mirror of
https://github.com/openvswitch/ovs
synced 2025-08-30 13:58:14 +00:00
440a9f4b32
OVN currently supports multiple gateway routers (residing on different chassis) connected to the same logical topology. When external traffic enters the logical topology, they can enter from any gateway routers and reach its eventual destination. This is achieved with proper static routes configured on the gateway routers. But when traffic is initiated in the logical space by a logical port, we do not have a good way to distribute that traffic across multiple gateway routers. This commit introduces one particular way to do it. Based on the source IP address or source IP network of the packet, we can now jump to a specific gateway router. This is very useful for a specific use case of Kubernetes. When traffic is initiated inside a container heading to outside world, we want to be able to send such traffic outside the gateway router residing in the same host as that of the container. Since each host gets a specific subnet, we can use source IP address based policy routing to decide on the gateway router. Rationale for using the same routing table for both source and destination IP address based routing: Some hardware network vendors support policy routing in a different table on arbitrary "match". And when a packet enters, if there is a match in policy based routing table, the default routing table is not consulted at all. In case of OVN, we mainly want policy based routing for north-south traffic. We want east-west traffic to flow as-is. Creating a separate table for policy based routing complicates the configuration quite a bit. For e.g., if we have a source IP network based rule added, to decide a particular gateway router as a next hop, we should add rules at a higher priority for all the connected routes to make sure that east-west traffic is not effected in the policy based routing table itself. Signed-off-by: Gurucharan Shetty <guru@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
============
Open vSwitch
============
Build Status
------------
.. image:: https://travis-ci.org/openvswitch/ovs.png
:target: https://travis-ci.org/openvswitch/ovs
What is Open vSwitch?
---------------------
Open vSwitch is a multilayer software switch licensed under the open source
Apache 2 license. Our goal is to implement a production quality switch
platform that supports standard management interfaces and opens the forwarding
functions to programmatic extension and control.
Open vSwitch is well suited to function as a virtual switch in VM environments.
In addition to exposing standard control and visibility interfaces to the
virtual networking layer, it was designed to support distribution across
multiple physical servers. Open vSwitch supports multiple Linux-based
virtualization technologies including Xen/XenServer, KVM, and VirtualBox.
The bulk of the code is written in platform-independent C and is easily ported
to other environments. The current release of Open vSwitch supports the
following features:
- Standard 802.1Q VLAN model with trunk and access ports
- NIC bonding with or without LACP on upstream switch
- NetFlow, sFlow(R), and mirroring for increased visibility
- QoS (Quality of Service) configuration, plus policing
- Geneve, GRE, VXLAN, STT, and LISP tunneling
- 802.1ag connectivity fault management
- OpenFlow 1.0 plus numerous extensions
- Transactional configuration database with C and Python bindings
- High-performance forwarding using a Linux kernel module
The included Linux kernel module supports Linux 3.10 and up.
Open vSwitch can also operate, at a cost in performance, entirely in userspace,
without assistance from a kernel module. This userspace implementation should
be easier to port than the kernel-based switch. It is considered experimental.
What's here?
------------
The main components of this distribution are:
- ovs-vswitchd, a daemon that implements the switch, along with a companion
Linux kernel module for flow-based switching.
- ovsdb-server, a lightweight database server that ovs-vswitchd queries to
obtain its configuration.
- ovs-dpctl, a tool for configuring the switch kernel module.
- Scripts and specs for building RPMs for Citrix XenServer and Red Hat
Enterprise Linux. The XenServer RPMs allow Open vSwitch to be installed on a
Citrix XenServer host as a drop-in replacement for its switch, with
additional functionality.
- ovs-vsctl, a utility for querying and updating the configuration of
ovs-vswitchd.
- ovs-appctl, a utility that sends commands to running Open vSwitch daemons.
Open vSwitch also provides some tools:
- ovs-ofctl, a utility for querying and controlling OpenFlow switches and
controllers.
- ovs-pki, a utility for creating and managing the public-key infrastructure
for OpenFlow switches.
- ovs-testcontroller, a simple OpenFlow controller that may be useful for
testing (though not for production).
- A patch to tcpdump that enables it to parse OpenFlow messages.
What other documentation is available?
--------------------------------------
To install Open vSwitch on a regular Linux or FreeBSD host, please read the
`installation guide <INSTALL.md>`__. For specifics around installation on a
specific platform, please see one of the below installation guides:
- `Debian <INSTALL.Debian.rst>`__
- `Fedora <INSTALL.Fedora.md>`__
- `RHEL <INSTALL.RHEL.md>`__
- `XenServer <INSTALL.XenServer.rst>`__
- `Windows <INSTALL.Windows.rst>`__
To use Open vSwitch...
- ...with Docker on Linux, see `here <INSTALL.Docker.rst>`__.
- ...with KVM on Linux, see `here <INSTALL.rst>`__ and `here
<INSTALL.KVM.rst>`__.
- ...with Libvirt, see `here <INSTALL.Libvirt.md>`__.
- ...without using a kernel module, see `here <INSTALL.userspace.rst>`__.
- ...with DPDK, see `here <INSTALL.DPDK.rst>`__.
- ...with SELinux, see `here <INSTALL.SELinux.md>`__.
For answers to common questions, refer to the `FAQ <FAQ.rst>`__.
To learn how to set up SSL support for Open vSwitch, see `here
<INSTALL.SSL.md>`__.
To learn about some advanced features of the Open vSwitch software switch, read
the `tutorial <tutorial/Tutorial.md>`__.
Each Open vSwitch userspace program is accompanied by a manpage. Many of the
manpages are customized to your configuration as part of the build process, so
we recommend building Open vSwitch before reading the manpages.
Contact
-------
bugs@openvswitch.org