Open Vswitch

Open Vswitch

OpenVswitch is a multi-layer virtual switch which is also a part of Server management services licensed under open source Apache 2.0 and used for production quality. It is used to create massive network automation through programmatic extension. It can be used both as a soft switch running within the hyper visor, and as the control stack for switching silicon. It is a program which is used to control your network. It is used by thousand of subscribers to the OVS mailing list. Open Vswitch is a fast Data path in Kernel and an implementation of Open Flow.

Open Vswitch broadly supports Linux, FreeBSD, Hyper-V, NetBSD, Windows, VirtualBox,  ESX, KVM, Xen, Docker, OpenNebula,  OpenStack, CloudStack, etc. It is used in most popular OpenStack networking backend, Default network stack in Xenserver, Thousands of subscribers to OVS mailing lists and 1,440 hits in Google Scholar.

It supports protocols and interfaces (SFLOW, RSPAN, CLI, NetFlow, LACP, 802.1ag). It is designed for use across multiple physical servers which are similar to network of VMware distributed Cisco’s Nexus 1000 V or vswitch. Open Vswitch’s   exciting parts are that you can write a program for controlling your network securely. It is easily portable (hypervisors, CMSes, Oses, etc.)

Features of Open Vswitch are as follows:

Open Vswitch new features are that it considers MPLS, Multicast snooping, RSTP, TCP flags matching, Tunnels (LISP, VXLAN, Geneva), OpenFlow. There are some recent improvements in Open Vswitch that are Compiler support (clang for thread safety and MSVC 2013), check-oftest, check-yu, Coverity scan and Travis continuous integration.

Open Vswitch is used for solving problems like a  small number of long flows, large number of medium-length flows, Port scans, peer-to-peer rendezvous servers, distributed systems and network monitoring applications.

Open Vswitch contains a witch port which may have one or more interfaces.

 A flow may be identified by any combination of

 1. Tunnel ID

 2. IPv6 ND target

 3. IPv4 or IPv6 source address

 4. IPv4 or IPv6 destination address

5.  Input port

6.  Ethernet frame type

7. TCP/UDP destination port

8. TCP/UDP source port

9.  VLAN ID (802.1Q)

10. Ethernet destination address

11.  Ethernet source address

12.  ARP/ND source hardware address

13. IP ToS (DSCP field)

14. IP Protocol or lower 8 bits of ARP ppcode

15. ARP/ND destination hardware address

Open Vswitch controller is configured with a JSON database and thus configuration is persistent across reboots. The Database will not return until the controller is reconfigured. A JSON database may be controlled by using a UNIX socket, or remotely using TLS locally. SPAN allows to receive or sent frames on one or more ports to be duplicated on a different port. SPAN is useful for debugging.

Open Vswitch QoS capabilities are that its interface rate limiting and port QoS policy. At the interface rate limiting a rate and burst can be assigned to an interface. It utilizes the kernel framework’s ingress policing. A port may assign one or more QoS policy in which each QoS policy consists of a class and qdisc.

The Linux kernel uses classes and qdisc for Tc implementation. Right now only HTB and HFSC classes are supported. Selection of class of a flow totally depends on the controller.

Open vswitch is an advanced edge switch which works on Linux-based hypervisors like Xen, KVM, VirtualBox. It is a commercial friendly license, which is widely deployed in enterprise, service provider and Telco production environments. The main goal of Open Vswitch is to upstream the module of Kernal.