1 \input texinfo @c -*-texinfo-*-
3 @setfilename openvswitch.info
4 @settitle Open vSwitch Guide
12 Copyright @copyright{} 2012 Nicira, Inc.
14 Licensed under the Apache License, Version 2.0 (the ``License''); you
15 may not use this file except in compliance with the License. You may
16 obtain a copy of the License at
17 @url{http://www.apache.org/licenses/LICENSE-2.0}.
19 Unless required by applicable law or agreed to in writing, software
20 distributed under the License is distributed on an ``AS IS'' BASIS,
21 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
22 implied. See the License for the specific language governing
23 permissions and limitations under the License.
27 @title Programming the Open vSwitch Platform
28 @author Open vSwitch Contributors
31 @vskip 0pt plus 1filll
41 This manual is for PROGRAM, version VERSION.
51 Open vSwitch is an Ethernet switch implemented in software. It is
52 well suited to environments that call for basic switching features
53 such as VLANs and bonding. However, Open vSwitch is built as a
54 platform to open up network forwarding to programmatic extension, so
55 it really shines in environments that demand fast, flexible control
58 Open vSwitch is most often deployed today as a purely software switch,
59 that is, on computers without hardware specialized for packet
60 switching. In this class of uses, Open vSwitch most often runs on
61 virtual server hosts, to forward virtual machine network traffic to
62 and from a physical network. Virtualization is not a requirement:
63 Open vSwitch can also forward traffic among physical interfaces in a
64 ``bare metal'' environment.
66 Open vSwitch is designed and internally layered to be amenable for use
67 within special-purpose switch hardware, and a number of network
68 hardware manufacturers have used it for that purpose. This allows
69 Open vSwitch to control high-performance hardware switches as well as
70 software switches, although hardware is inherently less flexible than
73 Open vSwitch runs on top of a wide variety of hardware, operating
74 systems, and hypervisors, and it has been integrated with multiple
75 cloud management systems. Please refer to other Open vSwitch and
76 vendor documentation for details.
85 This section describes the components of Open vSwitch at a high-level
86 and how they interact with each other and with components not part of
89 The most important component of Open vSwitch is the virtual switch
90 daemon, @program{ovs-vswitchd}. This daemon implements Open vSwitch
91 core switching and programmability functions. In a software switch,
92 this daemon is a ``soft real-time'' component that handles the first
93 packet of each new flow that enters the network. In a hardware
94 switch, it instead configures the hardware's packet processing
97 The virtual switch daemon has two important external interfaces. The
98 first of these speaks a protocol called OVSDB to the second major Open
99 vSwitch daemon, the @program{ovsdb-server} database server. This
100 daemon's configuration database tracks typically slowly changing
101 management plane state, such as the set of configured switches and
102 their ports. The database server can also talk to controllers on
103 remote servers over the same OVSDB protocol.
105 @program{ovs-vswitchd}'s other major external interface is the control
106 plane interface. This interface allows controllers on remote servers
107 to directly control the treatment of packets that arrive on the
108 switches configured in the database. Control can be reactive, with
109 the controller deciding what should be done for each new flow as it
110 arrives at the switch, or proactive, with the controller specifying in
111 advance the treatment of every packet that might happen to arrive, or
112 some combination. Open vSwitch uses the OpenFlow protocol for this
113 control plane interface.
115 Open vSwitch also includes a number of utility programs.
116 @program{ovs-vsctl} is an interactive command-line interface to
117 @program{ovsdb-server} for configuring and querying Open vSwitch
118 configuration. It is also used heavily in shell scripts that
119 integrate Open vSwitch with hypervisor and cloud management systems.
121 @program{ovs-ofctl} is a command-line tool that speaks the OpenFlow
122 protocol. Unlike @program{ovs-vsctl}, which is often used in
123 production, it is most useful for troubleshooting and prototyping. We
124 will often use it in examples in this book.
126 @program{ovs-appctl} is a command-line tool to send commands to
127 @program{ovs-vswitchd} and @program{ovsdb-server}. It is occasionally
128 useful for special purposes, especially in testing and debugging.
142 * Introduction to OpenFlow.
143 * Packet processing pipeline.
144 ** The ``normal'' action's pipeline.
147 ** Ports and interfaces.
149 *** How to use through OpenFlow, and limitations.
150 *** Future directions.
151 *** How to emulate with OpenFlow?
153 *** Interaction with OpenFlow.
155 *** Reading and flushing the MAC learning table.
156 *** Preventing MAC learning.
157 *** Interaction with bonding.
160 *** Limitations with OpenFlow.
161 *** How to emulate with OpenFlow (avoiding duplicates).
163 *** Limitations for nonstandard setups.
170 * Control plane programming techniques.
176 * Proactive control plane programming.
178 *** Firewall with ingress and egress rules.
179 **** Handling IP fragments.
181 *** A MAC-learning switch.
182 **** Reading and flushing the MAC learning table.
183 **** Monitoring changes to the MAC learning table.
184 *** Stateful firewall.
185 ** VXLAN control plane.
191 * Reactive control plane programming?
192 ** In-band control as example?
201 *** Tables with a single type of flow (see learning).
202 ** Minimizing types of flows.
203 ** Minimizing lookups.
204 ** Minimizing flow table changes.
205 *** Avoiding timeouts.
projects / openvswitch / blob