ovs-architecture: Recommend disable-in-band=true for integration bridge.

Also implement in ovs-sandbox. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Justin Pettit <jpettit@nicira.com>
2025-10-19 14:37:21 +00:00 · 2015-05-05 17:19:48 -07:00
parent b4e87a483a
commit a42226f0a5
2 changed files with 25 additions and 5 deletions
--- a/ovn/ovn-architecture.7.xml
+++ b/ovn/ovn-architecture.7.xml
@@ -243,11 +243,30 @@
  </p>

  <p>
-    The integration bridge must be configured with failure mode ``secure'' to
-    avoid switching packets between isolated logical networks before
+    The integration bridge should be configured as described below.
+    The effect of each of these settings is documented in
+    <code>ovs-vswitchd.conf.db</code>(5):
+  </p>
+
+  <dl>
+    <dt><code>fail-mode=secure</code></dt>
+    <dd>
+      Avoids switching packets between isolated logical networks before
      <code>ovn-controller</code> starts up.  See <code>Controller Failure
      Settings</code> in <code>ovs-vsctl</code>(8) for more information.
-  </p>
+    </dd>
+
+    <dt><code>other-config:disable-in-band=true</code></dt>
+    <dd>
+      Suppresses in-band control flows for the integration bridge.  It would be
+      unusual for such flows to show up anyway, because OVN uses a local
+      controller (over a Unix domain socket) instead of a remote controller.
+      It's possible, however, for some other bridge in the same system to have
+      an in-band remote controller, and in that case this suppresses the flows
+      that in-band control would ordinarily set up.  See <code>In-Band
+      Control</code> in <code>DESIGN.md</code> for more information.
+    </dd>
+  </dl>

  <p>
    The customary name for the integration bridge is <code>br-int</code>, but
--- a/tutorial/ovs-sandbox
+++ b/tutorial/ovs-sandbox
@@ -291,7 +291,8 @@ if $ovn; then
    ovs-vsctl set open . external-ids:ovn-remote=unix:"$sandbox"/db.sock
    ovs-vsctl set open . external-ids:ovn-encap-type=geneve
    ovs-vsctl set open . external-ids:ovn-encap-ip=127.0.0.1
-    ovs-vsctl add-br br-int -- set bridge br-int fail-mode=secure
+    ovs-vsctl add-br br-int \
+        -- set bridge br-int fail-mode=secure other-config:disable-in-band=true

    rungdb $gdb_ovn_northd ovn-northd --detach --no-chdir --pidfile -vconsole:off --log-file
    rungdb $gdb_ovn_controller ovn-controller --detach --no-chdir --pidfile -vconsole:off --log-file