1# SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) 2 3name: ovs_flow 4version: 1 5protocol: genetlink-legacy 6uapi-header: linux/openvswitch.h 7 8doc: 9 OVS flow configuration over generic netlink. 10 11definitions: 12 - 13 name: ovs-header 14 type: struct 15 doc: | 16 Header for OVS Generic Netlink messages. 17 members: 18 - 19 name: dp-ifindex 20 type: u32 21 doc: | 22 ifindex of local port for datapath (0 to make a request not specific 23 to a datapath). 24 - 25 name: ovs-flow-stats 26 type: struct 27 members: 28 - 29 name: n-packets 30 type: u64 31 doc: Number of matched packets. 32 - 33 name: n-bytes 34 type: u64 35 doc: Number of matched bytes. 36 - 37 name: ovs-key-mpls 38 type: struct 39 members: 40 - 41 name: mpls-lse 42 type: u32 43 byte-order: big-endian 44 - 45 name: ovs-key-ipv4 46 type: struct 47 members: 48 - 49 name: ipv4-src 50 type: u32 51 byte-order: big-endian 52 - 53 name: ipv4-dst 54 type: u32 55 byte-order: big-endian 56 - 57 name: ipv4-proto 58 type: u8 59 - 60 name: ipv4-tos 61 type: u8 62 - 63 name: ipv4-ttl 64 type: u8 65 - 66 name: ipv4-frag 67 type: u8 68 enum: ovs-frag-type 69 - 70 name: ovs-frag-type 71 name-prefix: ovs-frag-type- 72 type: enum 73 entries: 74 - 75 name: none 76 doc: Packet is not a fragment. 77 - 78 name: first 79 doc: Packet is a fragment with offset 0. 80 - 81 name: later 82 doc: Packet is a fragment with nonzero offset. 83 - 84 name: any 85 value: 255 86 - 87 name: ovs-key-tcp 88 type: struct 89 members: 90 - 91 name: tcp-src 92 type: u16 93 byte-order: big-endian 94 - 95 name: tcp-dst 96 type: u16 97 byte-order: big-endian 98 - 99 name: ovs-key-udp 100 type: struct 101 members: 102 - 103 name: udp-src 104 type: u16 105 byte-order: big-endian 106 - 107 name: udp-dst 108 type: u16 109 byte-order: big-endian 110 - 111 name: ovs-key-sctp 112 type: struct 113 members: 114 - 115 name: sctp-src 116 type: u16 117 byte-order: big-endian 118 - 119 name: sctp-dst 120 type: u16 121 byte-order: big-endian 122 - 123 name: ovs-key-icmp 124 type: struct 125 members: 126 - 127 name: icmp-type 128 type: u8 129 - 130 name: icmp-code 131 type: u8 132 - 133 name: ovs-key-ct-tuple-ipv4 134 type: struct 135 members: 136 - 137 name: ipv4-src 138 type: u32 139 byte-order: big-endian 140 - 141 name: ipv4-dst 142 type: u32 143 byte-order: big-endian 144 - 145 name: src-port 146 type: u16 147 byte-order: big-endian 148 - 149 name: dst-port 150 type: u16 151 byte-order: big-endian 152 - 153 name: ipv4-proto 154 type: u8 155 - 156 name: ovs-action-push-vlan 157 type: struct 158 members: 159 - 160 name: vlan_tpid 161 type: u16 162 byte-order: big-endian 163 doc: Tag protocol identifier (TPID) to push. 164 - 165 name: vlan_tci 166 type: u16 167 byte-order: big-endian 168 doc: Tag control identifier (TCI) to push. 169 - 170 name: ovs-ufid-flags 171 name-prefix: ovs-ufid-f- 172 type: flags 173 entries: 174 - omit-key 175 - omit-mask 176 - omit-actions 177 - 178 name: ovs-action-hash 179 type: struct 180 members: 181 - 182 name: hash-alg 183 type: u32 184 doc: Algorithm used to compute hash prior to recirculation. 185 - 186 name: hash-basis 187 type: u32 188 doc: Basis used for computing hash. 189 - 190 name: ovs-hash-alg 191 type: enum 192 doc: | 193 Data path hash algorithm for computing Datapath hash. The algorithm type only specifies 194 the fields in a flow will be used as part of the hash. Each datapath is free to use its 195 own hash algorithm. The hash value will be opaque to the user space daemon. 196 entries: 197 - ovs-hash-alg-l4 198 199 - 200 name: ovs-action-push-mpls 201 type: struct 202 members: 203 - 204 name: mpls-lse 205 type: u32 206 byte-order: big-endian 207 doc: | 208 MPLS label stack entry to push 209 - 210 name: mpls-ethertype 211 type: u32 212 byte-order: big-endian 213 doc: | 214 Ethertype to set in the encapsulating ethernet frame. The only values 215 ethertype should ever be given are ETH_P_MPLS_UC and ETH_P_MPLS_MC, 216 indicating MPLS unicast or multicast. Other are rejected. 217 - 218 name: ovs-action-add-mpls 219 type: struct 220 members: 221 - 222 name: mpls-lse 223 type: u32 224 byte-order: big-endian 225 doc: | 226 MPLS label stack entry to push 227 - 228 name: mpls-ethertype 229 type: u32 230 byte-order: big-endian 231 doc: | 232 Ethertype to set in the encapsulating ethernet frame. The only values 233 ethertype should ever be given are ETH_P_MPLS_UC and ETH_P_MPLS_MC, 234 indicating MPLS unicast or multicast. Other are rejected. 235 - 236 name: tun-flags 237 type: u16 238 doc: | 239 MPLS tunnel attributes. 240 - 241 name: ct-state-flags 242 type: flags 243 name-prefix: ovs-cs-f- 244 entries: 245 - 246 name: new 247 doc: Beginning of a new connection. 248 - 249 name: established 250 doc: Part of an existing connenction 251 - 252 name: related 253 doc: Related to an existing connection. 254 - 255 name: reply-dir 256 doc: Flow is in the reply direction. 257 - 258 name: invalid 259 doc: Could not track the connection. 260 - 261 name: tracked 262 doc: Conntrack has occurred. 263 - 264 name: src-nat 265 doc: Packet's source address/port was mangled by NAT. 266 - 267 name: dst-nat 268 doc: Packet's destination address/port was mangled by NAT. 269 270attribute-sets: 271 - 272 name: flow-attrs 273 enum-name: ovs-flow-attr 274 name-prefix: ovs-flow-attr- 275 attributes: 276 - 277 name: key 278 type: nest 279 nested-attributes: key-attrs 280 doc: | 281 Nested attributes specifying the flow key. Always present in 282 notifications. Required for all requests (except dumps). 283 - 284 name: actions 285 type: nest 286 nested-attributes: action-attrs 287 doc: | 288 Nested attributes specifying the actions to take for packets that 289 match the key. Always present in notifications. Required for 290 OVS_FLOW_CMD_NEW requests, optional for OVS_FLOW_CMD_SET requests. An 291 OVS_FLOW_CMD_SET without OVS_FLOW_ATTR_ACTIONS will not modify the 292 actions. To clear the actions, an OVS_FLOW_ATTR_ACTIONS without any 293 nested attributes must be given. 294 - 295 name: stats 296 type: binary 297 struct: ovs-flow-stats 298 doc: | 299 Statistics for this flow. Present in notifications if the stats would 300 be nonzero. Ignored in requests. 301 - 302 name: tcp-flags 303 type: u8 304 doc: | 305 An 8-bit value giving the ORed value of all of the TCP flags seen on 306 packets in this flow. Only present in notifications for TCP flows, and 307 only if it would be nonzero. Ignored in requests. 308 - 309 name: used 310 type: u64 311 doc: | 312 A 64-bit integer giving the time, in milliseconds on the system 313 monotonic clock, at which a packet was last processed for this 314 flow. Only present in notifications if a packet has been processed for 315 this flow. Ignored in requests. 316 - 317 name: clear 318 type: flag 319 doc: | 320 If present in a OVS_FLOW_CMD_SET request, clears the last-used time, 321 accumulated TCP flags, and statistics for this flow. Otherwise 322 ignored in requests. Never present in notifications. 323 - 324 name: mask 325 type: nest 326 nested-attributes: key-attrs 327 doc: | 328 Nested attributes specifying the mask bits for wildcarded flow 329 match. Mask bit value '1' specifies exact match with corresponding 330 flow key bit, while mask bit value '0' specifies a wildcarded 331 match. Omitting attribute is treated as wildcarding all corresponding 332 fields. Optional for all requests. If not present, all flow key bits 333 are exact match bits. 334 - 335 name: probe 336 type: binary 337 doc: | 338 Flow operation is a feature probe, error logging should be suppressed. 339 - 340 name: ufid 341 type: binary 342 doc: | 343 A value between 1-16 octets specifying a unique identifier for the 344 flow. Causes the flow to be indexed by this value rather than the 345 value of the OVS_FLOW_ATTR_KEY attribute. Optional for all 346 requests. Present in notifications if the flow was created with this 347 attribute. 348 - 349 name: ufid-flags 350 type: u32 351 enum: ovs-ufid-flags 352 doc: | 353 A 32-bit value of ORed flags that provide alternative semantics for 354 flow installation and retrieval. Optional for all requests. 355 - 356 name: pad 357 type: binary 358 359 - 360 name: key-attrs 361 enum-name: ovs-key-attr 362 name-prefix: ovs-key-attr- 363 attributes: 364 - 365 name: encap 366 type: nest 367 nested-attributes: key-attrs 368 - 369 name: priority 370 type: u32 371 - 372 name: in-port 373 type: u32 374 - 375 name: ethernet 376 type: binary 377 doc: struct ovs_key_ethernet 378 - 379 name: vlan 380 type: u16 381 byte-order: big-endian 382 - 383 name: ethertype 384 type: u16 385 byte-order: big-endian 386 - 387 name: ipv4 388 type: binary 389 struct: ovs-key-ipv4 390 - 391 name: ipv6 392 type: binary 393 doc: struct ovs_key_ipv6 394 - 395 name: tcp 396 type: binary 397 struct: ovs-key-tcp 398 - 399 name: udp 400 type: binary 401 struct: ovs-key-udp 402 - 403 name: icmp 404 type: binary 405 struct: ovs-key-icmp 406 - 407 name: icmpv6 408 type: binary 409 struct: ovs-key-icmp 410 - 411 name: arp 412 type: binary 413 doc: struct ovs_key_arp 414 - 415 name: nd 416 type: binary 417 doc: struct ovs_key_nd 418 - 419 name: skb-mark 420 type: u32 421 - 422 name: tunnel 423 type: nest 424 nested-attributes: tunnel-key-attrs 425 - 426 name: sctp 427 type: binary 428 struct: ovs-key-sctp 429 - 430 name: tcp-flags 431 type: u16 432 byte-order: big-endian 433 - 434 name: dp-hash 435 type: u32 436 doc: Value 0 indicates the hash is not computed by the datapath. 437 - 438 name: recirc-id 439 type: u32 440 - 441 name: mpls 442 type: binary 443 struct: ovs-key-mpls 444 - 445 name: ct-state 446 type: u32 447 enum: ct-state-flags 448 enum-as-flags: true 449 - 450 name: ct-zone 451 type: u16 452 doc: connection tracking zone 453 - 454 name: ct-mark 455 type: u32 456 doc: connection tracking mark 457 - 458 name: ct-labels 459 type: binary 460 doc: 16-octet connection tracking label 461 - 462 name: ct-orig-tuple-ipv4 463 type: binary 464 struct: ovs-key-ct-tuple-ipv4 465 - 466 name: ct-orig-tuple-ipv6 467 type: binary 468 doc: struct ovs_key_ct_tuple_ipv6 469 - 470 name: nsh 471 type: nest 472 nested-attributes: ovs-nsh-key-attrs 473 - 474 name: packet-type 475 type: u32 476 byte-order: big-endian 477 doc: Should not be sent to the kernel 478 - 479 name: nd-extensions 480 type: binary 481 doc: Should not be sent to the kernel 482 - 483 name: tunnel-info 484 type: binary 485 doc: struct ip_tunnel_info 486 - 487 name: ipv6-exthdrs 488 type: binary 489 doc: struct ovs_key_ipv6_exthdr 490 - 491 name: action-attrs 492 enum-name: ovs-action-attr 493 name-prefix: ovs-action-attr- 494 attributes: 495 - 496 name: output 497 type: u32 498 doc: ovs port number in datapath 499 - 500 name: userspace 501 type: nest 502 nested-attributes: userspace-attrs 503 - 504 name: set 505 type: nest 506 nested-attributes: key-attrs 507 doc: Replaces the contents of an existing header. The single nested attribute specifies a header to modify and its value. 508 - 509 name: push-vlan 510 type: binary 511 struct: ovs-action-push-vlan 512 doc: Push a new outermost 802.1Q or 802.1ad header onto the packet. 513 - 514 name: pop-vlan 515 type: flag 516 doc: Pop the outermost 802.1Q or 802.1ad header from the packet. 517 - 518 name: sample 519 type: nest 520 nested-attributes: sample-attrs 521 doc: | 522 Probabilistically executes actions, as specified in the nested attributes. 523 - 524 name: recirc 525 type: u32 526 doc: recirc id 527 - 528 name: hash 529 type: binary 530 struct: ovs-action-hash 531 - 532 name: push-mpls 533 type: binary 534 struct: ovs-action-push-mpls 535 doc: | 536 Push a new MPLS label stack entry onto the top of the packets MPLS 537 label stack. Set the ethertype of the encapsulating frame to either 538 ETH_P_MPLS_UC or ETH_P_MPLS_MC to indicate the new packet contents. 539 - 540 name: pop-mpls 541 type: u16 542 byte-order: big-endian 543 doc: ethertype 544 - 545 name: set-masked 546 type: nest 547 nested-attributes: key-attrs 548 doc: | 549 Replaces the contents of an existing header. A nested attribute 550 specifies a header to modify, its value, and a mask. For every bit set 551 in the mask, the corresponding bit value is copied from the value to 552 the packet header field, rest of the bits are left unchanged. The 553 non-masked value bits must be passed in as zeroes. Masking is not 554 supported for the OVS_KEY_ATTR_TUNNEL attribute. 555 - 556 name: ct 557 type: nest 558 nested-attributes: ct-attrs 559 doc: | 560 Track the connection. Populate the conntrack-related entries 561 in the flow key. 562 - 563 name: trunc 564 type: u32 565 doc: struct ovs_action_trunc is a u32 max length 566 - 567 name: push-eth 568 type: binary 569 doc: struct ovs_action_push_eth 570 - 571 name: pop-eth 572 type: flag 573 - 574 name: ct-clear 575 type: flag 576 - 577 name: push-nsh 578 type: nest 579 nested-attributes: ovs-nsh-key-attrs 580 doc: | 581 Push NSH header to the packet. 582 - 583 name: pop-nsh 584 type: flag 585 doc: | 586 Pop the outermost NSH header off the packet. 587 - 588 name: meter 589 type: u32 590 doc: | 591 Run packet through a meter, which may drop the packet, or modify the 592 packet (e.g., change the DSCP field) 593 - 594 name: clone 595 type: nest 596 nested-attributes: action-attrs 597 doc: | 598 Make a copy of the packet and execute a list of actions without 599 affecting the original packet and key. 600 - 601 name: check-pkt-len 602 type: nest 603 nested-attributes: check-pkt-len-attrs 604 doc: | 605 Check the packet length and execute a set of actions if greater than 606 the specified packet length, else execute another set of actions. 607 - 608 name: add-mpls 609 type: binary 610 struct: ovs-action-add-mpls 611 doc: | 612 Push a new MPLS label stack entry at the start of the packet or at the 613 start of the l3 header depending on the value of l3 tunnel flag in the 614 tun_flags field of this OVS_ACTION_ATTR_ADD_MPLS argument. 615 - 616 name: dec-ttl 617 type: nest 618 nested-attributes: dec-ttl-attrs 619 - 620 name: tunnel-key-attrs 621 enum-name: ovs-tunnel-key-attr 622 name-prefix: ovs-tunnel-key-attr- 623 attributes: 624 - 625 name: id 626 type: u64 627 byte-order: big-endian 628 value: 0 629 - 630 name: ipv4-src 631 type: u32 632 byte-order: big-endian 633 - 634 name: ipv4-dst 635 type: u32 636 byte-order: big-endian 637 - 638 name: tos 639 type: u8 640 - 641 name: ttl 642 type: u8 643 - 644 name: dont-fragment 645 type: flag 646 - 647 name: csum 648 type: flag 649 - 650 name: oam 651 type: flag 652 - 653 name: geneve-opts 654 type: binary 655 sub-type: u32 656 - 657 name: tp-src 658 type: u16 659 byte-order: big-endian 660 - 661 name: tp-dst 662 type: u16 663 byte-order: big-endian 664 - 665 name: vxlan-opts 666 type: nest 667 nested-attributes: vxlan-ext-attrs 668 - 669 name: ipv6-src 670 type: binary 671 doc: | 672 struct in6_addr source IPv6 address 673 - 674 name: ipv6-dst 675 type: binary 676 doc: | 677 struct in6_addr destination IPv6 address 678 - 679 name: pad 680 type: binary 681 - 682 name: erspan-opts 683 type: binary 684 doc: | 685 struct erspan_metadata 686 - 687 name: ipv4-info-bridge 688 type: flag 689 - 690 name: check-pkt-len-attrs 691 enum-name: ovs-check-pkt-len-attr 692 name-prefix: ovs-check-pkt-len-attr- 693 attributes: 694 - 695 name: pkt-len 696 type: u16 697 - 698 name: actions-if-greater 699 type: nest 700 nested-attributes: action-attrs 701 - 702 name: actions-if-less-equal 703 type: nest 704 nested-attributes: action-attrs 705 - 706 name: sample-attrs 707 enum-name: ovs-sample-attr 708 name-prefix: ovs-sample-attr- 709 attributes: 710 - 711 name: probability 712 type: u32 713 - 714 name: actions 715 type: nest 716 nested-attributes: action-attrs 717 - 718 name: userspace-attrs 719 enum-name: ovs-userspace-attr 720 name-prefix: ovs-userspace-attr- 721 attributes: 722 - 723 name: pid 724 type: u32 725 - 726 name: userdata 727 type: binary 728 - 729 name: egress-tun-port 730 type: u32 731 - 732 name: actions 733 type: flag 734 - 735 name: ovs-nsh-key-attrs 736 enum-name: ovs-nsh-key-attr 737 name-prefix: ovs-nsh-key-attr- 738 attributes: 739 - 740 name: base 741 type: binary 742 - 743 name: md1 744 type: binary 745 - 746 name: md2 747 type: binary 748 - 749 name: ct-attrs 750 enum-name: ovs-ct-attr 751 name-prefix: ovs-ct-attr- 752 attributes: 753 - 754 name: commit 755 type: flag 756 - 757 name: zone 758 type: u16 759 - 760 name: mark 761 type: binary 762 - 763 name: labels 764 type: binary 765 - 766 name: helper 767 type: string 768 - 769 name: nat 770 type: nest 771 nested-attributes: nat-attrs 772 - 773 name: force-commit 774 type: flag 775 - 776 name: eventmask 777 type: u32 778 - 779 name: timeout 780 type: string 781 - 782 name: nat-attrs 783 enum-name: ovs-nat-attr 784 name-prefix: ovs-nat-attr- 785 attributes: 786 - 787 name: src 788 type: flag 789 - 790 name: dst 791 type: flag 792 - 793 name: ip-min 794 type: binary 795 - 796 name: ip-max 797 type: binary 798 - 799 name: proto-min 800 type: u16 801 - 802 name: proto-max 803 type: u16 804 - 805 name: persistent 806 type: flag 807 - 808 name: proto-hash 809 type: flag 810 - 811 name: proto-random 812 type: flag 813 - 814 name: dec-ttl-attrs 815 enum-name: ovs-dec-ttl-attr 816 name-prefix: ovs-dec-ttl-attr- 817 attributes: 818 - 819 name: action 820 type: nest 821 nested-attributes: action-attrs 822 - 823 name: vxlan-ext-attrs 824 enum-name: ovs-vxlan-ext- 825 name-prefix: ovs-vxlan-ext- 826 attributes: 827 - 828 name: gbp 829 type: u32 830 831operations: 832 name-prefix: ovs-flow-cmd- 833 fixed-header: ovs-header 834 list: 835 - 836 name: get 837 doc: Get / dump OVS flow configuration and state 838 value: 3 839 attribute-set: flow-attrs 840 do: &flow-get-op 841 request: 842 attributes: 843 - dp-ifindex 844 - key 845 - ufid 846 - ufid-flags 847 reply: 848 attributes: 849 - dp-ifindex 850 - key 851 - ufid 852 - mask 853 - stats 854 - actions 855 dump: *flow-get-op 856 - 857 name: new 858 doc: Create OVS flow configuration in a data path 859 value: 1 860 attribute-set: flow-attrs 861 do: 862 request: 863 attributes: 864 - dp-ifindex 865 - key 866 - ufid 867 - mask 868 - actions 869 870mcast-groups: 871 list: 872 - 873 name: ovs_flow 874