]>
Commit | Line | Data |
---|---|---|
e2218eee JP |
1 | Post-v2.7.0 |
2 | --------------------- | |
3 | - Tunnels: | |
4 | * Added support to set packet mark for tunnel endpoint using | |
5 | `egress_pkt_mark` OVSDB option. | |
4c30b246 CL |
6 | - EMC insertion probability is reduced to 1% and is configurable via |
7 | the new 'other_config:emc-insert-inv-prob' option. | |
e2218eee JP |
8 | |
9 | v2.7.0 - xx xxx xxxx | |
92690eae | 10 | --------------------- |
e18a1d08 ER |
11 | - Utilities and daemons that support SSL now allow protocols and |
12 | ciphers to be configured with --ssl-protocols and --ssl-ciphers. | |
a6095f81 BS |
13 | - OVN: |
14 | * QoS is now implemented via egress shaping rather than ingress policing. | |
1a03fc7d | 15 | * DSCP marking is now supported, via the new northbound QoS table. |
6374d518 | 16 | * IPAM now supports fixed MAC addresses. |
440a9f4b | 17 | * Support for source IP address based routing. |
d444a914 BP |
18 | * ovn-trace: |
19 | - New --ovs option to also print OpenFlow flows. | |
20 | - put_dhcp_opts and put_dhcp_optsv6 actions may now be traced. | |
821302cf | 21 | * Support for managing SSL and remote connection configuration in |
10471820 | 22 | northbound and southbound databases. |
84d0ca5d LR |
23 | * TCP connections to northbound and southbound databases are no |
24 | longer enabled by default and must be explicitly configured. | |
25 | See documentation for ovn-sbctl/ovn-nbctl "set-connection" | |
26 | command or the ovn-ctl "--db-sb-create-insecure-remote" and | |
27 | "--db-nb-create-insecure-remote" command-line options for | |
28 | information regarding remote connection configuration. | |
714651c7 JP |
29 | * New appctl "inject-pkt" command in ovn-controller that allows |
30 | packets to be injected into the connected OVS instance. | |
878b54d7 MS |
31 | * Distributed logical routers may now be connected directly to |
32 | logical switches with localnet ports, by specifying a | |
33 | "redirect-chassis" on the distributed gateway port of the | |
34 | logical router. NAT rules may be specified directly on the | |
35 | distributed logical router, and are handled either centrally on | |
36 | the "redirect-chassis", or in many cases are handled locally on | |
37 | the hypervisor where the corresponding logical port resides. | |
38 | Gratuitous ARP for NAT addresses on a distributed logical | |
39 | router is not yet supported, but will be added in a future | |
40 | version. | |
a027899e JR |
41 | - Fixed regression in table stats maintenance introduced in OVS |
42 | 2.3.0, wherein the number of OpenFlow table hits and misses was | |
43 | not accurate. | |
51bb26fa | 44 | - OpenFlow: |
6dd3c787 | 45 | * OFPT_PACKET_OUT messages are now supported in bundles. |
53cc166a JR |
46 | * A new "selection_method=dp_hash" type for OpenFlow select group |
47 | bucket selection that uses the datapath computed 5-tuple hash | |
48 | without making datapath flows match the 5-tuple fields, which | |
49 | is useful for more efficient load balancing, for example. This | |
50 | uses the Netronome extension to OpenFlow 1.5+ that allows | |
51 | control over the OpenFlow select groups selection method. See | |
52 | "selection_method" and related options in ovs-ofctl(8) for | |
53 | details. | |
4930ea56 | 54 | * The "sample" action now supports "ingress" and "egress" options. |
40c7b2fc | 55 | * The "ct" action now supports the TFTP ALG where support is available. |
72fe7578 | 56 | * New actions "clone" and "ct_clear". |
6dd3c787 JR |
57 | - ovs-ofctl: |
58 | * 'bundle' command now supports packet-out messages. | |
59 | * New syntax for 'ovs-ofctl packet-out' command, which uses the | |
60 | same string parser as the 'bundle' command. The old 'packet-out' | |
61 | syntax is deprecated and will be removed in a later OVS | |
62 | release. | |
63 | * New unixctl "ofctl/packet-out" command, which can be used to | |
64 | instruct a flow monitor to issue OpenFlow packet-out messages. | |
9c1a1182 LR |
65 | - ovsdb-server: |
66 | * Remote connections can now be made read-only (see ovsdb-server(1)). | |
8d8ab6c2 JG |
67 | - Tunnels: |
68 | * TLV mappings for protocols such as Geneve are now segregated on | |
69 | a per-OpenFlow bridge basis rather than globally. (The interface | |
70 | has not changed.) | |
2b02d770 | 71 | * Removed support for IPsec tunnels. |
08484bae CL |
72 | - DPDK: |
73 | * New option 'n_rxq_desc' and 'n_txq_desc' fields for DPDK interfaces | |
74 | which set the number of rx and tx descriptors to use for the given port. | |
04de404e | 75 | * Support for DPDK v16.11. |
1a2bb118 | 76 | * Support for rx checksum offload. Refer DPDK HOWTO for details. |
b8374d0d | 77 | * Port Hotplug is now supported. |
55e075e6 CL |
78 | * DPDK physical ports can now have arbitrary names. The PCI address of |
79 | the device must be set using the 'dpdk-devargs' option. Compatibility | |
80 | with the old dpdk<portid> naming scheme is broken, and as such a | |
81 | device will not be available for use until a valid dpdk-devargs is | |
82 | specified. | |
69876ed7 | 83 | * Virtual DPDK Poll Mode Driver (vdev PMD) support. |
602e24ee | 84 | * Removed experimental tag. |
5771f476 FL |
85 | - Fedora packaging: |
86 | * A package upgrade does not automatically restart OVS service. | |
58d636ee BK |
87 | - ovs-vswitchd/ovs-vsctl: |
88 | * Ports now have a "protected" flag. Protected ports can not forward | |
89 | frames to other protected ports. Unprotected ports can receive and | |
90 | forward frames to protected and other unprotected ports. | |
1ab39058 LR |
91 | - ovs-vsctl, ovn-nbctl, ovn-sbctl, vtep-ctl: |
92 | * Database commands now accept integer ranges, e.g. "set port | |
93 | eth0 trunks=1-10" to enable trunking VLANs 1 to 10. | |
92690eae | 94 | |
62f0430e | 95 | v2.6.0 - 27 Sep 2016 |
ca32170a | 96 | --------------------- |
e921fc3f JP |
97 | - First supported release of OVN. See ovn-architecture(7) for more |
98 | details. | |
92f8d65b | 99 | - ovsdb-server: |
c383f3bf LS |
100 | * New "monitor_cond" "monitor_cond_update" and "update2" extensions to |
101 | RFC 7047. | |
56085be5 | 102 | - OpenFlow: |
8225b3b7 JR |
103 | * OpenFlow 1.3+ bundles now expire after 10 seconds since the |
104 | last time the bundle was either opened, modified, or closed. | |
fe996936 JR |
105 | * OpenFlow 1.3 Extension 230, adding OpenFlow Bundles support, is |
106 | now implemented. | |
25070e04 JR |
107 | * OpenFlow 1.3+ bundles are now supported for group mods as well as |
108 | flow mods and port mods. Both 'atomic' and 'ordered' bundle | |
109 | flags are supported for group mods as well as flow mods. | |
5fc0ad0a JR |
110 | * Internal OpenFlow rule representation for load and set-field |
111 | actions is now much more memory efficient. For a complex flow | |
112 | table this can reduce rule memory consumption by 40%. | |
113 | * Bundles are now much more memory efficient than in OVS 2.5. | |
114 | Together with memory efficiency improvements in OpenFlow rule | |
115 | representation, the peak OVS resident memory use during a | |
116 | bundle commit for large complex set of flow mods can be only | |
117 | 25% of that in OVS 2.5 (4x lower). | |
56085be5 | 118 | * OpenFlow 1.1+ OFPT_QUEUE_GET_CONFIG_REQUEST now supports OFPP_ANY. |
e016fb63 | 119 | * OpenFlow 1.4+ OFPMP_QUEUE_DESC is now supported. |
6c6eedc5 | 120 | * OpenFlow 1.4+ OFPT_TABLE_STATUS is now supported. |
bdcad671 | 121 | * New property-based packet-in message format NXT_PACKET_IN2 with support |
77ab5fd2 BP |
122 | for arbitrary user-provided data and for serializing flow table |
123 | traversal into a continuation for later resumption. | |
124 | * New extension message NXT_SET_ASYNC_CONFIG2 to allow OpenFlow 1.4-like | |
125 | control over asynchronous messages in earlier versions of OpenFlow. | |
bef3f465 | 126 | * New OpenFlow extension NXM_NX_MPLS_TTL to provide access to MPLS TTL. |
aaca4fe0 WT |
127 | * New output option, output(port=N,max_len=M), to allow truncating a |
128 | packet to size M bytes when outputting to port N. | |
88b87a36 JS |
129 | * New command OFPGC_ADD_OR_MOD for OFPT_GROUP_MOD message that adds a |
130 | new group or modifies an existing groups | |
54b78c95 JR |
131 | * The optional OpenFlow packet buffering feature is deprecated in |
132 | this release, and will be removed in the next OVS release | |
133 | (2.7). After the change OVS always sends the 'buffer_id' as | |
134 | 0xffffffff in packet-in messages and will send an error | |
135 | response if any other value of this field is included in | |
136 | packet-out and flow mod sent by a controller. Controllers are | |
137 | already expected to work properly in cases where the switch can | |
138 | not buffer packets, so this change should not affect existing | |
139 | users. | |
2a7c4805 | 140 | * New OpenFlow extension NXT_CT_FLUSH_ZONE to flush conntrack zones. |
4b684612 | 141 | - Improved OpenFlow version compatibility for actions: |
88c8ca26 | 142 | * New OpenFlow extension to support the "group" action in OpenFlow 1.0. |
0f2aaee9 | 143 | * OpenFlow 1.0 "enqueue" action now properly translated to OpenFlow 1.1+. |
56a91749 BP |
144 | * OpenFlow 1.1 "mod_nw_ecn" and OpenFlow 1.1+ "mod_nw_ttl" actions now |
145 | properly translated to OpenFlow 1.0. | |
e016fb63 BP |
146 | - ovs-ofctl: |
147 | * queue-get-config command now allows a queue ID to be specified. | |
25070e04 JR |
148 | * '--bundle' option can now be used with OpenFlow 1.3 and with group mods. |
149 | * New "bundle" command allows executing a mixture of flow and group mods | |
150 | as a single atomic transaction. | |
8743fa8c | 151 | * New option "--color" to produce colorized output for some commands. |
88b87a36 | 152 | * New option '--may-create' to use OFPGC_ADD_OR_MOD in mod-group command. |
c97320eb WZ |
153 | - IPFIX: |
154 | * New "sampling_port" option for "sample" action to allow sampling | |
155 | ingress and egress tunnel metadata with IPFIX. | |
156 | * New ovs-ofctl commands "dump-ipfix-bridge" and "dump-ipfix-flow" to | |
157 | dump bridge IPFIX statistics and flow based IPFIX statistics. | |
158 | * New setting other-config:virtual_obs_id to add an arbitrary string | |
159 | to IPFIX records. | |
6cf888b8 | 160 | - Linux: |
fe996936 JR |
161 | * OVS Linux datapath now implements Conntrack NAT action with all |
162 | supported Linux kernels. | |
163 | * Support for truncate action. | |
6cf888b8 BS |
164 | * New QoS type "linux-noop" that prevents Open vSwitch from trying to |
165 | manage QoS for a given port (useful when other software manages QoS). | |
a14b8947 IM |
166 | - DPDK: |
167 | * New option "n_rxq" for PMD interfaces. | |
168 | Old 'other_config:n-dpdk-rxqs' is no longer supported. | |
81acebda IM |
169 | Not supported by vHost interfaces. For them number of rx and tx queues |
170 | is applied from connected virtio device. | |
3eb67853 IM |
171 | * New 'other_config:pmd-rxq-affinity' field for PMD interfaces, that |
172 | allows to pin port's rx queues to desired cores. | |
ce179f11 IM |
173 | * New appctl command 'dpif-netdev/pmd-rxq-show' to check the port/rxq |
174 | assignment. | |
175 | * Type of log messages from PMD threads changed from INFO to DBG. | |
0bf765f7 | 176 | * QoS functionality with sample egress-policer implementation. |
bab69409 AC |
177 | * The mechanism for configuring DPDK has changed to use database |
178 | * Sensible defaults have been introduced for many of the required | |
179 | configuration options | |
180 | * DB entries have been added for many of the DPDK EAL command line | |
eac84432 AC |
181 | arguments. Additional arguments can be passed via the dpdk-extra |
182 | entry. | |
9509913a | 183 | * Add ingress policing functionality. |
db8f13b0 CL |
184 | * PMD threads servicing vHost User ports can now come from the NUMA |
185 | node that device memory is located on if CONFIG_RTE_LIBRTE_VHOST_NUMA | |
186 | is enabled in DPDK. | |
5cf3edb3 DDP |
187 | * Basic connection tracking for the userspace datapath (no ALG, |
188 | fragmentation or NAT support yet) | |
0a0f39df | 189 | * Support for DPDK 16.07 |
4b88d678 | 190 | * Optional support for DPDK pdump enabled. |
0072e931 | 191 | * Jumbo frame support |
41987644 | 192 | * Remove dpdkvhostcuse port type. |
c1ff66ac | 193 | * OVS client mode for vHost and vHost reconnect (Requires QEMU 2.7) |
2d24d165 | 194 | * 'dpdkvhostuserclient' port type. |
847b8b02 | 195 | - Increase number of registers to 16. |
e7529141 BP |
196 | - ovs-benchmark: This utility has been removed due to lack of use and |
197 | bitrot. | |
06380128 BP |
198 | - ovs-appctl: |
199 | * New "vlog/close" command. | |
7fc28c50 AC |
200 | - ovs-ctl: |
201 | * Added the ability to selectively start the forwarding and database | |
202 | functions (ovs-vswitchd and ovsdb-server, respectively). | |
acdd0764 AZ |
203 | - ovsdb-server: |
204 | * Remove max number of sessions limit, to enable connection scaling | |
205 | testing. | |
99c8be3e RB |
206 | - python: |
207 | * Added support for Python 3.4+ in addition to existing support | |
208 | for 2.7+. | |
9b897c91 AA |
209 | - SELinux: |
210 | * Introduced SELinux policy package. | |
8063e095 PS |
211 | - Datapath Linux kernel compatibility. |
212 | * Dropped support for kernel older than 3.10. | |
42deb67d | 213 | * Removed VLAN splinters feature. |
c3cbb286 | 214 | * Datapath supports kernel upto 4.7. |
80c4589a PS |
215 | - Tunnels: |
216 | * Flow based tunnel match and action can be used for IPv6 address using | |
217 | tun_ipv6_src, tun_ipv6_dst fields. | |
8a2d4905 | 218 | * Added support for IPv6 tunnels, for details checkout FAQ. |
9e9d0384 | 219 | * Deprecated support for IPsec tunnels ports. |
314ce647 AC |
220 | - A wrapper script, 'ovs-tcpdump', to easily port-mirror an OVS port and |
221 | watch with tcpdump | |
81d2f75c AA |
222 | - Introduce --no-self-confinement flag that allows daemons to work with |
223 | sockets outside their run directory. | |
29dd784d BP |
224 | - ovs-pki: Changed message digest algorithm from SHA-1 to SHA-512 because |
225 | SHA-1 is no longer secure and some operating systems have started to | |
226 | disable it in OpenSSL. | |
56abcf49 | 227 | - Add 'mtu_request' column to the Interface table. It can be used to |
3a414a0a | 228 | configure the MTU of the ports. |
29dd784d | 229 | |
c0fa821f JS |
230 | Known issues: |
231 | - Using openvswitch module in conjunction with upstream Linux tunnels: | |
232 | * When using the openvswitch module distributed with OVS against kernel | |
233 | versions 4.4 to 4.6, the openvswitch module cannot be loaded or used at | |
234 | the same time as "ip_gre". | |
235 | - Conntrack FTP ALGs: When using the openvswitch module distributed with | |
236 | OVS, particular Linux distribution kernels versions may provide diminished | |
237 | functionality. This typically affects active FTP data connections when | |
238 | using "actions=ct(alg=ftp),..." in flow tables. Specifically: | |
239 | * Centos 7.1 kernels (3.10.0-2xx) kernels are unable to correctly set | |
240 | up expectations for FTP data connections in multiple zones, | |
241 | eg "actions=ct(zone=1,alg=ftp),ct(zone=2,alg=ftp),...". Executing the | |
242 | "ct" action for subsequent data connections may fail to determine that | |
243 | the data connection is "related" to an existing connection. | |
244 | * Centos 7.2 kernels (3.10.0-3xx) kernels may not establish FTP ALG state | |
245 | correctly for NATed connections. As a result, flows that perform NAT, | |
246 | eg "actions=ct(nat,ftp=alg,table=1),..." may fail to NAT the packet, | |
247 | and will populate the "ct_state=inv" bit in the flow. | |
248 | ||
ca32170a | 249 | |
1c0383a9 | 250 | v2.5.0 - 26 Feb 2016 |
c4c7e593 | 251 | --------------------- |
e23812fc BP |
252 | - Dropped support for Python older than version 2.7. As a consequence, |
253 | using Open vSwitch 2.5 or later on XenServer 6.5 or earlier (which | |
254 | have Python 2.4) requires first installing Python 2.7. | |
0eb48fe1 BP |
255 | - OpenFlow: |
256 | * Group chaining (where one OpenFlow group triggers another) is | |
257 | now supported. | |
f70b94de | 258 | * OpenFlow 1.4+ "importance" is now considered for flow eviction. |
82c22d34 | 259 | * OpenFlow 1.4+ OFPTC_EVICTION is now implemented. |
de7d3c07 | 260 | * OpenFlow 1.4+ OFPTC_VACANCY_EVENTS is now implemented. |
03c72922 | 261 | * OpenFlow 1.4+ OFPMP_TABLE_DESC is now implemented. |
f6ecf944 | 262 | * Allow modifying the ICMPv4/ICMPv6 type and code fields. |
c61f4bc1 BP |
263 | * OpenFlow 1.4+ OFPT_SET_ASYNC_CONFIG and OFPT_GET_ASYNC_CONFIG are |
264 | now implemented. | |
6d5d1f3b BP |
265 | - ovs-ofctl: |
266 | * New "out_group" keyword for OpenFlow 1.1+ matching on output group. | |
c61f4bc1 BP |
267 | - Tunnels: |
268 | * Geneve tunnels can now match and set options and the OAM bit. | |
269 | * The nonstandard GRE64 tunnel extension has been dropped. | |
06994f87 | 270 | - Support Multicast Listener Discovery (MLDv1 and MLDv2). |
4249b547 | 271 | - Add 'symmetric_l3l4' and 'symmetric_l3l4+udp' hash functions. |
7321bda3 | 272 | - sFlow agent now reports tunnel and MPLS structures. |
548f9fe7 DDP |
273 | - New 'check-system-userspace', 'check-kmod' and 'check-kernel' Makefile |
274 | targets to run a new system testsuite. These tests can be run inside | |
275 | a Vagrant box. See INSTALL.md for details | |
195360dc AA |
276 | - Mark --syslog-target argument as deprecated. It will be removed in |
277 | the next OVS release. | |
e91b927d | 278 | - Added --user option to all daemons |
07659514 | 279 | - Add support for connection tracking through the new "ct" action |
9daf2348 JS |
280 | and "ct_state"/"ct_zone"/"ct_mark"/"ct_label" match fields. Only |
281 | available on Linux kernels with the connection tracking module loaded. | |
a2e61be6 RB |
282 | - Add experimental version of OVN. OVN, the Open Virtual Network, is a |
283 | system to support virtual network abstraction. OVN complements the | |
284 | existing capabilities of OVS to add native support for virtual network | |
285 | abstractions, such as virtual L2 and L3 overlays and security groups. | |
f6bf8880 PM |
286 | - RHEL packaging: |
287 | * DPDK ports may now be created via network scripts (see README.RHEL). | |
4573fbd3 FL |
288 | - DPDK: |
289 | * Requires DPDK 2.2 | |
290 | * Added multiqueue support to vhost-user | |
db6e1383 | 291 | * Note: QEMU 2.5+ required for multiqueue support |
c4c7e593 | 292 | |
2fac5fed | 293 | v2.4.0 - 20 Aug 2015 |
2c7ea589 | 294 | --------------------- |
39c94593 JR |
295 | - Flow table modifications are now atomic, meaning that each packet |
296 | now sees a coherent version of the OpenFlow pipeline. For | |
297 | example, if a controller removes all flows with a single OpenFlow | |
298 | "flow_mod", no packet sees an intermediate version of the OpenFlow | |
299 | pipeline where only some of the flows have been deleted. | |
db5076ee | 300 | - Added support for SFQ, FQ_CoDel and CoDel qdiscs. |
557570fa AW |
301 | - Add bash command-line completion support for ovs-vsctl Please check |
302 | utilities/ovs-command-compgen.INSTALL.md for how to use. | |
9d078ec2 BP |
303 | - The MAC learning feature now includes per-port fairness to mitigate |
304 | MAC flooding attacks. | |
18080541 BP |
305 | - New support for a "conjunctive match" OpenFlow extension, which |
306 | allows constructing OpenFlow matches of the form "field1 in | |
307 | {a,b,c...} AND field2 in {d,e,f...}" and generalizations. For details, | |
cc23805c | 308 | see documentation for the "conjunction" action in ovs-ofctl(8). |
423ede18 AW |
309 | - Add bash command-line completion support for ovs-appctl/ovs-dpctl/ |
310 | ovs-ofctl/ovsdb-tool commands. Please check | |
311 | utilities/ovs-command-compgen.INSTALL.md for how to use. | |
35f48b8b BP |
312 | - The "learn" action supports a new flag "delete_learned" that causes |
313 | the learned flows to be deleted when the flow with the "learn" action | |
314 | is deleted. | |
c1fc1411 JG |
315 | - Basic support for the Geneve tunneling protocol. It is not yet |
316 | possible to generate or match options. This is planned for a future | |
317 | release. The protocol is documented at | |
318 | http://tools.ietf.org/html/draft-gross-geneve-00 | |
a413195e | 319 | - The OVS database now reports controller rate limiting statistics. |
50b9699f | 320 | - sflow now exports information about LACP-based bonds, port names, and |
3d2912f2 | 321 | OpenFlow port numbers, as well as datapath performance counters. |
fceef209 DDP |
322 | - ovs-dpctl functionality is now available for datapaths integrated |
323 | into ovs-vswitchd, via ovs-appctl. Some existing ovs-appctl | |
324 | commands are now redundant and will be removed in a future | |
325 | release. See ovs-vswitchd(8) for details. | |
79fe0f46 | 326 | - OpenFlow: |
1c38055d JR |
327 | * OpenFlow 1.4 bundles are now supported for flow mods and port |
328 | mods. For flow mods, both 'atomic' and 'ordered' bundle flags | |
329 | are trivially supported, as all bundled messages are executed | |
330 | in the order they were added and all flow table modifications | |
331 | are now atomic to the datapath. Port mods may not appear in | |
332 | atomic bundles, as port status modifications are not atomic. | |
e60e935b | 333 | * IPv6 flow label and neighbor discovery fields are now modifiable. |
d3cb080e BP |
334 | * OpenFlow 1.5 extended registers are now supported. |
335 | * The OpenFlow 1.5 actset_output field is now supported. | |
336 | * OpenFlow 1.5 Copy-Field action is now supported. | |
337 | * OpenFlow 1.5 masked Set-Field action is now supported. | |
3c4e10fb | 338 | * OpenFlow 1.3+ table features requests are now supported (read-only). |
1b0ee636 | 339 | * Nicira extension "move" actions may now be included in action sets. |
2e34a6a3 SS |
340 | * "resubmit" actions may now be included in action sets. The resubmit |
341 | is executed last, and only if the action set has no "output" or "group" | |
342 | action. | |
ca26eb44 | 343 | * OpenFlow 1.4+ flow "importance" is now maintained in the flow table. |
0c4b9393 SH |
344 | * A new Netronome extension to OpenFlow 1.5+ allows control over the |
345 | fields hashed for OpenFlow select groups. See "selection_method" and | |
346 | related options in ovs-ofctl(8) for details. | |
db5076ee JR |
347 | - ovs-ofctl has a new '--bundle' option that makes the flow mod commands |
348 | ('add-flow', 'add-flows', 'mod-flows', 'del-flows', and 'replace-flows') | |
349 | use an OpenFlow 1.4 bundle to operate the modifications as a single | |
39c94593 JR |
350 | atomic transaction. If any of the flow mods in a transaction fail, none |
351 | of them are executed. All flow mods in a bundle appear to datapath | |
352 | lookups simultaneously. | |
db5076ee JR |
353 | - ovs-ofctl 'add-flow' and 'add-flows' commands now accept arbitrary flow |
354 | mods as an input by allowing the flow specification to start with an | |
355 | explicit 'add', 'modify', 'modify_strict', 'delete', or 'delete_strict' | |
356 | keyword. A missing keyword is treated as 'add', so this is fully | |
357 | backwards compatible. With the new '--bundle' option all the flow mods | |
39c94593 | 358 | are executed as a single atomic transaction using an OpenFlow 1.4 bundle. |
4a1f9610 | 359 | - ovs-pki: Changed message digest algorithm from MD5 to SHA-1 because |
9ff33ca7 BP |
360 | MD5 is no longer secure and some operating systems have started to disable |
361 | it in OpenSSL. | |
09e25603 TW |
362 | - ovsdb-server: New OVSDB protocol extension allows inequality tests on |
363 | "optional scalar" columns. See ovsdb-server(1) for details. | |
ff495b63 BP |
364 | - ovs-vsctl now permits immutable columns in a new row to be modified in |
365 | the same transaction that creates the row. | |
0bc1b46a BP |
366 | - test-controller has been renamed ovs-testcontroller at request of users |
367 | who find it useful for testing basic OpenFlow setups. It is still not | |
368 | a necessary or desirable part of most Open vSwitch deployments. | |
cccf7e9d | 369 | - Support for travis-ci.org based continuous integration builds has been |
542cc9bb | 370 | added. Build failures are reported to build@openvswitch.org. See INSTALL.md |
cccf7e9d | 371 | file for additional details. |
bbda3a2f DV |
372 | - Support for the Rapid Spanning Tree Protocol (IEEE 802.1D-2004). |
373 | The implementation has been tested successfully against the Ixia Automated | |
374 | Network Validation Library (ANVL). | |
2f9dd77f | 375 | - Stats are no longer updated on fake bond interface. |
3e5aeeb5 | 376 | - Keep active bond slave selection across OVS restart. |
ec8f0f0c | 377 | - A simple wrapper script, 'ovs-docker', to integrate OVS with Docker |
62dbc5bd GS |
378 | containers. If and when there is a native integration of Open vSwitch |
379 | with Docker, the wrapper script will be retired. | |
e5a1caee JG |
380 | - Added support for DPDK Tunneling. VXLAN, GRE, and Geneve are supported |
381 | protocols. This is generic tunneling mechanism for userspace datapath. | |
e3102e42 | 382 | - Support for multicast snooping (IGMPv1, IGMPv2 and IGMPv3) |
3afcde43 | 383 | - Support for Linux kernels up to 4.0.x |
d5460484 GS |
384 | - The documentation now use the term 'destination' to mean one of syslog, |
385 | console or file for vlog logging instead of the previously used term | |
386 | 'facility'. | |
ac6073e3 | 387 | - Support for VXLAN Group Policy extension |
99eef98b DF |
388 | - Initial support for the IETF Auto-Attach SPBM draft standard. This |
389 | contains rudimentary support for the LLDP protocol as needed for | |
390 | Auto-Attach. | |
d4763d1d JP |
391 | - The default OpenFlow and OVSDB ports are now the IANA-assigned |
392 | numbers. OpenFlow is 6653 and OVSDB is 6640. | |
58397e6c | 393 | - Support for DPDK vHost. |
4752cc0c | 394 | - Support for outer UDP checksums in Geneve and VXLAN. |
d0d986a5 TG |
395 | - The kernel vports with dependencies are no longer part of the overall |
396 | openvswitch.ko but built and loaded automatically as individual kernel | |
397 | modules (vport-*.ko). | |
4237026e | 398 | - Support for STT tunneling. |
6901639b BP |
399 | - ovs-sim: New developer tool for simulating multiple OVS instances. |
400 | See ovs-sim(1) for more information. | |
fe089c0d AA |
401 | - Support to configure method (--syslog-method argument) that determines |
402 | how daemons will talk with syslog. | |
532e1463 AA |
403 | - Support for "ovs-appctl vlog/list-pattern" command that lets to query |
404 | logging message format for each destination. | |
2c7ea589 JP |
405 | |
406 | ||
e13440fc | 407 | v2.3.0 - 14 Aug 2014 |
c5cf1059 | 408 | --------------------- |
6dc53744 BP |
409 | - OpenFlow 1.1, 1.2, and 1.3 are now enabled by default in |
410 | ovs-vswitchd. | |
69d6040e JR |
411 | - Linux kernel datapath now has an exact match cache optimizing the |
412 | flow matching process. | |
413 | - Datapath flows now have partially wildcarded tranport port field | |
414 | matches. This reduces userspace upcalls, but increases the | |
415 | number of different masks in the datapath. The kernel datapath | |
416 | exact match cache removes the overhead of matching the incoming | |
417 | packets with the larger number of masks, but when paired with an | |
418 | older kernel module, some workloads may perform worse with the | |
419 | new userspace. | |
0877a018 | 420 | - Compatibility with autoconf 2.63 (previously >=2.64) |
c5cf1059 | 421 | |
012c3a52 | 422 | v2.2.0 - Internal Release |
bff46ebb | 423 | --------------------- |
1839c356 FL |
424 | - Internal ports are no longer brought up by default, because it |
425 | should be an administrator task to bring up devices as they are | |
426 | configured properly. | |
c3ccfe98 AZ |
427 | - ovs-vsctl now reports when ovs-vswitchd fails to create a new port or |
428 | bridge. | |
9500f505 TG |
429 | - Port creation and configuration errors are now stored in a new error |
430 | column of the Interface table and included in 'ovs-vsctl show'. | |
7868fbc6 BP |
431 | - The "ovsdbmonitor" graphical tool has been removed, because it was |
432 | poorly maintained and not widely used. | |
e3c7ed29 | 433 | - New "check-ryu" Makefile target for running Ryu tests for OpenFlow |
542cc9bb | 434 | controllers against Open vSwitch. See INSTALL.md for details. |
f51e8ccb | 435 | - Added IPFIX support for SCTP flows and templates for ICMPv4/v6 flows. |
0b114fa0 GS |
436 | - Upon the receipt of a SIGHUP signal, ovs-vswitchd no longer reopens its |
437 | log file (it will terminate instead). Please use 'ovs-appctl vlog/reopen' | |
438 | instead. | |
e2f3178f | 439 | - Support for Linux kernels up to 3.14. From Kernel 3.12 onwards OVS uses |
cb25142c | 440 | tunnel API for GRE and VXLAN. |
8a9562d2 | 441 | - Added DPDK support. |
a5ed8fe3 | 442 | - Added support for custom vlog patterns in Python |
f51e8ccb | 443 | |
bff46ebb | 444 | |
a3aabcd2 | 445 | v2.1.0 - 19 Mar 2014 |
b366c1f4 | 446 | --------------------- |
13751fd8 JR |
447 | - Address prefix tracking support for flow tables. New columns |
448 | "prefixes" in OVS-DB table "Flow_Table" controls which packet | |
449 | header fields are used for address prefix tracking. Prefix | |
450 | tracking allows the classifier to skip rules with longer than | |
451 | necessary prefixes, resulting in better wildcarding for datapath | |
452 | flows. Default configuration is to not use any fields for prefix | |
453 | tracking. However, if any flow tables contain both exact matches | |
454 | and masked matches for IP address fields, OVS performance may be | |
455 | increased by using this feature. | |
456 | * As of now, the fields for which prefix lookup can be enabled | |
457 | are: 'tun_id', 'tun_src', 'tun_dst', 'nw_src', 'nw_dst' (or | |
458 | aliases 'ip_src' and 'ip_dst'), 'ipv6_src', and 'ipv6_dst'. | |
459 | (Using this feature for 'tun_id' would only make sense if the | |
460 | tunnel IDs have prefix structure similar to IP addresses.) | |
461 | * There is a maximum number of fields that can be enabled for any | |
462 | one flow table. Currently this limit is 3. | |
463 | * Examples: | |
464 | $ ovs-vsctl set Bridge br0 flow_tables:0=@N1 -- \ | |
465 | --id=@N1 create Flow_Table name=table0 | |
466 | $ ovs-vsctl set Bridge br0 flow_tables:1=@N1 -- \ | |
467 | --id=@N1 create Flow_Table name=table1 | |
468 | $ ovs-vsctl set Flow_Table table0 prefixes=ip_dst,ip_src | |
469 | $ ovs-vsctl set Flow_Table table1 prefixes=[] | |
bcb8bde4 JR |
470 | - TCP flags matching: OVS now supports matching of TCP flags. This |
471 | has an adverse performance impact when using OVS userspace 1.10 | |
472 | or older (no megaflows support) together with the new OVS kernel | |
473 | module. It is recommended that the kernel and userspace modules | |
474 | both are upgraded at the same time. | |
36359150 JP |
475 | - The default OpenFlow and OVSDB ports will change to |
476 | IANA-assigned numbers in a future release. Consider updating | |
477 | your installations to specify port numbers instead of using the | |
478 | defaults. | |
7fdb60a7 SH |
479 | - OpenFlow: |
480 | * The OpenFlow 1.1+ "Write-Actions" instruction is now supported. | |
484c8355 BP |
481 | * OVS limits the OpenFlow port numbers it assigns to port 32767 and |
482 | below, leaving port numbers above that range free for assignment | |
483 | by the controller. | |
4abb8608 BP |
484 | * ovs-vswitchd now honors changes to the "ofport_request" column |
485 | in the Interface table by changing the port's OpenFlow port | |
486 | number. | |
5dc6f8e1 | 487 | * The Open vSwitch software switch now supports OpenFlow groups. |
a5ae88ff AA |
488 | - ovs-vswitchd.conf.db.5 man page will contain graphviz/dot |
489 | diagram only if graphviz package was installed at the build time. | |
54af97ad | 490 | - Support for Linux kernels up to 3.11 |
847108dc AZ |
491 | - ovs-dpctl: |
492 | The "show" command also displays mega flow mask stats. | |
60e46251 BP |
493 | - ovs-ofctl: |
494 | * New command "ofp-parse-pcap" to dump OpenFlow from PCAP files. | |
1d5aaa61 BP |
495 | - ovs-controller has been renamed test-controller. It is no longer |
496 | packaged or installed by default, because too many users assumed | |
497 | incorrectly that ovs-controller was a necessary or desirable part | |
498 | of an Open vSwitch deployment. | |
afc9f547 | 499 | - Added vlog option to export to a UDP syslog sink. |
4227b221 BP |
500 | - ovsdb-client: |
501 | * The "monitor" command can now monitor all tables in a database, | |
502 | instead of being limited to a single table. | |
e79a6c83 EJ |
503 | - The flow-eviction-threshold has been replaced by the flow-limit which is a |
504 | hard limit on the number of flows in the datapath. It defaults to 200,000 | |
505 | flows. OVS automatically adjusts this number depending on network | |
506 | conditions. | |
e731d71b | 507 | - Added IPv6 support for active and passive socket communications. |
b366c1f4 JP |
508 | |
509 | ||
2fdb1879 | 510 | v2.0.0 - 15 Oct 2013 |
9f31efc7 | 511 | --------------------- |
d27705ea JP |
512 | - The ovs-vswitchd process is no longer single-threaded. Multiple |
513 | threads are now used to handle flow set up and asynchronous | |
514 | logging. | |
0ad90c84 | 515 | - OpenFlow: |
75fa58f8 BP |
516 | * Experimental support for OpenFlow 1.1 (in addition to 1.2 and |
517 | 1.3, which had experimental support in 1.10). | |
7395c052 NZ |
518 | * Experimental protocol support for OpenFlow 1.1+ groups. This |
519 | does not yet include an implementation in the Open vSwitch | |
520 | software switch. | |
521 | * Experimental protocol support for OpenFlow 1.2+ meters. This | |
522 | does not yet include an implementation in the Open vSwitch | |
523 | software switch. | |
0ad90c84 JR |
524 | * New support for matching outer source and destination IP address |
525 | of tunneled packets, for tunnel ports configured with the newly | |
e0eeeca5 | 526 | added "remote_ip=flow" and "local_ip=flow" options. |
ac923e91 JG |
527 | * Support for matching on metadata 'pkt_mark' for interacting with |
528 | other system components. On Linux this corresponds to the skb | |
529 | mark. | |
fe8a1798 | 530 | * Support matching, rewriting SCTP ports |
ea401d9a NM |
531 | - The Interface table in the database has a new "ifindex" column to |
532 | report the interface's OS-assigned ifindex. | |
81a114e5 BP |
533 | - New "check-oftest" Makefile target for running OFTest against Open |
534 | vSwitch. See README-OFTest for details. | |
380f49c4 | 535 | - The flow eviction threshold has been moved to the Open_vSwitch table. |
fb6de52c GS |
536 | - Database names are now mandatory when specifying ovsdb-server options |
537 | through database paths (e.g. Private key option with the database name | |
538 | should look like "--private-key=db:Open_vSwitch,SSL,private_key"). | |
fef5244f | 539 | - Added ovs-dev.py, a utility script helpful for Open vSwitch developers. |
9b764edf | 540 | - Support for Linux kernels up to 3.10 |
1ac0e975 BP |
541 | - ovs-ofctl: |
542 | * New "ofp-parse" for printing OpenFlow messages read from a file. | |
7395c052 | 543 | * New commands for OpenFlow 1.1+ groups. |
978427a5 | 544 | - Added configurable flow caching support to IPFIX exporter. |
37418c86 | 545 | - Dropped support for Linux pre-2.6.32. |
7c018033 BP |
546 | - Log file timestamps and ovsdb commit timestamps are now reported |
547 | with millisecond resolution. (Previous versions only reported | |
548 | whole seconds.) | |
9f31efc7 JP |
549 | |
550 | ||
03c8f0b7 | 551 | v1.11.0 - 28 Aug 2013 |
d224e350 | 552 | --------------------- |
d445cc16 JP |
553 | - Support for megaflows, which allows wildcarding in the kernel (and |
554 | any dpif implementation that supports wildcards). Depending on | |
555 | the flow table and switch configuration, flow set up rates are | |
556 | close to the Linux bridge. | |
eeecce05 BP |
557 | - The "tutorial" directory contains a new tutorial for some advanced |
558 | Open vSwitch features. | |
df53d41c | 559 | - Stable bond mode has been removed. |
1bda9b9e | 560 | - The autopath action has been removed. |
a6ae068b LJ |
561 | - New support for the data encapsulation format of the LISP tunnel |
562 | protocol (RFC 6830). An external control plane or manual flow | |
563 | setup is required for EID-to-RLOC mapping. | |
b676167a | 564 | - OpenFlow: |
0f3f3c3d SH |
565 | * The "dec_mpls_ttl" and "set_mpls_ttl" actions from OpenFlow |
566 | 1.1 and later are now implemented. | |
bd85dac1 AZ |
567 | * New "stack" extension for use in actions, to push and pop from |
568 | NXM fields. | |
a7b07d4c BP |
569 | * The "load" and "set_field" actions can now modify the "in_port". (This |
570 | allows one to enable output to a flow's input port by setting the | |
571 | in_port to some unused value, such as OFPP_NONE.) | |
186afbfe BP |
572 | - ovs-dpctl: |
573 | * New debugging commands "add-flow", "mod-flow", "del-flow". | |
041e7168 | 574 | * "dump-flows" now has a -m option to increase output verbosity. |
bcd2633a JP |
575 | - In dpif-based bridges, cache action translations, which can improve |
576 | flow set up performance by 80% with a complicated flow table. | |
ca03aae0 | 577 | - New syslog format, prefixed with "ovs|", to be easier to filter. |
f9ee9dcb GS |
578 | - RHEL: Removes the default firewall rule that allowed GRE traffic to |
579 | pass through. Any users that relied on this automatic firewall hole | |
580 | will have to manually configure it. The ovs-ctl(8) manpage documents | |
581 | the "enable-protocol" command that can be used as an alternative. | |
90967e95 EJ |
582 | - New CFM demand mode which uses data traffic to indicate interface |
583 | liveness. | |
d224e350 | 584 | |
b82b19e9 | 585 | v1.10.0 - 01 May 2013 |
4191f435 | 586 | --------------------- |
685e46da BP |
587 | - Bridge compatibility support has been removed. Any uses that |
588 | rely on ovs-brcompatd will have to stick with Open vSwitch 1.9.x | |
589 | or adapt to native Open vSwitch support (e.g. use ovs-vsctl instead | |
590 | of brctl). | |
c4069512 | 591 | - The maximum size of the MAC learning table is now configurable. |
989fd548 JP |
592 | - With the Linux datapath, packets for new flows are now queued |
593 | separately on a per-port basis, so it should no longer be | |
594 | possible for a large number of new flows arriving on one port to | |
595 | prevent new flows from being processed on other ports. | |
43d18dc1 BP |
596 | - ovs-vsctl: |
597 | * Previously ovs-vsctl would retry connecting to the database forever, | |
598 | causing it to hang if ovsdb-server was not running. Now, ovs-vsctl | |
599 | only tries once by default (use --retry to try forever). This change | |
600 | means that you may want to remove uses of --timeout to avoid hangs | |
601 | in ovs-vsctl calls. | |
602 | * Many "ovs-vsctl" database commands now accept an --if-exists option. | |
603 | Please refer to the ovs-vsctl manpage for details. | |
e6024057 | 604 | - OpenFlow: |
d6123831 JP |
605 | - Experimental support for newer versions of OpenFlow. See |
606 | the "What versions of OpenFlow does Open vSwitch support?" | |
607 | question in the FAQ for more details. | |
e6024057 JP |
608 | - The OpenFlow "dp_desc" may now be configured by setting the |
609 | value of other-config:dp-desc in the Bridge table. | |
610 | - It is possible to request the OpenFlow port number with the | |
611 | "ofport_request" column in the Interface table. | |
c9accf5b BP |
612 | - The NXM flow_removed message now reports the OpenFlow table ID |
613 | from which the flow was removed. | |
3c23e920 JP |
614 | - Tunneling: |
615 | - New support for the VXLAN tunnel protocol (see the IETF draft here: | |
238bc978 | 616 | http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-03). |
3c23e920 JP |
617 | - Tunneling requires the version of the kernel module paired with |
618 | Open vSwitch 1.9.0 or later. | |
619 | - Inheritance of the Don't Fragment bit in IP tunnels (df_inherit) | |
620 | is no longer supported. | |
621 | - Path MTU discovery is no longer supported. | |
ccd989e0 JG |
622 | - CAPWAP tunneling support removed. |
623 | - Tunnels with multicast destination ports are no longer supported. | |
e6024057 JP |
624 | - ovs-dpctl: |
625 | - The "dump-flows" and "del-flows" no longer require an argument | |
626 | if only one datapath exists. | |
627 | - ovs-appctl: | |
628 | - New "vlog/disable-rate-limit" and "vlog/enable-rate-limit" | |
629 | commands available allow control over logging rate limits. | |
630 | - New "dpif/dump-dps", "dpif/show", and "dpif/dump-flows" command | |
631 | that mimic the equivalent ovs-dpctl commands. | |
e6024057 JP |
632 | - The ofproto library is now responsible for assigning OpenFlow port |
633 | numbers. An ofproto implementation should assign them when | |
634 | port_construct() is called. | |
635 | - All dpif-based bridges of a particular type share a common | |
636 | datapath called "ovs-<type>", e.g. "ovs-system". The ovs-dpctl | |
637 | commands will now return information on that shared datapath. To | |
638 | get the equivalent bridge-specific information, use the new | |
639 | "ovs-appctl dpif/*" commands. | |
bedde04c GS |
640 | - Backward-incompatible changes: |
641 | - Earlier Open vSwitch versions treated ANY as a wildcard in flow | |
642 | syntax. OpenFlow 1.1 adds a port named ANY, which introduces a | |
643 | conflict. ANY was rarely used in flow syntax, so we chose to | |
644 | retire that meaning of ANY in favor of the OpenFlow 1.1 meaning. | |
3c23e920 JP |
645 | - Patch ports no longer require kernel support, so they now work |
646 | with FreeBSD and the kernel module built into Linux 3.3 and later. | |
29089a54 | 647 | - New "sample" action. |
f07ee64c | 648 | |
e5f77cc3 | 649 | |
fdfe872d JP |
650 | v1.9.0 - 26 Feb 2013 |
651 | ------------------------ | |
72e8bf28 AA |
652 | - Datapath: |
653 | - Support for ipv6 set action. | |
654 | - SKB mark matching and setting. | |
64807dfb | 655 | - support for Linux kernels up to 3.8 |
f6eb6b20 GL |
656 | - FreeBSD is now a supported platform, thanks to code contributions from |
657 | Gaetano Catalli, Ed Maste, and Giuseppe Lettieri. | |
b592e726 | 658 | - ovs-bugtool: New --ovs option to report only OVS related information. |
781dee08 BP |
659 | - New %t and %T log escapes to identify the subprogram within a |
660 | cooperating group of processes or threads that emitted a log message. | |
661 | The default log patterns now include this information. | |
32455024 | 662 | - OpenFlow: |
e878338b SH |
663 | - Allow bitwise masking for SHA and THA fields in ARP, SLL and TLL |
664 | fields in IPv6 neighbor discovery messages, and IPv6 flow label. | |
4cceacb9 | 665 | - Adds support for writing to the metadata field for a flow. |
3c23e920 JP |
666 | - Tunneling: |
667 | - The tunneling code no longer assumes input and output keys are | |
668 | symmetric. If they are not, PMTUD needs to be disabled for | |
669 | tunneling to work. Note this only applies to flow-based keys. | |
670 | - New support for a nonstandard form of GRE that supports a 64-bit key. | |
671 | - Tunnel Path MTU Discovery default value was set to 'disabled'. | |
672 | This feature is deprecated and will be removed soon. | |
673 | - Tunnel header caching removed. | |
c6100d92 BP |
674 | - ovs-ofctl: |
675 | - Commands and actions that accept port numbers now also accept keywords | |
676 | that represent those ports (such as LOCAL, NONE, and ALL). This is | |
677 | also the recommended way to specify these ports, for compatibility | |
678 | with OpenFlow 1.1 and later (which use the OpenFlow 1.0 numbers | |
679 | for these ports for different purposes). | |
2562714a | 680 | - ovs-dpctl: |
4b3b8d8f JP |
681 | - Support requesting the port number with the "port_no" option in |
682 | the "add-if" command. | |
2562714a BP |
683 | - ovs-pki: The "online PKI" features have been removed, along with |
684 | the ovs-pki-cgi program that facilitated it, because of some | |
685 | alarmist insecurity claims. We do not believe that these claims | |
686 | are true, but because we do not know of any users for this | |
687 | feature it seems better on balance to remove it. (The ovs-pki-cgi | |
688 | program was not included in distribution packaging.) | |
341c4e59 BP |
689 | - ovsdb-server now enforces the immutability of immutable columns. This |
690 | was not enforced in earlier versions due to an oversight. | |
fd38af85 BP |
691 | - The following features are now deprecated. They will be removed no |
692 | earlier than February 2013. Please email dev@openvswitch.org with | |
693 | concerns. | |
a8643e44 | 694 | - Bridge compatibility. |
fd38af85 BP |
695 | - Stable bond mode. |
696 | - The autopath action. | |
697 | - Interface type "null". | |
698 | - Numeric values for reserved ports (see "ovs-ofctl" note above). | |
85340733 | 699 | - Tunnel Path MTU Discovery. |
1280bf0e | 700 | - CAPWAP tunnel support. |
f07ee64c MM |
701 | - The data in the RARP packets can now be matched in the same way as the |
702 | data in ARP packets. | |
945cad7f | 703 | |
79f827fa | 704 | |
fdfe872d | 705 | v1.8.0 - 26 Feb 2013 |
c8d5d22c | 706 | ------------------------ |
fdfe872d | 707 | *** Internal only release *** |
c483d489 | 708 | - New FAQ. Please send updates and additions! |
f25d0cf3 BP |
709 | - Authors of controllers, please read the new section titled "Action |
710 | Reproduction" in DESIGN, which describes an Open vSwitch change in | |
711 | behavior in corner cases that may affect some controllers. | |
2d8bdd8f AA |
712 | - ovs-l3ping: |
713 | - A new test utility that can create L3 tunnel between two Open | |
714 | vSwitches and detect connectivity issues. | |
5498c01f | 715 | - ovs-ofctl: |
bdcc5925 | 716 | - New --sort and --rsort options for "dump-flows" command. |
5498c01f | 717 | - "mod-port" command can now control all OpenFlow config flags. |
c08201d6 | 718 | - OpenFlow: |
ff0b06ee BP |
719 | - Allow general bitwise masking for IPv4 and IPv6 addresses in |
720 | IPv4, IPv6, and ARP packets. (Previously, only CIDR masks | |
c08201d6 BP |
721 | were allowed.) |
722 | - Allow support for arbitrary Ethernet masks. (Previously, only | |
723 | the multicast bit in the destination address could be individually | |
724 | masked.) | |
969fc56c | 725 | - New field OXM_OF_METADATA, to align with OpenFlow 1.1. |
0414d158 BP |
726 | - The OFPST_QUEUE request now reports an error if a specified port or |
727 | queue does not exist, or for requests for a specific queue on all | |
728 | ports, if the specified queue does not exist on any port. (Previous | |
729 | versions generally reported an empty set of results.) | |
2b07c8b1 BP |
730 | - New "flow monitor" feature to allow controllers to be notified of |
731 | flow table changes as they happen. | |
c93f9a78 EJ |
732 | - Additional protocols are not mirrored and dropped when forward-bpdu is |
733 | false. For a full list, see the ovs-vswitchd.conf.db man page. | |
38f7147c EJ |
734 | - Open vSwitch now sends RARP packets in situations where it previously |
735 | sent a custom protocol, making it consistent with behavior of QEMU and | |
736 | VMware. | |
969e46a2 AS |
737 | - All Open vSwitch programs and log files now show timestamps in UTC, |
738 | instead the local timezone, by default. | |
c8d5d22c JP |
739 | |
740 | ||
3b4ab170 | 741 | v1.7.0 - 30 Jul 2012 |
dd1ba5b3 | 742 | ------------------------ |
9b80f761 CW |
743 | - kernel modules are renamed. openvswitch_mod.ko is now |
744 | openvswitch.ko and brcompat_mod.ko is now brcompat.ko. | |
e9358af6 | 745 | - Increased the number of NXM registers to 8. |
22dd5cec | 746 | - Added ability to configure DSCP setting for manager and controller |
f125905c MM |
747 | connections. By default, these connections have a DSCP value of |
748 | Internetwork Control (0xc0). | |
3967a833 MM |
749 | - Added the granular link health statistics, 'cfm_health', to an |
750 | interface. | |
47284b1f AA |
751 | - OpenFlow: |
752 | - Added support to mask nd_target for ICMPv6 neighbor discovery flows. | |
2be393ed JP |
753 | - Added support for OpenFlow 1.3 port description (OFPMP_PORT_DESC) |
754 | multipart messages. | |
755 | - ovs-ofctl: | |
756 | - Added the "dump-ports-desc" command to retrieve port | |
757 | information using the new port description multipart messages. | |
8d25d9a2 AA |
758 | - ovs-test: |
759 | - Added support for spawning ovs-test server from the client. | |
760 | - Now ovs-test is able to automatically create test bridges and ports. | |
7393104d | 761 | - "ovs-dpctl dump-flows" now prints observed TCP flags in TCP flows. |
22dd5cec | 762 | - Tripled flow setup performance. |
a5f607bc BP |
763 | - The "coverage/log" command previously available through ovs-appctl |
764 | has been replaced by "coverage/show". The new command replies with | |
765 | coverage counter values, instead of logging them. | |
dd1ba5b3 JP |
766 | |
767 | ||
9d564cb2 | 768 | v1.6.1 - 25 Jun 2012 |
d0a8c2e0 | 769 | ------------------------ |
9d564cb2 JP |
770 | - Allow OFPP_CONTROLLER as the in_port for packet-out messages. |
771 | ||
772 | ||
773 | v1.6.0 - 24 Feb 2012 | |
774 | ------------------------ | |
775 | *** Internal only release *** | |
4df08875 | 776 | - bonding |
bdebeece EJ |
777 | - LACP bonds no longer fall back to balance-slb when negotiations fail. |
778 | Instead they drop traffic. | |
4df08875 EJ |
779 | - The default bond_mode changed from SLB to active-backup, to protect |
780 | unsuspecting users from the significant risks of SLB bonds (which are | |
781 | documented in vswitchd/INTERNALS). | |
bc1b010c EJ |
782 | - Load balancing can be disabled by setting the bond-rebalance-interval |
783 | to zero. | |
73f33563 BP |
784 | - OpenFlow: |
785 | - Added support for bitwise matching on TCP and UDP ports. | |
786 | See ovs-ofctl(8) for more information. | |
80d5aefd BP |
787 | - NXM flow dumps now include times elapsed toward idle and hard |
788 | timeouts. | |
789 | - Added an OpenFlow extension NXT_SET_ASYNC_CONFIG that allows | |
790 | controllers more precise control over which OpenFlow messages they | |
791 | receive asynchronously. | |
0e553d9c BP |
792 | - New "fin_timeout" action. |
793 | - Added "fin_timeout" support to "learn" action. | |
a7349929 BP |
794 | - New Nicira action NXAST_CONTROLLER that offers additional features |
795 | over output to OFPP_CONTROLLER. | |
2c999774 BP |
796 | - When QoS settings for an interface do not configure a default queue |
797 | (queue 0), Open vSwitch now uses a default configuration for that | |
798 | queue, instead of dropping all packets as in previous versions. | |
2a3e30b2 BP |
799 | - Logging: |
800 | - Logging to console and file will have UTC timestamp as a default for | |
801 | all the daemons. An example of the default format is | |
802 | 2012-01-27T16:35:17Z. ovs-appctl can be used to change the default | |
803 | format as before. | |
804 | - The syntax of commands and options to set log levels was simplified, | |
805 | to make it easier to remember. | |
254750ce BP |
806 | - New support for limiting the number of flows in an OpenFlow flow |
807 | table, with configurable policy for evicting flows upon | |
808 | overflow. See the Flow_Table table in ovs-vswitch.conf.db(5) | |
809 | for more information. | |
9886b662 BP |
810 | - New "enable-async-messages" column in the Controller table. If set to |
811 | false, OpenFlow connections to the controller will initially have all | |
812 | asynchronous messages disabled, overriding normal OpenFlow behavior. | |
1745cd08 BP |
813 | - ofproto-provider interface: |
814 | - "struct rule" has a new member "used" that ofproto implementations | |
815 | should maintain by updating with ofproto_rule_update_used(). | |
8f46c9bb BP |
816 | - ovsdb-client: |
817 | - The new option --timestamp causes the "monitor" command to print | |
818 | a timestamp with every update. | |
a7aa2d3c | 819 | - CFM module CCM broadcasts can now be tagged with an 802.1p priority. |
d0a8c2e0 JP |
820 | |
821 | ||
a6492d91 | 822 | v1.5.0 - 01 Jun 2012 |
e68bfcfc | 823 | ------------------------ |
e729e793 JP |
824 | - OpenFlow: |
825 | - Added support for querying, modifying, and deleting flows | |
826 | based on flow cookie when using NXM. | |
b4b7f827 | 827 | - Added new NXM_PACKET_IN format. |
f0fd1a17 | 828 | - Added new NXAST_DEC_TTL action. |
1eb85ef5 EJ |
829 | - ovs-ofctl: |
830 | - Added daemonization support to the monitor and snoop commands. | |
2a9537e2 BP |
831 | - ovs-vsctl: |
832 | - The "find" command supports new set relational operators | |
833 | {=}, {!=}, {<}, {>}, {<=}, and {>=}. | |
e4476f74 BP |
834 | - ovsdb-tool now uses the typical database and schema installation |
835 | directories as defaults. | |
d1add61d JP |
836 | - The default MAC learning timeout has been increased from 60 seconds |
837 | to 300 seconds. The MAC learning timeout is now configurable. | |
e68bfcfc JP |
838 | |
839 | ||
ef13dc11 | 840 | v1.4.0 - 30 Jan 2012 |
b6a9a95b | 841 | ------------------------ |
50bf17cd | 842 | - Compatible with Open vSwitch kernel module included in Linux 3.3. |
52a90c29 BP |
843 | - New "VLAN splinters" feature to work around buggy device drivers |
844 | in old Linux versions. (This feature is deprecated. When | |
845 | broken device drivers are no longer in widespread use, we will | |
846 | delete this feature.) See ovs-vswitchd.conf.db(5) for more | |
847 | information. | |
fa8223b7 JP |
848 | - OpenFlow: |
849 | - Added ability to match on IPv6 flow label through NXM. | |
530180fd | 850 | - Added ability to match on ECN bits in IPv4 and IPv6 through NXM. |
a61680c6 | 851 | - Added ability to match on TTL in IPv4 and IPv6 through NXM. |
530180fd | 852 | - Added ability to modify ECN bits in IPv4. |
a61680c6 | 853 | - Added ability to modify TTL in IPv4. |
9d24de3b | 854 | - ovs-vswitchd: |
c06bba01 JP |
855 | - Don't require the "normal" action to use mirrors. Traffic will |
856 | now be properly mirrored for any flows, regardless of their | |
857 | actions. | |
9d24de3b | 858 | - Track packet and byte statistics sent on mirrors. |
733adf2a LG |
859 | - The sFlow implementation can now usually infer the correct agent |
860 | device instead of having to be told explicitly. | |
f0a3aa2e AA |
861 | - ovs-appctl: |
862 | - New "fdb/flush" command to flush bridge's MAC learning table. | |
0be6140a AA |
863 | - ovs-test: |
864 | - A new distributed testing tool that allows one to diagnose performance | |
865 | and connectivity issues. This tool currently is not included in RH or | |
866 | Xen packages. | |
0fb42626 | 867 | - RHEL packaging now supports integration with Red Hat network scripts. |
4c57c3bc EJ |
868 | - bonding: |
869 | - Post 1.4.*, OVS will be changing the default bond mode from balance-slb | |
870 | to active-backup. SLB bonds carry significant risks with them | |
871 | (documented vswitchd/INTERNALS) which we want to prevent unsuspecting | |
872 | users from running into. Users are advised to update any scripts or | |
873 | configuration which may be negatively impacted by explicitly setting | |
874 | the bond mode which they want to use. | |
b6a9a95b | 875 | |
0be6140a | 876 | |
ddc29387 | 877 | v1.3.0 - 09 Dec 2011 |
3e60856b | 878 | ------------------------ |
f694937d EJ |
879 | - OpenFlow: |
880 | - Added an OpenFlow extension which allows the "output" action to accept | |
881 | NXM fields. | |
75a75043 | 882 | - Added an OpenFlow extension for flexible learning. |
d2c0fed9 | 883 | - Bumped number of NXM registers from four to five. |
d5e1e5ed | 884 | - ovs-appctl: |
ae75dae3 JP |
885 | - New "version" command to determine version of running daemon. |
886 | - If no argument is provided for "cfm/show", displays detailed | |
887 | information about all interfaces with CFM enabled. | |
5dab8ece JP |
888 | - If no argument is provided for "lacp/show", displays detailed |
889 | information about all ports with LACP enabled. | |
10500639 BP |
890 | - ovs-dpctl: |
891 | - New "set-if" command to modify a datapath port's configuration. | |
29901626 BP |
892 | - ovs-vswitchd: |
893 | - The software switch now supports 255 OpenFlow tables, instead | |
894 | of just one. By default, only table 0 is consulted, but the | |
895 | new NXAST_RESUBMIT_TABLE action can look up in additional | |
896 | tables. Tables 128 and above are reserved for use by the | |
897 | switch itself; please use only tables 0 through 127. | |
21f7563c | 898 | - Add support for 802.1D spanning tree (STP). |
7257b535 BP |
899 | - Fragment handling extensions: |
900 | - New OFPC_FRAG_NX_MATCH fragment handling mode, in which L4 | |
901 | fields are made available for matching in fragments with | |
902 | offset 0. | |
903 | - New NXM_NX_IP_FRAG match field for matching IP fragments (usable | |
904 | via "ip_frag" in ovs-ofctl). | |
905 | - New ovs-ofctl "get-frags" and "set-frags" commands to get and set | |
906 | fragment handling policy. | |
2f4bc10d BP |
907 | - CAPWAP tunneling now supports an extension to transport a 64-bit key. |
908 | By default it remains compatible with the old version and other | |
c87112ca | 909 | standards-based implementations. |
17411ecf JG |
910 | - Flow setups are now processed in a round-robin manner across ports |
911 | to prevent any single client from monopolizing the CPU and conducting | |
912 | a denial of service attack. | |
ecac4ebf BP |
913 | - Added support for native VLAN tagging. A new "vlan_mode" |
914 | parameter can be set for "port". Possible values: "access", | |
915 | "trunk", "native-tagged" and "native-untagged". | |
023e1e0a | 916 | - test-openflowd has been removed. Please use ovs-vswitchd instead. |
3e60856b | 917 | |
5e9c5b61 | 918 | v1.2.0 - 03 Aug 2011 |
b78f6b77 | 919 | ------------------------ |
1a142ced JP |
920 | - New "ofproto" abstraction layer to ease porting to hardware |
921 | switching ASICs. | |
922 | - Packaging for Red Hat Enterprise Linux 5.6 and 6.0. | |
923 | - Datapath support for Linux kernels up to 3.0. | |
924 | - OpenFlow: | |
925 | - New "bundle" and "bundle_load" action extensions. | |
926 | - Database: | |
927 | - Implement table unique constraints. | |
928 | - Support cooperative locking between callers. | |
929 | - ovs-dpctl: | |
930 | - New "-s" option for "show" command prints packet and byte | |
931 | counters for each port. | |
c4ea79bf BP |
932 | - ovs-ofctl: |
933 | - New "--readd" option for "replace-flows". | |
9b1735a7 BP |
934 | - ovs-vsctl: |
935 | - New "show" command to print an overview of configuration. | |
1a142ced | 936 | - New "comment" command to add remark that explains intentions. |
2b01925c | 937 | - ovs-brcompatd has been rewritten to fix long-standing bugs. |
045b2e5c BP |
938 | - ovs-openflowd has been renamed test-openflowd and moved into the |
939 | tests directory. Its presence confused too many users. Please | |
940 | use ovs-vswitchd instead. | |
1a142ced JP |
941 | - New ovs-benchmark utility to test flow setup performance. |
942 | - A new log level "off" has been added. Configuring a log facility | |
943 | "off" prevents any messages from being logged to it. Previously, | |
944 | "emer" was effectively "off" because no messages were ever logged at | |
945 | level "emer". Now, errors that cause a process to exit are logged | |
946 | at "emer" level. | |
8a2d6596 BP |
947 | - "configure" option --with-l26 has been renamed --with-linux, and |
948 | --with-l26-source has been renamed --with-linux-source. The old | |
949 | names will be removed after the next release, so please update | |
950 | your scripts. | |
22bcc0e7 JG |
951 | - The "-2.6" suffix has been dropped from the datapath/linux-2.6 and |
952 | datapath/linux-2.6/compat-2.6 directories. | |
b78f6b77 BP |
953 | - Feature removals: |
954 | - Dropped support for "tun_id_from_cookie" OpenFlow extension. | |
0be6140a | 955 | Please use the extensible match extensions instead. |
93b8df38 EJ |
956 | - Removed the Maintenance_Point and Monitor tables in an effort |
957 | to simplify 802.1ag configuration. | |
1a142ced JP |
958 | - Performance and scalability improvements |
959 | - Bug fixes | |
b78f6b77 | 960 | |
d4da3acc JP |
961 | v1.1.0 - 05 Apr 2011 |
962 | ------------------------ | |
963 | - Ability to define policies over IPv6 | |
964 | - LACP | |
965 | - 802.1ag CCM | |
966 | - Support for extensible match extensions to OpenFlow | |
967 | - QoS: | |
968 | - Support for HFSC qdisc. | |
969 | - Queue used by in-band control can now be configured. | |
970 | - Kernel: | |
971 | - Kernel<->userspace interface has been reworked and should be | |
972 | close to a stable ABI now. | |
973 | - "Port group" concept has been dropped. | |
974 | - GRE over IPSEC tunnels | |
975 | - Bonding: | |
976 | - New active backup bonding mode. | |
977 | - New L4 hashing support when LACP is enabled. | |
978 | - Source MAC hash now includes VLAN field also. | |
979 | - miimon support. | |
980 | - Greatly improved handling of large flow tables | |
981 | - ovs-dpctl: | |
982 | - "show" command now prints full vport configuration. | |
983 | - "dump-groups" command removed since kernel support for | |
984 | port groups was dropped. | |
985 | - ovs-vsctl: | |
986 | - New commands for working with the new Managers table. | |
987 | - "list" command enhanced with new formatting options and --columns | |
988 | option. | |
989 | - "get" command now accepts new --id option. | |
990 | - New "find" command. | |
991 | - ovs-ofctl: | |
992 | - New "queue-stats" command for printing queue stats. | |
993 | - New commands "replace-flows" and "diff-flows". | |
994 | - Commands to add and remove flows can now read from files. | |
995 | - New --flow-format option to enable or disable NXM. | |
996 | - New --more option to increase OpenFlow message verbosity. | |
997 | - Removed "tun-cookie" command, which is no longer useful. | |
998 | - ovs-controller enhancements for testing various features. | |
999 | - New ovs-vlan-test command for testing for Linux kernel driver VLAN | |
1000 | bugs. New ovs-vlan-bug-workaround command for enabling and | |
1001 | disabling a workaround for these driver bugs. | |
1002 | - OpenFlow support: | |
35d25d44 | 1003 | - "Resubmit" actions now update flow statistics. |
d4da3acc JP |
1004 | - New "register" extension for use in matching and actions, via NXM. |
1005 | - New "multipath" experimental action extension. | |
1006 | - New support for matching multicast Ethernet frames, via NXM. | |
1007 | - New extension for OpenFlow vendor error codes. | |
1008 | - New extension to set the QoS output queue without actually | |
1009 | sending to an output port. | |
1010 | - Open vSwitch now reports a single flow table, instead of | |
1011 | separate hash and wildcard tables. This better models the | |
1012 | current implementation. | |
1013 | - New experimental "note" action. | |
1014 | - New "ofproto/trace" ovs-appctl command and associated utilities | |
1015 | to ease debugging complex flow tables. | |
1016 | - Database: | |
1017 | - Schema documentation now includes an entity-relationship diagram. | |
1018 | - The database is now garbage collected. In most tables, | |
1019 | unreferenced rows will be deleted automatically. | |
1020 | - Many tables now include statistics updated periodically by | |
1021 | ovs-vswitchd or ovsdb-server. | |
1022 | - Every table now has an "external-ids" column for use by OVS | |
1023 | integrators. | |
1024 | - There is no default controller anymore. Each bridge must have its | |
1025 | controller individually specified. | |
1026 | - The "fail-mode" is now a property of a Bridge instead of a Controller. | |
1027 | - New versioning and checksum features. | |
1028 | - New Managers table and manager_options column in Open_vSwitch table | |
1029 | for specifying managers. The old "managers" column in the | |
1030 | Open_vSwitch table has been removed. | |
1031 | - Many "name" columns are now immutable. | |
1032 | - Feature removals: | |
1033 | - Dropped support for XenServer pre-5.6.100. | |
1034 | - Dropped support for Linux pre-2.6.18. | |
1035 | - Dropped controller discovery support. | |
1036 | - Dropped "ovs-ofctl status" and the OpenFlow extension that it used. | |
1037 | Statistics reporting in the database is a rough equivalent. | |
1038 | - Dropped the "corekeeper" package (now separate, at | |
1039 | http://openvswitch.org/cgi-bin/gitweb.cgi?p=corekeeper). | |
1040 | - Performance and scalability improvements | |
1041 | - Bug fixes | |
1042 | ||
d5905136 JP |
1043 | v1.1.0pre2 - 13 Sep 2010 |
1044 | ------------------------ | |
1045 | - Bug fixes | |
1046 | ||
fdf20378 JP |
1047 | v1.1.0pre1 - 31 Aug 2010 |
1048 | ------------------------ | |
476d56f5 JP |
1049 | - OpenFlow 1.0 slicing (QoS) functionality |
1050 | - Python bindings for configuration database (no write support) | |
1051 | - Performance and scalability improvements | |
1052 | - Bug fixes | |
1053 | ||
b9b0865a JP |
1054 | v1.0.1 - 31 May 2010 |
1055 | -------------------- | |
1056 | - New "patch" interface type | |
1057 | - Bug fixes | |
1058 | ||
7c284ac4 JP |
1059 | v1.0.0 - 15 May 2010 |
1060 | -------------------- | |
1061 | - Configuration database with remote management | |
1062 | - OpenFlow 1.0 | |
1063 | - GRE tunneling | |
1064 | - Support for XenServer 5.5 and 5.6 | |
1065 | - Performance and scalability improvements | |
1066 | - Bug fixes | |
1067 | ||
2f0a1f42 JP |
1068 | v0.99.2 - 18 Feb 2010 |
1069 | --------------------- | |
1070 | - Bug fixes | |
1071 | ||
b84a0589 JP |
1072 | v0.99.1 - 25 Jan 2010 |
1073 | --------------------- | |
1074 | - Add support for sFlow(R) | |
1075 | - Make headers compatible with C++ | |
1076 | - Bug fixes | |
1077 | ||
b7f22a6a JP |
1078 | v0.99.0 - 14 Jan 2010 |
1079 | --------------------- | |
1080 | - User-space forwarding engine | |
1081 | - Bug fixes | |
35d25d44 | 1082 | |
6d735676 JP |
1083 | v0.90.7 - 29 Nov 2009 |
1084 | --------------------- | |
1085 | - Add support for NetFlow active timeouts | |
1086 | - Bug fixes | |
b7f22a6a | 1087 | |
ef5925df JP |
1088 | v0.90.6 - 6 Oct 2009 |
1089 | -------------------- | |
1090 | - Bug fixes | |
1091 | ||
3c708eb8 | 1092 | v0.90.5 - 21 Sep 2009 |
30ee1c4d JP |
1093 | --------------------- |
1094 | - Generalize in-band control to more diverse network setups | |
1095 | - Bug fixes |