1# SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) 2 3name: ovs_flow 4version: 1 5protocol: genetlink-legacy 6 7doc: 8 OVS flow configuration over generic netlink. 9 10definitions: 11 - 12 name: ovs-header 13 type: struct 14 doc: | 15 Header for OVS Generic Netlink messages. 16 members: 17 - 18 name: dp-ifindex 19 type: u32 20 doc: | 21 ifindex of local port for datapath (0 to make a request not specific 22 to a datapath). 23 - 24 name: ovs-flow-stats 25 type: struct 26 members: 27 - 28 name: n-packets 29 type: u64 30 doc: Number of matched packets. 31 - 32 name: n-bytes 33 type: u64 34 doc: Number of matched bytes. 35 - 36 name: ovs-key-mpls 37 type: struct 38 members: 39 - 40 name: mpls-lse 41 type: u32 42 byte-order: big-endian 43 - 44 name: ovs-key-ipv4 45 type: struct 46 members: 47 - 48 name: ipv4-src 49 type: u32 50 byte-order: big-endian 51 - 52 name: ipv4-dst 53 type: u32 54 byte-order: big-endian 55 - 56 name: ipv4-proto 57 type: u8 58 - 59 name: ipv4-tos 60 type: u8 61 - 62 name: ipv4-ttl 63 type: u8 64 - 65 name: ipv4-frag 66 type: u8 67 enum: ovs-frag-type 68 - 69 name: ovs-frag-type 70 type: enum 71 entries: 72 - 73 name: none 74 doc: Packet is not a fragment. 75 - 76 name: first 77 doc: Packet is a fragment with offset 0. 78 - 79 name: later 80 doc: Packet is a fragment with nonzero offset. 81 - 82 name: any 83 value: 255 84 - 85 name: ovs-key-tcp 86 type: struct 87 members: 88 - 89 name: tcp-src 90 type: u16 91 byte-order: big-endian 92 - 93 name: tcp-dst 94 type: u16 95 byte-order: big-endian 96 - 97 name: ovs-key-udp 98 type: struct 99 members: 100 - 101 name: udp-src 102 type: u16 103 byte-order: big-endian 104 - 105 name: udp-dst 106 type: u16 107 byte-order: big-endian 108 - 109 name: ovs-key-sctp 110 type: struct 111 members: 112 - 113 name: sctp-src 114 type: u16 115 byte-order: big-endian 116 - 117 name: sctp-dst 118 type: u16 119 byte-order: big-endian 120 - 121 name: ovs-key-icmp 122 type: struct 123 members: 124 - 125 name: icmp-type 126 type: u8 127 - 128 name: icmp-code 129 type: u8 130 - 131 name: ovs-key-ct-tuple-ipv4 132 type: struct 133 members: 134 - 135 name: ipv4-src 136 type: u32 137 byte-order: big-endian 138 - 139 name: ipv4-dst 140 type: u32 141 byte-order: big-endian 142 - 143 name: src-port 144 type: u16 145 byte-order: big-endian 146 - 147 name: dst-port 148 type: u16 149 byte-order: big-endian 150 - 151 name: ipv4-proto 152 type: u8 153 - 154 name: ovs-action-push-vlan 155 type: struct 156 members: 157 - 158 name: vlan_tpid 159 type: u16 160 byte-order: big-endian 161 doc: Tag protocol identifier (TPID) to push. 162 - 163 name: vlan_tci 164 type: u16 165 byte-order: big-endian 166 doc: Tag control identifier (TCI) to push. 167 - 168 name: ovs-ufid-flags 169 type: flags 170 entries: 171 - omit-key 172 - omit-mask 173 - omit-actions 174 - 175 name: ovs-action-hash 176 type: struct 177 members: 178 - 179 name: hash-algorithm 180 type: u32 181 doc: Algorithm used to compute hash prior to recirculation. 182 - 183 name: hash-basis 184 type: u32 185 doc: Basis used for computing hash. 186 - 187 name: ovs-hash-alg 188 type: enum 189 doc: | 190 Data path hash algorithm for computing Datapath hash. The algorithm type only specifies 191 the fields in a flow will be used as part of the hash. Each datapath is free to use its 192 own hash algorithm. The hash value will be opaque to the user space daemon. 193 entries: 194 - ovs-hash-alg-l4 195 196 - 197 name: ovs-action-push-mpls 198 type: struct 199 members: 200 - 201 name: lse 202 type: u32 203 byte-order: big-endian 204 doc: | 205 MPLS label stack entry to push 206 - 207 name: ethertype 208 type: u32 209 byte-order: big-endian 210 doc: | 211 Ethertype to set in the encapsulating ethernet frame. The only values 212 ethertype should ever be given are ETH_P_MPLS_UC and ETH_P_MPLS_MC, 213 indicating MPLS unicast or multicast. Other are rejected. 214 - 215 name: ovs-action-add-mpls 216 type: struct 217 members: 218 - 219 name: lse 220 type: u32 221 byte-order: big-endian 222 doc: | 223 MPLS label stack entry to push 224 - 225 name: ethertype 226 type: u32 227 byte-order: big-endian 228 doc: | 229 Ethertype to set in the encapsulating ethernet frame. The only values 230 ethertype should ever be given are ETH_P_MPLS_UC and ETH_P_MPLS_MC, 231 indicating MPLS unicast or multicast. Other are rejected. 232 - 233 name: tun-flags 234 type: u16 235 doc: | 236 MPLS tunnel attributes. 237 - 238 name: ct-state-flags 239 type: flags 240 entries: 241 - 242 name: new 243 doc: Beginning of a new connection. 244 - 245 name: established 246 doc: Part of an existing connenction 247 - 248 name: related 249 doc: Related to an existing connection. 250 - 251 name: reply-dir 252 doc: Flow is in the reply direction. 253 - 254 name: invalid 255 doc: Could not track the connection. 256 - 257 name: tracked 258 doc: Conntrack has occurred. 259 - 260 name: src-nat 261 doc: Packet's source address/port was mangled by NAT. 262 - 263 name: dst-nat 264 doc: Packet's destination address/port was mangled by NAT. 265 266attribute-sets: 267 - 268 name: flow-attrs 269 attributes: 270 - 271 name: key 272 type: nest 273 nested-attributes: key-attrs 274 doc: | 275 Nested attributes specifying the flow key. Always present in 276 notifications. Required for all requests (except dumps). 277 - 278 name: actions 279 type: nest 280 nested-attributes: action-attrs 281 doc: | 282 Nested attributes specifying the actions to take for packets that 283 match the key. Always present in notifications. Required for 284 OVS_FLOW_CMD_NEW requests, optional for OVS_FLOW_CMD_SET requests. An 285 OVS_FLOW_CMD_SET without OVS_FLOW_ATTR_ACTIONS will not modify the 286 actions. To clear the actions, an OVS_FLOW_ATTR_ACTIONS without any 287 nested attributes must be given. 288 - 289 name: stats 290 type: binary 291 struct: ovs-flow-stats 292 doc: | 293 Statistics for this flow. Present in notifications if the stats would 294 be nonzero. Ignored in requests. 295 - 296 name: tcp-flags 297 type: u8 298 doc: | 299 An 8-bit value giving the ORed value of all of the TCP flags seen on 300 packets in this flow. Only present in notifications for TCP flows, and 301 only if it would be nonzero. Ignored in requests. 302 - 303 name: used 304 type: u64 305 doc: | 306 A 64-bit integer giving the time, in milliseconds on the system 307 monotonic clock, at which a packet was last processed for this 308 flow. Only present in notifications if a packet has been processed for 309 this flow. Ignored in requests. 310 - 311 name: clear 312 type: flag 313 doc: | 314 If present in a OVS_FLOW_CMD_SET request, clears the last-used time, 315 accumulated TCP flags, and statistics for this flow. Otherwise 316 ignored in requests. Never present in notifications. 317 - 318 name: mask 319 type: nest 320 nested-attributes: key-attrs 321 doc: | 322 Nested attributes specifying the mask bits for wildcarded flow 323 match. Mask bit value '1' specifies exact match with corresponding 324 flow key bit, while mask bit value '0' specifies a wildcarded 325 match. Omitting attribute is treated as wildcarding all corresponding 326 fields. Optional for all requests. If not present, all flow key bits 327 are exact match bits. 328 - 329 name: probe 330 type: binary 331 doc: | 332 Flow operation is a feature probe, error logging should be suppressed. 333 - 334 name: ufid 335 type: binary 336 doc: | 337 A value between 1-16 octets specifying a unique identifier for the 338 flow. Causes the flow to be indexed by this value rather than the 339 value of the OVS_FLOW_ATTR_KEY attribute. Optional for all 340 requests. Present in notifications if the flow was created with this 341 attribute. 342 - 343 name: ufid-flags 344 type: u32 345 enum: ovs-ufid-flags 346 doc: | 347 A 32-bit value of ORed flags that provide alternative semantics for 348 flow installation and retrieval. Optional for all requests. 349 - 350 name: pad 351 type: binary 352 353 - 354 name: key-attrs 355 attributes: 356 - 357 name: encap 358 type: nest 359 nested-attributes: key-attrs 360 - 361 name: priority 362 type: u32 363 - 364 name: in-port 365 type: u32 366 - 367 name: ethernet 368 type: binary 369 doc: struct ovs_key_ethernet 370 - 371 name: vlan 372 type: u16 373 byte-order: big-endian 374 - 375 name: ethertype 376 type: u16 377 byte-order: big-endian 378 - 379 name: ipv4 380 type: binary 381 struct: ovs-key-ipv4 382 - 383 name: ipv6 384 type: binary 385 doc: struct ovs_key_ipv6 386 - 387 name: tcp 388 type: binary 389 struct: ovs-key-tcp 390 - 391 name: udp 392 type: binary 393 struct: ovs-key-udp 394 - 395 name: icmp 396 type: binary 397 struct: ovs-key-icmp 398 - 399 name: icmpv6 400 type: binary 401 struct: ovs-key-icmp 402 - 403 name: arp 404 type: binary 405 doc: struct ovs_key_arp 406 - 407 name: nd 408 type: binary 409 doc: struct ovs_key_nd 410 - 411 name: skb-mark 412 type: u32 413 - 414 name: tunnel 415 type: nest 416 nested-attributes: tunnel-key-attrs 417 - 418 name: sctp 419 type: binary 420 struct: ovs-key-sctp 421 - 422 name: tcp-flags 423 type: u16 424 byte-order: big-endian 425 - 426 name: dp-hash 427 type: u32 428 doc: Value 0 indicates the hash is not computed by the datapath. 429 - 430 name: recirc-id 431 type: u32 432 - 433 name: mpls 434 type: binary 435 struct: ovs-key-mpls 436 - 437 name: ct-state 438 type: u32 439 enum: ct-state-flags 440 enum-as-flags: true 441 - 442 name: ct-zone 443 type: u16 444 doc: connection tracking zone 445 - 446 name: ct-mark 447 type: u32 448 doc: connection tracking mark 449 - 450 name: ct-labels 451 type: binary 452 doc: 16-octet connection tracking label 453 - 454 name: ct-orig-tuple-ipv4 455 type: binary 456 struct: ovs-key-ct-tuple-ipv4 457 - 458 name: ct-orig-tuple-ipv6 459 type: binary 460 doc: struct ovs_key_ct_tuple_ipv6 461 - 462 name: nsh 463 type: nest 464 nested-attributes: ovs-nsh-key-attrs 465 - 466 name: packet-type 467 type: u32 468 byte-order: big-endian 469 doc: Should not be sent to the kernel 470 - 471 name: nd-extensions 472 type: binary 473 doc: Should not be sent to the kernel 474 - 475 name: tunnel-info 476 type: binary 477 doc: struct ip_tunnel_info 478 - 479 name: ipv6-exthdrs 480 type: binary 481 doc: struct ovs_key_ipv6_exthdr 482 - 483 name: action-attrs 484 attributes: 485 - 486 name: output 487 type: u32 488 doc: ovs port number in datapath 489 - 490 name: userspace 491 type: nest 492 nested-attributes: userspace-attrs 493 - 494 name: set 495 type: nest 496 nested-attributes: key-attrs 497 doc: Replaces the contents of an existing header. The single nested attribute specifies a header to modify and its value. 498 - 499 name: push-vlan 500 type: binary 501 struct: ovs-action-push-vlan 502 doc: Push a new outermost 802.1Q or 802.1ad header onto the packet. 503 - 504 name: pop-vlan 505 type: flag 506 doc: Pop the outermost 802.1Q or 802.1ad header from the packet. 507 - 508 name: sample 509 type: nest 510 nested-attributes: sample-attrs 511 doc: | 512 Probabilistically executes actions, as specified in the nested attributes. 513 - 514 name: recirc 515 type: u32 516 doc: recirc id 517 - 518 name: hash 519 type: binary 520 struct: ovs-action-hash 521 - 522 name: push-mpls 523 type: binary 524 struct: ovs-action-push-mpls 525 doc: | 526 Push a new MPLS label stack entry onto the top of the packets MPLS 527 label stack. Set the ethertype of the encapsulating frame to either 528 ETH_P_MPLS_UC or ETH_P_MPLS_MC to indicate the new packet contents. 529 - 530 name: pop-mpls 531 type: u16 532 byte-order: big-endian 533 doc: ethertype 534 - 535 name: set-masked 536 type: nest 537 nested-attributes: key-attrs 538 doc: | 539 Replaces the contents of an existing header. A nested attribute 540 specifies a header to modify, its value, and a mask. For every bit set 541 in the mask, the corresponding bit value is copied from the value to 542 the packet header field, rest of the bits are left unchanged. The 543 non-masked value bits must be passed in as zeroes. Masking is not 544 supported for the OVS_KEY_ATTR_TUNNEL attribute. 545 - 546 name: ct 547 type: nest 548 nested-attributes: ct-attrs 549 doc: | 550 Track the connection. Populate the conntrack-related entries 551 in the flow key. 552 - 553 name: trunc 554 type: u32 555 doc: struct ovs_action_trunc is a u32 max length 556 - 557 name: push-eth 558 type: binary 559 doc: struct ovs_action_push_eth 560 - 561 name: pop-eth 562 type: flag 563 - 564 name: ct-clear 565 type: flag 566 - 567 name: push-nsh 568 type: nest 569 nested-attributes: ovs-nsh-key-attrs 570 doc: | 571 Push NSH header to the packet. 572 - 573 name: pop-nsh 574 type: flag 575 doc: | 576 Pop the outermost NSH header off the packet. 577 - 578 name: meter 579 type: u32 580 doc: | 581 Run packet through a meter, which may drop the packet, or modify the 582 packet (e.g., change the DSCP field) 583 - 584 name: clone 585 type: nest 586 nested-attributes: action-attrs 587 doc: | 588 Make a copy of the packet and execute a list of actions without 589 affecting the original packet and key. 590 - 591 name: check-pkt-len 592 type: nest 593 nested-attributes: check-pkt-len-attrs 594 doc: | 595 Check the packet length and execute a set of actions if greater than 596 the specified packet length, else execute another set of actions. 597 - 598 name: add-mpls 599 type: binary 600 struct: ovs-action-add-mpls 601 doc: | 602 Push a new MPLS label stack entry at the start of the packet or at the 603 start of the l3 header depending on the value of l3 tunnel flag in the 604 tun_flags field of this OVS_ACTION_ATTR_ADD_MPLS argument. 605 - 606 name: dec-ttl 607 type: nest 608 nested-attributes: dec-ttl-attrs 609 - 610 name: tunnel-key-attrs 611 attributes: 612 - 613 name: id 614 type: u64 615 byte-order: big-endian 616 value: 0 617 - 618 name: ipv4-src 619 type: u32 620 byte-order: big-endian 621 - 622 name: ipv4-dst 623 type: u32 624 byte-order: big-endian 625 - 626 name: tos 627 type: u8 628 - 629 name: ttl 630 type: u8 631 - 632 name: dont-fragment 633 type: flag 634 - 635 name: csum 636 type: flag 637 - 638 name: oam 639 type: flag 640 - 641 name: geneve-opts 642 type: binary 643 sub-type: u32 644 - 645 name: tp-src 646 type: u16 647 byte-order: big-endian 648 - 649 name: tp-dst 650 type: u16 651 byte-order: big-endian 652 - 653 name: vxlan-opts 654 type: nest 655 nested-attributes: vxlan-ext-attrs 656 - 657 name: ipv6-src 658 type: binary 659 doc: | 660 struct in6_addr source IPv6 address 661 - 662 name: ipv6-dst 663 type: binary 664 doc: | 665 struct in6_addr destination IPv6 address 666 - 667 name: pad 668 type: binary 669 - 670 name: erspan-opts 671 type: binary 672 doc: | 673 struct erspan_metadata 674 - 675 name: ipv4-info-bridge 676 type: flag 677 - 678 name: check-pkt-len-attrs 679 attributes: 680 - 681 name: pkt-len 682 type: u16 683 - 684 name: actions-if-greater 685 type: nest 686 nested-attributes: action-attrs 687 - 688 name: actions-if-less-equal 689 type: nest 690 nested-attributes: action-attrs 691 - 692 name: sample-attrs 693 attributes: 694 - 695 name: probability 696 type: u32 697 - 698 name: actions 699 type: nest 700 nested-attributes: action-attrs 701 - 702 name: userspace-attrs 703 attributes: 704 - 705 name: pid 706 type: u32 707 - 708 name: userdata 709 type: binary 710 - 711 name: egress-tun-port 712 type: u32 713 - 714 name: actions 715 type: flag 716 - 717 name: ovs-nsh-key-attrs 718 attributes: 719 - 720 name: base 721 type: binary 722 - 723 name: md1 724 type: binary 725 - 726 name: md2 727 type: binary 728 - 729 name: ct-attrs 730 attributes: 731 - 732 name: commit 733 type: flag 734 - 735 name: zone 736 type: u16 737 - 738 name: mark 739 type: binary 740 - 741 name: labels 742 type: binary 743 - 744 name: helper 745 type: string 746 - 747 name: nat 748 type: nest 749 nested-attributes: nat-attrs 750 - 751 name: force-commit 752 type: flag 753 - 754 name: eventmask 755 type: u32 756 - 757 name: timeout 758 type: string 759 - 760 name: nat-attrs 761 attributes: 762 - 763 name: src 764 type: binary 765 - 766 name: dst 767 type: binary 768 - 769 name: ip-min 770 type: binary 771 - 772 name: ip-max 773 type: binary 774 - 775 name: proto-min 776 type: binary 777 - 778 name: proto-max 779 type: binary 780 - 781 name: persistent 782 type: binary 783 - 784 name: proto-hash 785 type: binary 786 - 787 name: proto-random 788 type: binary 789 - 790 name: dec-ttl-attrs 791 attributes: 792 - 793 name: action 794 type: nest 795 nested-attributes: action-attrs 796 - 797 name: vxlan-ext-attrs 798 attributes: 799 - 800 name: gbp 801 type: u32 802 803operations: 804 fixed-header: ovs-header 805 list: 806 - 807 name: flow-get 808 doc: Get / dump OVS flow configuration and state 809 value: 3 810 attribute-set: flow-attrs 811 do: &flow-get-op 812 request: 813 attributes: 814 - dp-ifindex 815 - key 816 - ufid 817 - ufid-flags 818 reply: 819 attributes: 820 - dp-ifindex 821 - key 822 - ufid 823 - mask 824 - stats 825 - actions 826 dump: *flow-get-op 827 828mcast-groups: 829 list: 830 - 831 name: ovs_flow 832