs_key_arp |
| - |
| name: nd |
| type: binary |
| struct: ovs-key-nd |
| doc: struct ovs_key_nd |
| - |
| name: skb-mark |
| type: u32 |
| - |
| name: tunnel |
| type: nest |
| nested-attributes: tunnel-key-attrs |
| - |
| name: sctp |
| type: binary |
| struct: ovs-key-sctp |
| - |
| name: tcp-flags |
| type: u16 |
| byte-order: big-endian |
| - |
| name: dp-hash |
| type: u32 |
| doc: Value 0 indicates the hash is not computed by the datapath. |
| - |
| name: recirc-id |
| type: u32 |
| - |
| name: mpls |
| type: binary |
| struct: ovs-key-mpls |
| - |
| name: ct-state |
| type: u32 |
| enum: ct-state-flags |
| enum-as-flags: true |
| - |
| name: ct-zone |
| type: u16 |
| doc: connection tracking zone |
| - |
| name: ct-mark |
| type: u32 |
| doc: connection tracking mark |
| - |
| name: ct-labels |
| type: binary |
| display-hint: hex |
| doc: 16-octet connection tracking label |
| - |
| name: ct-orig-tuple-ipv4 |
| type: binary |
| struct: ovs-key-ct-tuple-ipv4 |
| - |
| name: ct-orig-tuple-ipv6 |
| type: binary |
| doc: struct ovs_key_ct_tuple_ipv6 |
| - |
| name: nsh |
| type: nest |
| nested-attributes: ovs-nsh-key-attrs |
| - |
| name: packet-type |
| type: u32 |
| byte-order: big-endian |
| doc: Should not be sent to the kernel |
| - |
| name: nd-extensions |
| type: binary |
| doc: Should not be sent to the kernel |
| - |
| name: tunnel-info |
| type: binary |
| doc: struct ip_tunnel_info |
| - |
| name: ipv6-exthdrs |
| type: binary |
| struct: ovs-key-ipv6-exthdrs |
| doc: struct ovs_key_ipv6_exthdr |
| - |
| name: action-attrs |
| enum-name: ovs-action-attr |
| name-prefix: ovs-action-attr- |
| attributes: |
| - |
| name: output |
| type: u32 |
| doc: ovs port number in datapath |
| - |
| name: userspace |
| type: nest |
| nested-attributes: userspace-attrs |
| - |
| name: set |
| type: nest |
| nested-attributes: key-attrs |
| doc: Replaces the contents of an existing header. The single nested attribute specifies a header to modify and its value. |
| - |
| name: push-vlan |
| type: binary |
| struct: ovs-action-push-vlan |
| doc: Push a new outermost 802.1Q or 802.1ad header onto the packet. |
| - |
| name: pop-vlan |
| type: flag |
| doc: Pop the outermost 802.1Q or 802.1ad header from the packet. |
| - |
| name: sample |
| type: nest |
| nested-attributes: sample-attrs |
| doc: | |
| Probabilistically executes actions, as specified in the nested attributes. |
| - |
| name: recirc |
| type: u32 |
| doc: recirc id |
| - |
| name: hash |
| type: binary |
| struct: ovs-action-hash |
| - |
| name: push-mpls |
| type: binary |
| struct: ovs-action-push-mpls |
| doc: | |
| Push a new MPLS label stack entry onto the top of the packets MPLS |
| label stack. Set the ethertype of the encapsulating frame to either |
| ETH_P_MPLS_UC or ETH_P_MPLS_MC to indicate the new packet contents. |
| - |
| name: pop-mpls |
| type: u16 |
| byte-order: big-endian |
| doc: ethertype |
| - |
| name: set-masked |
| type: nest |
| nested-attributes: key-attrs |
| doc: | |
| Replaces the contents of an existing header. A nested attribute |
| specifies a header to modify, its value, and a mask. For every bit set |
| in the mask, the corresponding bit value is copied from the value to |
| the packet header field, rest of the bits are left unchanged. The |
| non-masked value bits must be passed in as zeroes. Masking is not |
| supported for the OVS_KEY_ATTR_TUNNEL attribute. |
| - |
| name: ct |
| type: nest |
| nested-attributes: ct-attrs |
| doc: | |
| Track the connection. Populate the conntrack-related entries |
| in the flow key. |
| - |
| name: trunc |
| type: u32 |
| doc: struct ovs_action_trunc is a u32 max length |
| - |
| name: push-eth |
| type: binary |
| doc: struct ovs_action_push_eth |
| - |
| name: pop-eth |
| type: flag |
| - |
| name: ct-clear |
| type: flag |
| - |
| name: push-nsh |
| type: nest |
| nested-attributes: ovs-nsh-key-attrs |
| doc: | |
| Push NSH header to the packet. |
| - |
| name: pop-nsh |
| type: flag |
| doc: | |
| Pop the outermost NSH header off the packet. |
| - |
| name: meter |
| type: u32 |
| doc: | |
| Run packet through a meter, which may drop the packet, or modify the |
| packet (e.g., change the DSCP field) |
| - |
| name: clone |
| type: nest |
| nested-attributes: action-attrs |
| doc: | |
| Make a copy of the packet and execute a list of actions without |
| affecting the original packet and key. |
| - |
| name: check-pkt-len |
| type: nest |
| nested-attributes: check-pkt-len-attrs |
| doc: | |
| Check the packet length and execute a set of actions if greater than |
| the specified packet length, else execute another set of actions. |
| - |
| name: add-mpls |
| type: binary |
| struct: ovs-action-add-mpls |
| doc: | |
| Push a new MPLS label stack entry at the start of the packet or at the |
| start of the l3 header depending on the value of l3 tunnel flag in the |
| tun_flags field of this OVS_ACTION_ATTR_ADD_MPLS argument. |
| - |
| name: dec-ttl |
| type: nest |
| nested-attributes: dec-ttl-attrs |
| - |
| name: tunnel-key-attrs |
| enum-name: ovs-tunnel-key-attr |
| name-prefix: ovs-tunnel-key-attr- |
| attributes: |
| - |
| name: id |
| type: u64 |
| byte-order: big-endian |
| value: 0 |
| - |
| name: ipv4-src |
| type: u32 |
| byte-order: big-endian |
| - |
| name: ipv4-dst |
| type: u32 |
| byte-order: big-endian |
| - |
| name: tos |
| type: u8 |
| - |
| name: ttl |
| type: u8 |
| - |
| name: dont-fragment |
| type: flag |
| - |
| name: csum |
| type: flag |
| - |
| name: oam |
| type: flag |
| - |
| name: geneve-opts |
| type: binary |
| sub-type: u32 |
| - |
| name: tp-src |
| type: u16 |
| byte-order: big-endian |
| - |
| name: tp-dst |
| type: u16 |
| byte-order: big-endian |
| - |
| name: vxlan-opts |
| type: nest |
| nested-attributes: vxlan-ext-attrs |
| - |
| name: ipv6-src |
| type: binary |
| doc: | |
| struct in6_addr source IPv6 address |
| - |
| name: ipv6-dst |
| type: binary |
| doc: | |
| struct in6_addr destination IPv6 address |
| - |
| name: pad |
| type: binary |
| - |
| name: erspan-opts |
| type: binary |
| doc: | |
| struct erspan_metadata |
| - |
| name: ipv4-info-bridge |
| type: flag |
| - |
| name: check-pkt-len-attrs |
| enum-name: ovs-check-pkt-len-attr |
| name-prefix: ovs-check-pkt-len-attr- |
| attributes: |
| - |
| name: pkt-len |
| type: u16 |
| - |
| name: actions-if-greater |
| type: nest |
| nested-attributes: action-attrs |
| - |
| name: actions-if-less-equal |
| type: nest |
| nested-attributes: action-attrs |
| - |
| name: sample-attrs |
| enum-name: ovs-sample-attr |
| name-prefix: ovs-sample-attr- |
| attributes: |
| - |
| name: probability |
| type: u32 |
| - |
| name: actions |
| type: nest |
| nested-attributes: action-attrs |
| - |
| name: userspace-attrs |
| enum-name: ovs-userspace-attr |
| name-prefix: ovs-userspace-attr- |
| attributes: |
| - |
| name: pid |
| type: u32 |
| - |
| name: userdata |
| type: binary |
| - |
| name: egress-tun-port |
| type: u32 |
| - |
| name: actions |
| type: flag |
| - |
| name: ovs-nsh-key-attrs |
| enum-name: ovs-nsh-key-attr |
| name-prefix: ovs-nsh-key-attr- |
| attributes: |
| - |
| name: base |
| type: binary |
| - |
| name: md1 |
| type: binary |
| - |
| name: md2 |
| type: binary |
| - |
| name: ct-attrs |
| enum-name: ovs-ct-attr |
| name-prefix: ovs-ct-attr- |
| attributes: |
| - |
| name: commit |
| type: flag |
| - |
| name: zone |
| type: u16 |
| - |
| name: mark |
| type: binary |
| - |
| name: labels |
| type: binary |
| - |
| name: helper |
| type: string |
| - |
| name: nat |
| type: nest |
| nested-attributes: nat-attrs |
| - |
| name: force-commit |
| type: flag |
| - |
| name: eventmask |
| type: u32 |
| - |
| name: timeout |
| type: string |
| - |
| name: nat-attrs |
| enum-name: ovs-nat-attr |
| name-prefix: ovs-nat-attr- |
| attributes: |
| - |
| name: src |
| type: flag |
| - |
| name: dst |
| type: flag |
| - |
| name: ip-min |
| type: binary |
| - |
| name: ip-max |
| type: binary |
| - |
| name: proto-min |
| type: u16 |
| - |
| name: proto-max |
| type: u16 |
| - |
| name: persistent |
| type: flag |
| - |
| name: proto-hash |
| type: flag |
| - |
| name: proto-random |
| type: flag |
| - |
| name: dec-ttl-attrs |
| enum-name: ovs-dec-ttl-attr |
| name-prefix: ovs-dec-ttl-attr- |
| attributes: |
| - |
| name: action |
| type: nest |
| nested-attributes: action-attrs |
| - |
| name: vxlan-ext-attrs |
| enum-name: ovs-vxlan-ext- |
| name-prefix: ovs-vxlan-ext- |
| attributes: |
| - |
| name: gbp |
| type: u32 |
| |
| operations: |
| name-prefix: ovs-flow-cmd- |
| fixed-header: ovs-header |
| list: |
| - |
| name: get |
| doc: Get / dump OVS flow configuration and state |
| value: 3 |
| attribute-set: flow-attrs |
| do: &flow-get-op |
| request: |
| attributes: |
| - dp-ifindex |
| - key |
| - ufid |
| - ufid-flags |
| reply: |
| attributes: |
| - dp-ifindex |
| - key |
| - ufid |
| - mask |
| - stats |
| - actions |
| dump: *flow-get-op |
| - |
| name: new |
| doc: Create OVS flow configuration in a data path |
| value: 1 |
| attribute-set: flow-attrs |
| do: |
| request: |
| attributes: |
| - dp-ifindex |
| - key |
| - ufid |
| - mask |
| - actions |
| |
| mcast-groups: |
| list: |
| - |
| name: ovs_flow |