]>
Commit | Line | Data |
---|---|---|
024810cf JP |
1 | Post-v2.10.0 |
2 | --------------------- | |
bf61b8b1 YS |
3 | - Linux datapath: |
4 | * Support for the kernel versions 4.16.x and 4.17.x. | |
e11f0c25 BP |
5 | - The environment variable OVS_SYSLOG_METHOD, if set, is now used |
6 | as the default syslog method. | |
9551e80b IM |
7 | - The environment variable OVS_CTL_TIMEOUT, if set, is now used |
8 | as the default timeout for control utilities. | |
08c05ad2 | 9 | - ovn: |
fcd8f561 | 10 | * New support for IPSEC encrypted tunnels between hypervisors. |
08c05ad2 | 11 | * ovn-ctl: allow passing user:group ids to the OVN daemons. |
e77c97b9 KT |
12 | - DPDK: |
13 | * Add option for simple round-robin based Rxq to PMD assignment. | |
14 | It can be set with pmd-rxq-assign. | |
03f3f9c0 | 15 | * Add support for DPDK 18.11 |
84ddf96c | 16 | - Add 'symmetric_l3' hash function. |
f9417807 | 17 | - OVS now honors 'updelay' and 'downdelay' for bonds with LACP configured. |
57924fc9 SB |
18 | - ovs-vswitchd: |
19 | * New configuration option "offload-rebalance", that enables dynamic | |
20 | rebalancing of offloaded flows. | |
9ce4aa8e YS |
21 | - The environment variable OVS_RESOLV_CONF, if set, is now used |
22 | as the DNS server configuration file. | |
024810cf | 23 | |
52499f66 | 24 | v2.10.0 - 18 Aug 2018 |
b1ca64f0 | 25 | --------------------- |
771680d9 YS |
26 | - ovs-vswitchd and utilities now support DNS names in OpenFlow and |
27 | OVSDB remotes. | |
4bc938cc | 28 | - ovs-vswitchd: |
8e98556b | 29 | * New options --l7 and --l7-len to "ofproto/trace" command. |
4bc938cc BP |
30 | * Previous versions gave OpenFlow tables default names of the form |
31 | "table#". These are not helpful names for the purpose of accepting | |
32 | and displaying table names, so now tables by default have no names. | |
ee60eefe | 33 | * The "null" interface type, deprecated since 2013, has been removed. |
60405863 | 34 | * Add minimum network namespace support for Linux. |
49b9cad3 | 35 | * New command "lacp/show-stats" |
8e98556b BP |
36 | - ovs-ofctl: |
37 | * ovs-ofctl now accepts and display table names in place of numbers. By | |
38 | default it always accepts names and in interactive use it displays them; | |
39 | use --names or --no-names to override. See ovs-ofctl(8) for details. | |
ec5ef1cf | 40 | - ovs-vsctl: New commands "add-bond-iface" and "del-bond-iface". |
4eeec031 YHW |
41 | - ovs-dpctl: |
42 | * New commands "ct-set-limits", "ct-del-limits", and "ct-get-limits". | |
b0e07d50 BP |
43 | - OpenFlow: |
44 | * OFPT_ROLE_STATUS is now available in OpenFlow 1.3. | |
7b809df9 BP |
45 | * OpenFlow 1.5 extensible statistics (OXS) now implemented. |
46 | * New OpenFlow 1.0 extensions for group support. | |
06db81cc JS |
47 | * Default selection method for select groups is now dp_hash with improved |
48 | accuracy. | |
e02b6f81 AZ |
49 | - Linux datapath |
50 | * Add support for compiling OVS with the latest Linux 4.14 kernel. | |
51 | * Added support for meters. | |
cb2a5486 | 52 | * Add support for conntrack zone limit. |
c319fabc | 53 | - ovn: |
047791dc | 54 | * Implemented icmp4/icmp6/tcp_reset actions in order to drop the packet |
c319fabc LB |
55 | and reply with a RST for TCP or ICMPv4/ICMPv6 unreachable message for |
56 | other IPv4/IPv6-based protocols whenever a reject ACL rule is hit. | |
689829d5 | 57 | * ACL match conditions can now match on Port_Groups as well as address |
1beb60af HZ |
58 | sets that are automatically generated by Port_Groups. ACLs can be |
59 | applied directly to Port_Groups as well. | |
7e5f6b1e BP |
60 | * ovn-nbctl can now run as a daemon (long-lived, background process). |
61 | See ovn-nbctl(8) for details. | |
a7e4849e MR |
62 | - DPDK: |
63 | * New 'check-dpdk' Makefile target to run a new system testsuite. | |
64 | See Testing topic for the details. | |
f8b64a61 | 65 | * Add LSC interrupt support for DPDK physical devices. |
3e52fa56 | 66 | * Allow init to fail and record DPDK status/version in OVS database. |
c3c722d2 | 67 | * Add experimental flow hardware offload support |
43307ad0 | 68 | * Support both shared and per port mempools for DPDK devices. |
79f36875 JS |
69 | - Userspace datapath: |
70 | * Commands ovs-appctl dpif-netdev/pmd-*-show can now work on a single PMD | |
71 | * Detailed PMD performance metrics available with new command | |
72 | ovs-appctl dpif-netdev/pmd-perf-show | |
7178fefb JS |
73 | * Supervision of PMD performance metrics and logging of suspicious |
74 | iterations | |
60d8ccae YW |
75 | * Add signature match cache (SMC) as experimental feature. When turned on, |
76 | it improves throughput when traffic has many more flows than EMC size. | |
4ee9f056 WT |
77 | - ERSPAN: |
78 | * Implemented ERSPAN protocol (draft-foschiano-erspan-00.txt) for | |
79 | both kernel datapath and userspace datapath. | |
80 | * Added port-based and flow-based ERSPAN tunnel port support, added | |
81 | OpenFlow rules matching ERSPAN fields. See ovs-fields(7). | |
c8efec6e QX |
82 | - ovs-pki |
83 | * ovs-pki now generates x.509 version 3 certificate. The new format adds | |
84 | subjectAltName field and sets its value the same as common name (CN). | |
a1ba48e0 | 85 | |
430d7d15 | 86 | v2.9.0 - 19 Feb 2018 |
e656b165 | 87 | -------------------- |
9a180f2c | 88 | - NSH implementation now conforms to latest draft (draft-ietf-sfc-nsh-28). |
17553f27 | 89 | * Add ttl field. |
491e05c2 | 90 | * Add a new action dec_nsh_ttl. |
96b82f6d | 91 | * Enable NSH support in kernel datapath. |
1b1d2e6d | 92 | - OVSDB has new, experimental support for database clustering: |
12b84d50 BP |
93 | * New high-level documentation in ovsdb(7). |
94 | * New file format documentation for developers in ovsdb(5). | |
95 | * Protocol documentation moved from ovsdb-server(1) to ovsdb-server(7). | |
53178986 BP |
96 | * ovsdb-server now supports online schema conversion via |
97 | "ovsdb-client convert". | |
6bb9b060 BP |
98 | * ovsdb-server now always hosts a built-in database named _Server. See |
99 | ovsdb-server(5) for more details. | |
1b1d2e6d BP |
100 | * ovsdb-client: New "get-schema-cksum", "query", "backup", "restore", |
101 | and "wait" commands. New --timeout option. | |
102 | * ovsdb-tool: New "create-cluster", "join-cluster", "db-cid", "db-sid", | |
103 | "db-local-address", "db-is-clustered", "db-is-standalone", "db-name", | |
104 | "schema-name", "compare-versions", and "check-cluster" commands. | |
105 | * ovsdb-server: New ovs-appctl commands for managing clusters. | |
106 | * ovs-sandbox: New support for clustered databases. | |
80f66ee0 BP |
107 | - ovs-vsctl and other commands that display data in tables now support a |
108 | --max-column-width option to limit column width. | |
d39ec23d JP |
109 | - No longer slow-path traffic that sends to a controller. Applications, |
110 | such as OVN ACL logging, want to send a copy of a packet to a | |
111 | controller while leaving the actual packet forwarding in the datapath. | |
bd32425f RB |
112 | - OVN: |
113 | * The "requested-chassis" option for a logical switch port now accepts a | |
114 | chassis "hostname" in addition to a chassis "name". | |
d601127b NS |
115 | * IPv6 |
116 | - Added support to send IPv6 Router Advertisement packets in response to | |
117 | the IPv6 Router Solicitation packets from the VIF ports. | |
118 | - Added support to generate Neighbor Solicitation packets using the OVN | |
119 | action 'nd_ns' to resolve unknown next hop MAC addresses for the | |
120 | IPv6 packets. | |
047791dc | 121 | * Add support for QoS bandwidth limit with DPDK. |
74103dc2 | 122 | * ovn-ctl: New commands run_nb_ovsdb and run_sb_ovsdb. |
1b1d2e6d | 123 | * ovn-sbctl, ovn-nbctl: New options --leader-only, --no-leader-only. |
a1ba48e0 JP |
124 | - OpenFlow: |
125 | * ct_clear action is now backed by kernel datapath. Support is probed for | |
126 | when OVS starts. | |
4a67e420 GR |
127 | - Linux kernel 4.13 |
128 | * Add support for compiling OVS with the latest Linux 4.13 kernel | |
c92339ad DB |
129 | - ovs-dpctl and related ovs-appctl commands: |
130 | * "flush-conntrack" now accept a 5-tuple to delete a specific | |
131 | connection tracking entry. | |
875075b3 DB |
132 | * New "ct-set-maxconns", "ct-get-maxconns", and "ct-get-nconns" commands |
133 | for userspace datapath. | |
22dcb534 FL |
134 | - No longer send packets to the Linux TAP device if it's DOWN unless it is |
135 | in another networking namespace. | |
5e925ccc MK |
136 | - DPDK: |
137 | * Add support for DPDK v17.11 | |
a14d1cc8 | 138 | * Add support for vHost IOMMU |
be481733 | 139 | * New debug appctl command 'netdev-dpdk/get-mempool-info'. |
40f185ac | 140 | * All the netdev-dpdk appctl commands described in ovs-vswitchd man page. |
971f4b39 MW |
141 | * Custom statistics: |
142 | - DPDK physical ports now return custom set of "dropped", "error" and | |
143 | "management" statistics. | |
144 | - ovs-ofctl dump-ports command now prints new of set custom statistics | |
145 | if available (for OpenFlow 1.4+). | |
a1e53988 SF |
146 | * Switch from round-robin allocation of rxq to pmd assignments to a |
147 | utilization-based allocation. | |
c190e2ad KT |
148 | * New appctl command 'dpif-netdev/pmd-rxq-rebalance' to rebalance rxq to |
149 | pmd assignments. | |
2a2c67b4 | 150 | * Add rxq utilization of pmd to appctl 'dpif-netdev/pmd-rxq-show'. |
93c0ef12 | 151 | * Add support for vHost dequeue zero copy (experimental). |
06ee1d3e IM |
152 | - Userspace datapath: |
153 | * Output packet batching support. | |
62705b81 BP |
154 | - vswitchd: |
155 | * Datapath IDs may now be specified as 0x1 (etc.) instead of 16 digits. | |
d3b84833 BP |
156 | * Configuring a controller, or unconfiguring all controllers, now deletes |
157 | all groups and meters (as well as all flows). | |
d4042a70 | 158 | - New --enable-sparse configure option enables "sparse" checking by default. |
b2e8b12f | 159 | - Added additional information to vhost-user status. |
e656b165 | 160 | |
a61016be | 161 | v2.8.0 - 31 Aug 2017 |
3a32d0ae | 162 | -------------------- |
1b3758c3 BP |
163 | - ovs-ofctl: |
164 | * ovs-ofctl can now accept and display port names in place of numbers. By | |
165 | default it always accepts names and in interactive use it displays them; | |
166 | use --names or --no-names to override. See ovs-ofctl(8) for details. | |
167 | * "ovs-ofctl dump-flows" now accepts --no-stats to omit flow statistics. | |
8a0d9d85 | 168 | - New ovs-dpctl command "ct-stats-show" to show connection tracking stats. |
e2218eee JP |
169 | - Tunnels: |
170 | * Added support to set packet mark for tunnel endpoint using | |
171 | `egress_pkt_mark` OVSDB option. | |
921c370a EG |
172 | * When using Linux kernel datapath tunnels may be created using rtnetlink. |
173 | This will allow us to take advantage of new tunnel features without | |
174 | having to make changes to the vport modules. | |
4c30b246 CL |
175 | - EMC insertion probability is reduced to 1% and is configurable via |
176 | the new 'other_config:emc-insert-inv-prob' option. | |
736ca516 IM |
177 | - DPDK: |
178 | * DPDK log messages redirected to OVS logging subsystem. | |
179 | Log level can be changed in a usual OVS way using | |
180 | 'ovs-appctl vlog' commands for 'dpdk' module. Lower bound | |
181 | still can be configured via extra arguments for DPDK EAL. | |
28ca969e AC |
182 | * dpdkvhostuser ports are marked as deprecated. They will be removed |
183 | in an upcoming release. | |
f3e7ec25 | 184 | * Support for DPDK v17.05.1. |
0b4f83e2 PS |
185 | - IPFIX now provides additional counters: |
186 | * Total counters since metering process startup. | |
187 | * Per-flow TCP flag counters. | |
ebfe9a21 | 188 | * Multicast, broadcast, and unicast counters. |
fed8962a EG |
189 | - New support for multiple VLANs (802.1ad or "QinQ"), including a new |
190 | "dot1q-tunnel" port VLAN mode. | |
4e3000a0 BP |
191 | - In ovn-vsctl and vtep-ctl, record UUIDs in commands may now be |
192 | abbreviated to 4 hex digits. | |
3346c985 DB |
193 | - Userspace Datapath: |
194 | * Added NAT support for userspace datapath. | |
05f282c2 | 195 | * Added FTP and TFTP support with NAT for userspace datapath. |
ab27bfa6 | 196 | * Experimental NSH (Network Service Header) support in userspace datapath. |
b89d25e5 | 197 | - OVN: |
302eda27 | 198 | * New built-in DNS support. |
161ea2c8 | 199 | * IPAM for IPv4 can now exclude user-defined addresses from assignment. |
7cc0741e | 200 | * IPAM can now assign IPv6 addresses. |
b89d25e5 | 201 | * Make the DHCPv4 router setting optional. |
f40c5588 | 202 | * Gratuitous ARP for NAT addresses on a distributed logical router. |
4d232c75 LR |
203 | * Allow ovn-controller SSL configuration to be obtained from vswitchd |
204 | database. | |
42c1e58e | 205 | * ovn-trace now has basic support for tracing distributed firewalls. |
4e3000a0 BP |
206 | * In ovn-nbctl and ovn-sbctl, record UUIDs in commands may now be |
207 | abbreviated to 4 hex digits. | |
c2f4c39b BP |
208 | * "ovn-sbctl lflow-list" can now print OpenFlow flows that correspond |
209 | to logical flows. | |
75ddb5f4 | 210 | * Now uses OVSDB RBAC support to reduce impact of compromised hypervisors. |
35ad41ba RB |
211 | * Multiple chassis may now be specified for L3 gateways. When more than |
212 | one chassis is specified, OVN will manage high availability for that | |
213 | gateway. | |
d383eed5 | 214 | * Add support for ACL logging. |
46a54ce7 | 215 | * ovn-northd now has native support for active-standby high availability. |
0f2f05bb | 216 | - Tracing with ofproto/trace now traces through recirculation. |
d6db7b3c LR |
217 | - OVSDB: |
218 | * New support for role-based access control (see ovsdb-server(1)). | |
cc3a32f3 | 219 | - New commands 'stp/show' and 'rstp/show' (see ovs-vswitchd(8)). |
417cfdb6 | 220 | - OpenFlow: |
8d348579 BP |
221 | * All features required by OpenFlow 1.4 are now implemented, so |
222 | ovs-vswitchd now enables OpenFlow 1.4 by default (in addition to | |
223 | OpenFlow 1.0 to 1.3). | |
2f2b904f | 224 | * Increased support for OpenFlow 1.6 (draft). |
417cfdb6 | 225 | * Bundles now support hashing by just nw_src or nw_dst. |
226 | * The "learn" action now supports a "limit" option (see ovs-ofctl(8)). | |
f73b83fd | 227 | * The port status bit OFPPS_LIVE now reflects link aliveness. |
577bfa9f | 228 | * OpenFlow 1.5 packet-out is now supported. |
f839892a JS |
229 | * Support for OpenFlow 1.5 field packet_type and packet-type-aware |
230 | pipeline (PTAP). | |
231 | * Added generic encap and decap actions (EXT-382). | |
232 | First supported use case is encap/decap for Ethernet. | |
b48f44ff YY |
233 | * Added NSH (Network Service Header) support in userspace |
234 | Used generic encap and decap actions to implement encapsulation and | |
235 | decapsulation of NSH header. | |
236 | IETF NSH draft - https://datatracker.ietf.org/doc/draft-ietf-sfc-nsh/ | |
f6fabcc6 JP |
237 | * Conntrack state is only available to the processing path that |
238 | follows the "recirc_table" argument of the ct() action. Starting | |
239 | in OVS 2.8, this state is now cleared for the current processing | |
240 | path whenever ct() is called. | |
44dd4cc4 LR |
241 | - Fedora Packaging: |
242 | * OVN services are no longer restarted automatically after upgrade. | |
e3e738a3 | 243 | * ovs-vswitchd and ovsdb-server run as non-root users by default. |
fe13ccdc | 244 | - Add --cleanup option to command 'ovs-appctl exit' (see ovs-vswitchd(8)). |
63171f04 | 245 | - L3 tunneling: |
875ab130 | 246 | * Use new tunnel port option "packet_type" to configure L2 vs. L3. |
f839892a JS |
247 | * In conjunction with PTAP tunnel ports can handle a mix of L2 and L3 |
248 | payload. | |
439f39cb | 249 | * New vxlan tunnel extension "gpe" to support VXLAN-GPE tunnels. |
875ab130 | 250 | * New support for non-Ethernet (L3) payloads in GRE and VXLAN-GPE. |
4cefc3da | 251 | - The BFD detection multiplier is now user-configurable. |
2a85b7cc | 252 | - Add experimental support for hardware offloading |
bf090264 RD |
253 | * HW offloading is disabled by default. |
254 | * HW offloading is done through the TC interface. | |
5d77b36b BP |
255 | - IPv6 link local addresses are now supported on Linux. Use % to designate |
256 | the scope device. | |
e2218eee | 257 | |
a9c838b2 | 258 | v2.7.0 - 21 Feb 2017 |
92690eae | 259 | --------------------- |
e18a1d08 ER |
260 | - Utilities and daemons that support SSL now allow protocols and |
261 | ciphers to be configured with --ssl-protocols and --ssl-ciphers. | |
a6095f81 BS |
262 | - OVN: |
263 | * QoS is now implemented via egress shaping rather than ingress policing. | |
1a03fc7d | 264 | * DSCP marking is now supported, via the new northbound QoS table. |
6374d518 | 265 | * IPAM now supports fixed MAC addresses. |
440a9f4b | 266 | * Support for source IP address based routing. |
d444a914 BP |
267 | * ovn-trace: |
268 | - New --ovs option to also print OpenFlow flows. | |
269 | - put_dhcp_opts and put_dhcp_optsv6 actions may now be traced. | |
821302cf | 270 | * Support for managing SSL and remote connection configuration in |
10471820 | 271 | northbound and southbound databases. |
84d0ca5d LR |
272 | * TCP connections to northbound and southbound databases are no |
273 | longer enabled by default and must be explicitly configured. | |
274 | See documentation for ovn-sbctl/ovn-nbctl "set-connection" | |
275 | command or the ovn-ctl "--db-sb-create-insecure-remote" and | |
276 | "--db-nb-create-insecure-remote" command-line options for | |
277 | information regarding remote connection configuration. | |
714651c7 JP |
278 | * New appctl "inject-pkt" command in ovn-controller that allows |
279 | packets to be injected into the connected OVS instance. | |
878b54d7 MS |
280 | * Distributed logical routers may now be connected directly to |
281 | logical switches with localnet ports, by specifying a | |
282 | "redirect-chassis" on the distributed gateway port of the | |
283 | logical router. NAT rules may be specified directly on the | |
284 | distributed logical router, and are handled either centrally on | |
285 | the "redirect-chassis", or in many cases are handled locally on | |
286 | the hypervisor where the corresponding logical port resides. | |
287 | Gratuitous ARP for NAT addresses on a distributed logical | |
288 | router is not yet supported, but will be added in a future | |
289 | version. | |
a027899e JR |
290 | - Fixed regression in table stats maintenance introduced in OVS |
291 | 2.3.0, wherein the number of OpenFlow table hits and misses was | |
292 | not accurate. | |
51bb26fa | 293 | - OpenFlow: |
6dd3c787 | 294 | * OFPT_PACKET_OUT messages are now supported in bundles. |
53cc166a JR |
295 | * A new "selection_method=dp_hash" type for OpenFlow select group |
296 | bucket selection that uses the datapath computed 5-tuple hash | |
297 | without making datapath flows match the 5-tuple fields, which | |
298 | is useful for more efficient load balancing, for example. This | |
299 | uses the Netronome extension to OpenFlow 1.5+ that allows | |
300 | control over the OpenFlow select groups selection method. See | |
301 | "selection_method" and related options in ovs-ofctl(8) for | |
302 | details. | |
4930ea56 | 303 | * The "sample" action now supports "ingress" and "egress" options. |
40c7b2fc | 304 | * The "ct" action now supports the TFTP ALG where support is available. |
72fe7578 | 305 | * New actions "clone" and "ct_clear". |
798a1033 | 306 | * The "meter" action is now supported in the userspace datapath. |
6dd3c787 JR |
307 | - ovs-ofctl: |
308 | * 'bundle' command now supports packet-out messages. | |
309 | * New syntax for 'ovs-ofctl packet-out' command, which uses the | |
310 | same string parser as the 'bundle' command. The old 'packet-out' | |
311 | syntax is deprecated and will be removed in a later OVS | |
312 | release. | |
313 | * New unixctl "ofctl/packet-out" command, which can be used to | |
314 | instruct a flow monitor to issue OpenFlow packet-out messages. | |
9c1a1182 LR |
315 | - ovsdb-server: |
316 | * Remote connections can now be made read-only (see ovsdb-server(1)). | |
8d8ab6c2 JG |
317 | - Tunnels: |
318 | * TLV mappings for protocols such as Geneve are now segregated on | |
319 | a per-OpenFlow bridge basis rather than globally. (The interface | |
320 | has not changed.) | |
2b02d770 | 321 | * Removed support for IPsec tunnels. |
08484bae CL |
322 | - DPDK: |
323 | * New option 'n_rxq_desc' and 'n_txq_desc' fields for DPDK interfaces | |
324 | which set the number of rx and tx descriptors to use for the given port. | |
04de404e | 325 | * Support for DPDK v16.11. |
1a2bb118 | 326 | * Support for rx checksum offload. Refer DPDK HOWTO for details. |
b8374d0d | 327 | * Port Hotplug is now supported. |
55e075e6 CL |
328 | * DPDK physical ports can now have arbitrary names. The PCI address of |
329 | the device must be set using the 'dpdk-devargs' option. Compatibility | |
330 | with the old dpdk<portid> naming scheme is broken, and as such a | |
331 | device will not be available for use until a valid dpdk-devargs is | |
332 | specified. | |
69876ed7 | 333 | * Virtual DPDK Poll Mode Driver (vdev PMD) support. |
602e24ee | 334 | * Removed experimental tag. |
5771f476 FL |
335 | - Fedora packaging: |
336 | * A package upgrade does not automatically restart OVS service. | |
58d636ee BK |
337 | - ovs-vswitchd/ovs-vsctl: |
338 | * Ports now have a "protected" flag. Protected ports can not forward | |
339 | frames to other protected ports. Unprotected ports can receive and | |
340 | forward frames to protected and other unprotected ports. | |
1ab39058 LR |
341 | - ovs-vsctl, ovn-nbctl, ovn-sbctl, vtep-ctl: |
342 | * Database commands now accept integer ranges, e.g. "set port | |
343 | eth0 trunks=1-10" to enable trunking VLANs 1 to 10. | |
92690eae | 344 | |
62f0430e | 345 | v2.6.0 - 27 Sep 2016 |
ca32170a | 346 | --------------------- |
e921fc3f JP |
347 | - First supported release of OVN. See ovn-architecture(7) for more |
348 | details. | |
92f8d65b | 349 | - ovsdb-server: |
c383f3bf LS |
350 | * New "monitor_cond" "monitor_cond_update" and "update2" extensions to |
351 | RFC 7047. | |
56085be5 | 352 | - OpenFlow: |
8225b3b7 JR |
353 | * OpenFlow 1.3+ bundles now expire after 10 seconds since the |
354 | last time the bundle was either opened, modified, or closed. | |
fe996936 JR |
355 | * OpenFlow 1.3 Extension 230, adding OpenFlow Bundles support, is |
356 | now implemented. | |
25070e04 JR |
357 | * OpenFlow 1.3+ bundles are now supported for group mods as well as |
358 | flow mods and port mods. Both 'atomic' and 'ordered' bundle | |
359 | flags are supported for group mods as well as flow mods. | |
5fc0ad0a JR |
360 | * Internal OpenFlow rule representation for load and set-field |
361 | actions is now much more memory efficient. For a complex flow | |
362 | table this can reduce rule memory consumption by 40%. | |
363 | * Bundles are now much more memory efficient than in OVS 2.5. | |
364 | Together with memory efficiency improvements in OpenFlow rule | |
365 | representation, the peak OVS resident memory use during a | |
366 | bundle commit for large complex set of flow mods can be only | |
367 | 25% of that in OVS 2.5 (4x lower). | |
56085be5 | 368 | * OpenFlow 1.1+ OFPT_QUEUE_GET_CONFIG_REQUEST now supports OFPP_ANY. |
e016fb63 | 369 | * OpenFlow 1.4+ OFPMP_QUEUE_DESC is now supported. |
6c6eedc5 | 370 | * OpenFlow 1.4+ OFPT_TABLE_STATUS is now supported. |
bdcad671 | 371 | * New property-based packet-in message format NXT_PACKET_IN2 with support |
77ab5fd2 BP |
372 | for arbitrary user-provided data and for serializing flow table |
373 | traversal into a continuation for later resumption. | |
374 | * New extension message NXT_SET_ASYNC_CONFIG2 to allow OpenFlow 1.4-like | |
375 | control over asynchronous messages in earlier versions of OpenFlow. | |
bef3f465 | 376 | * New OpenFlow extension NXM_NX_MPLS_TTL to provide access to MPLS TTL. |
aaca4fe0 WT |
377 | * New output option, output(port=N,max_len=M), to allow truncating a |
378 | packet to size M bytes when outputting to port N. | |
88b87a36 JS |
379 | * New command OFPGC_ADD_OR_MOD for OFPT_GROUP_MOD message that adds a |
380 | new group or modifies an existing groups | |
54b78c95 JR |
381 | * The optional OpenFlow packet buffering feature is deprecated in |
382 | this release, and will be removed in the next OVS release | |
383 | (2.7). After the change OVS always sends the 'buffer_id' as | |
384 | 0xffffffff in packet-in messages and will send an error | |
385 | response if any other value of this field is included in | |
386 | packet-out and flow mod sent by a controller. Controllers are | |
387 | already expected to work properly in cases where the switch can | |
388 | not buffer packets, so this change should not affect existing | |
389 | users. | |
2a7c4805 | 390 | * New OpenFlow extension NXT_CT_FLUSH_ZONE to flush conntrack zones. |
4b684612 | 391 | - Improved OpenFlow version compatibility for actions: |
88c8ca26 | 392 | * New OpenFlow extension to support the "group" action in OpenFlow 1.0. |
0f2aaee9 | 393 | * OpenFlow 1.0 "enqueue" action now properly translated to OpenFlow 1.1+. |
56a91749 BP |
394 | * OpenFlow 1.1 "mod_nw_ecn" and OpenFlow 1.1+ "mod_nw_ttl" actions now |
395 | properly translated to OpenFlow 1.0. | |
e016fb63 BP |
396 | - ovs-ofctl: |
397 | * queue-get-config command now allows a queue ID to be specified. | |
25070e04 JR |
398 | * '--bundle' option can now be used with OpenFlow 1.3 and with group mods. |
399 | * New "bundle" command allows executing a mixture of flow and group mods | |
400 | as a single atomic transaction. | |
8743fa8c | 401 | * New option "--color" to produce colorized output for some commands. |
88b87a36 | 402 | * New option '--may-create' to use OFPGC_ADD_OR_MOD in mod-group command. |
c97320eb WZ |
403 | - IPFIX: |
404 | * New "sampling_port" option for "sample" action to allow sampling | |
405 | ingress and egress tunnel metadata with IPFIX. | |
406 | * New ovs-ofctl commands "dump-ipfix-bridge" and "dump-ipfix-flow" to | |
407 | dump bridge IPFIX statistics and flow based IPFIX statistics. | |
408 | * New setting other-config:virtual_obs_id to add an arbitrary string | |
409 | to IPFIX records. | |
6cf888b8 | 410 | - Linux: |
fe996936 JR |
411 | * OVS Linux datapath now implements Conntrack NAT action with all |
412 | supported Linux kernels. | |
413 | * Support for truncate action. | |
6cf888b8 BS |
414 | * New QoS type "linux-noop" that prevents Open vSwitch from trying to |
415 | manage QoS for a given port (useful when other software manages QoS). | |
a14b8947 IM |
416 | - DPDK: |
417 | * New option "n_rxq" for PMD interfaces. | |
418 | Old 'other_config:n-dpdk-rxqs' is no longer supported. | |
81acebda IM |
419 | Not supported by vHost interfaces. For them number of rx and tx queues |
420 | is applied from connected virtio device. | |
3eb67853 IM |
421 | * New 'other_config:pmd-rxq-affinity' field for PMD interfaces, that |
422 | allows to pin port's rx queues to desired cores. | |
ce179f11 IM |
423 | * New appctl command 'dpif-netdev/pmd-rxq-show' to check the port/rxq |
424 | assignment. | |
425 | * Type of log messages from PMD threads changed from INFO to DBG. | |
0bf765f7 | 426 | * QoS functionality with sample egress-policer implementation. |
bab69409 AC |
427 | * The mechanism for configuring DPDK has changed to use database |
428 | * Sensible defaults have been introduced for many of the required | |
429 | configuration options | |
430 | * DB entries have been added for many of the DPDK EAL command line | |
eac84432 AC |
431 | arguments. Additional arguments can be passed via the dpdk-extra |
432 | entry. | |
9509913a | 433 | * Add ingress policing functionality. |
db8f13b0 CL |
434 | * PMD threads servicing vHost User ports can now come from the NUMA |
435 | node that device memory is located on if CONFIG_RTE_LIBRTE_VHOST_NUMA | |
436 | is enabled in DPDK. | |
5cf3edb3 DDP |
437 | * Basic connection tracking for the userspace datapath (no ALG, |
438 | fragmentation or NAT support yet) | |
0a0f39df | 439 | * Support for DPDK 16.07 |
4b88d678 | 440 | * Optional support for DPDK pdump enabled. |
0072e931 | 441 | * Jumbo frame support |
41987644 | 442 | * Remove dpdkvhostcuse port type. |
c1ff66ac | 443 | * OVS client mode for vHost and vHost reconnect (Requires QEMU 2.7) |
2d24d165 | 444 | * 'dpdkvhostuserclient' port type. |
847b8b02 | 445 | - Increase number of registers to 16. |
e7529141 BP |
446 | - ovs-benchmark: This utility has been removed due to lack of use and |
447 | bitrot. | |
06380128 BP |
448 | - ovs-appctl: |
449 | * New "vlog/close" command. | |
7fc28c50 AC |
450 | - ovs-ctl: |
451 | * Added the ability to selectively start the forwarding and database | |
452 | functions (ovs-vswitchd and ovsdb-server, respectively). | |
acdd0764 AZ |
453 | - ovsdb-server: |
454 | * Remove max number of sessions limit, to enable connection scaling | |
455 | testing. | |
99c8be3e RB |
456 | - python: |
457 | * Added support for Python 3.4+ in addition to existing support | |
458 | for 2.7+. | |
9b897c91 AA |
459 | - SELinux: |
460 | * Introduced SELinux policy package. | |
8063e095 PS |
461 | - Datapath Linux kernel compatibility. |
462 | * Dropped support for kernel older than 3.10. | |
42deb67d | 463 | * Removed VLAN splinters feature. |
c3cbb286 | 464 | * Datapath supports kernel upto 4.7. |
80c4589a PS |
465 | - Tunnels: |
466 | * Flow based tunnel match and action can be used for IPv6 address using | |
467 | tun_ipv6_src, tun_ipv6_dst fields. | |
8a2d4905 | 468 | * Added support for IPv6 tunnels, for details checkout FAQ. |
9e9d0384 | 469 | * Deprecated support for IPsec tunnels ports. |
314ce647 AC |
470 | - A wrapper script, 'ovs-tcpdump', to easily port-mirror an OVS port and |
471 | watch with tcpdump | |
81d2f75c AA |
472 | - Introduce --no-self-confinement flag that allows daemons to work with |
473 | sockets outside their run directory. | |
29dd784d BP |
474 | - ovs-pki: Changed message digest algorithm from SHA-1 to SHA-512 because |
475 | SHA-1 is no longer secure and some operating systems have started to | |
476 | disable it in OpenSSL. | |
56abcf49 | 477 | - Add 'mtu_request' column to the Interface table. It can be used to |
3a414a0a | 478 | configure the MTU of the ports. |
29dd784d | 479 | |
c0fa821f JS |
480 | Known issues: |
481 | - Using openvswitch module in conjunction with upstream Linux tunnels: | |
482 | * When using the openvswitch module distributed with OVS against kernel | |
483 | versions 4.4 to 4.6, the openvswitch module cannot be loaded or used at | |
484 | the same time as "ip_gre". | |
485 | - Conntrack FTP ALGs: When using the openvswitch module distributed with | |
486 | OVS, particular Linux distribution kernels versions may provide diminished | |
487 | functionality. This typically affects active FTP data connections when | |
488 | using "actions=ct(alg=ftp),..." in flow tables. Specifically: | |
489 | * Centos 7.1 kernels (3.10.0-2xx) kernels are unable to correctly set | |
490 | up expectations for FTP data connections in multiple zones, | |
491 | eg "actions=ct(zone=1,alg=ftp),ct(zone=2,alg=ftp),...". Executing the | |
492 | "ct" action for subsequent data connections may fail to determine that | |
493 | the data connection is "related" to an existing connection. | |
494 | * Centos 7.2 kernels (3.10.0-3xx) kernels may not establish FTP ALG state | |
495 | correctly for NATed connections. As a result, flows that perform NAT, | |
496 | eg "actions=ct(nat,ftp=alg,table=1),..." may fail to NAT the packet, | |
497 | and will populate the "ct_state=inv" bit in the flow. | |
498 | ||
ca32170a | 499 | |
1c0383a9 | 500 | v2.5.0 - 26 Feb 2016 |
c4c7e593 | 501 | --------------------- |
e23812fc BP |
502 | - Dropped support for Python older than version 2.7. As a consequence, |
503 | using Open vSwitch 2.5 or later on XenServer 6.5 or earlier (which | |
504 | have Python 2.4) requires first installing Python 2.7. | |
0eb48fe1 BP |
505 | - OpenFlow: |
506 | * Group chaining (where one OpenFlow group triggers another) is | |
507 | now supported. | |
f70b94de | 508 | * OpenFlow 1.4+ "importance" is now considered for flow eviction. |
82c22d34 | 509 | * OpenFlow 1.4+ OFPTC_EVICTION is now implemented. |
de7d3c07 | 510 | * OpenFlow 1.4+ OFPTC_VACANCY_EVENTS is now implemented. |
03c72922 | 511 | * OpenFlow 1.4+ OFPMP_TABLE_DESC is now implemented. |
f6ecf944 | 512 | * Allow modifying the ICMPv4/ICMPv6 type and code fields. |
c61f4bc1 BP |
513 | * OpenFlow 1.4+ OFPT_SET_ASYNC_CONFIG and OFPT_GET_ASYNC_CONFIG are |
514 | now implemented. | |
6d5d1f3b BP |
515 | - ovs-ofctl: |
516 | * New "out_group" keyword for OpenFlow 1.1+ matching on output group. | |
c61f4bc1 BP |
517 | - Tunnels: |
518 | * Geneve tunnels can now match and set options and the OAM bit. | |
519 | * The nonstandard GRE64 tunnel extension has been dropped. | |
06994f87 | 520 | - Support Multicast Listener Discovery (MLDv1 and MLDv2). |
4249b547 | 521 | - Add 'symmetric_l3l4' and 'symmetric_l3l4+udp' hash functions. |
7321bda3 | 522 | - sFlow agent now reports tunnel and MPLS structures. |
548f9fe7 DDP |
523 | - New 'check-system-userspace', 'check-kmod' and 'check-kernel' Makefile |
524 | targets to run a new system testsuite. These tests can be run inside | |
525 | a Vagrant box. See INSTALL.md for details | |
195360dc AA |
526 | - Mark --syslog-target argument as deprecated. It will be removed in |
527 | the next OVS release. | |
e91b927d | 528 | - Added --user option to all daemons |
07659514 | 529 | - Add support for connection tracking through the new "ct" action |
9daf2348 JS |
530 | and "ct_state"/"ct_zone"/"ct_mark"/"ct_label" match fields. Only |
531 | available on Linux kernels with the connection tracking module loaded. | |
a2e61be6 RB |
532 | - Add experimental version of OVN. OVN, the Open Virtual Network, is a |
533 | system to support virtual network abstraction. OVN complements the | |
534 | existing capabilities of OVS to add native support for virtual network | |
535 | abstractions, such as virtual L2 and L3 overlays and security groups. | |
f6bf8880 PM |
536 | - RHEL packaging: |
537 | * DPDK ports may now be created via network scripts (see README.RHEL). | |
4573fbd3 FL |
538 | - DPDK: |
539 | * Requires DPDK 2.2 | |
540 | * Added multiqueue support to vhost-user | |
db6e1383 | 541 | * Note: QEMU 2.5+ required for multiqueue support |
c4c7e593 | 542 | |
2fac5fed | 543 | v2.4.0 - 20 Aug 2015 |
2c7ea589 | 544 | --------------------- |
39c94593 JR |
545 | - Flow table modifications are now atomic, meaning that each packet |
546 | now sees a coherent version of the OpenFlow pipeline. For | |
547 | example, if a controller removes all flows with a single OpenFlow | |
548 | "flow_mod", no packet sees an intermediate version of the OpenFlow | |
549 | pipeline where only some of the flows have been deleted. | |
db5076ee | 550 | - Added support for SFQ, FQ_CoDel and CoDel qdiscs. |
557570fa AW |
551 | - Add bash command-line completion support for ovs-vsctl Please check |
552 | utilities/ovs-command-compgen.INSTALL.md for how to use. | |
9d078ec2 BP |
553 | - The MAC learning feature now includes per-port fairness to mitigate |
554 | MAC flooding attacks. | |
18080541 BP |
555 | - New support for a "conjunctive match" OpenFlow extension, which |
556 | allows constructing OpenFlow matches of the form "field1 in | |
557 | {a,b,c...} AND field2 in {d,e,f...}" and generalizations. For details, | |
cc23805c | 558 | see documentation for the "conjunction" action in ovs-ofctl(8). |
423ede18 AW |
559 | - Add bash command-line completion support for ovs-appctl/ovs-dpctl/ |
560 | ovs-ofctl/ovsdb-tool commands. Please check | |
561 | utilities/ovs-command-compgen.INSTALL.md for how to use. | |
35f48b8b BP |
562 | - The "learn" action supports a new flag "delete_learned" that causes |
563 | the learned flows to be deleted when the flow with the "learn" action | |
564 | is deleted. | |
c1fc1411 JG |
565 | - Basic support for the Geneve tunneling protocol. It is not yet |
566 | possible to generate or match options. This is planned for a future | |
567 | release. The protocol is documented at | |
568 | http://tools.ietf.org/html/draft-gross-geneve-00 | |
a413195e | 569 | - The OVS database now reports controller rate limiting statistics. |
50b9699f | 570 | - sflow now exports information about LACP-based bonds, port names, and |
3d2912f2 | 571 | OpenFlow port numbers, as well as datapath performance counters. |
fceef209 DDP |
572 | - ovs-dpctl functionality is now available for datapaths integrated |
573 | into ovs-vswitchd, via ovs-appctl. Some existing ovs-appctl | |
574 | commands are now redundant and will be removed in a future | |
575 | release. See ovs-vswitchd(8) for details. | |
79fe0f46 | 576 | - OpenFlow: |
1c38055d JR |
577 | * OpenFlow 1.4 bundles are now supported for flow mods and port |
578 | mods. For flow mods, both 'atomic' and 'ordered' bundle flags | |
579 | are trivially supported, as all bundled messages are executed | |
580 | in the order they were added and all flow table modifications | |
581 | are now atomic to the datapath. Port mods may not appear in | |
582 | atomic bundles, as port status modifications are not atomic. | |
e60e935b | 583 | * IPv6 flow label and neighbor discovery fields are now modifiable. |
d3cb080e BP |
584 | * OpenFlow 1.5 extended registers are now supported. |
585 | * The OpenFlow 1.5 actset_output field is now supported. | |
586 | * OpenFlow 1.5 Copy-Field action is now supported. | |
587 | * OpenFlow 1.5 masked Set-Field action is now supported. | |
3c4e10fb | 588 | * OpenFlow 1.3+ table features requests are now supported (read-only). |
1b0ee636 | 589 | * Nicira extension "move" actions may now be included in action sets. |
2e34a6a3 SS |
590 | * "resubmit" actions may now be included in action sets. The resubmit |
591 | is executed last, and only if the action set has no "output" or "group" | |
592 | action. | |
ca26eb44 | 593 | * OpenFlow 1.4+ flow "importance" is now maintained in the flow table. |
0c4b9393 SH |
594 | * A new Netronome extension to OpenFlow 1.5+ allows control over the |
595 | fields hashed for OpenFlow select groups. See "selection_method" and | |
596 | related options in ovs-ofctl(8) for details. | |
db5076ee JR |
597 | - ovs-ofctl has a new '--bundle' option that makes the flow mod commands |
598 | ('add-flow', 'add-flows', 'mod-flows', 'del-flows', and 'replace-flows') | |
599 | use an OpenFlow 1.4 bundle to operate the modifications as a single | |
39c94593 JR |
600 | atomic transaction. If any of the flow mods in a transaction fail, none |
601 | of them are executed. All flow mods in a bundle appear to datapath | |
602 | lookups simultaneously. | |
db5076ee JR |
603 | - ovs-ofctl 'add-flow' and 'add-flows' commands now accept arbitrary flow |
604 | mods as an input by allowing the flow specification to start with an | |
605 | explicit 'add', 'modify', 'modify_strict', 'delete', or 'delete_strict' | |
606 | keyword. A missing keyword is treated as 'add', so this is fully | |
607 | backwards compatible. With the new '--bundle' option all the flow mods | |
39c94593 | 608 | are executed as a single atomic transaction using an OpenFlow 1.4 bundle. |
4a1f9610 | 609 | - ovs-pki: Changed message digest algorithm from MD5 to SHA-1 because |
9ff33ca7 BP |
610 | MD5 is no longer secure and some operating systems have started to disable |
611 | it in OpenSSL. | |
09e25603 TW |
612 | - ovsdb-server: New OVSDB protocol extension allows inequality tests on |
613 | "optional scalar" columns. See ovsdb-server(1) for details. | |
ff495b63 BP |
614 | - ovs-vsctl now permits immutable columns in a new row to be modified in |
615 | the same transaction that creates the row. | |
0bc1b46a BP |
616 | - test-controller has been renamed ovs-testcontroller at request of users |
617 | who find it useful for testing basic OpenFlow setups. It is still not | |
618 | a necessary or desirable part of most Open vSwitch deployments. | |
cccf7e9d | 619 | - Support for travis-ci.org based continuous integration builds has been |
542cc9bb | 620 | added. Build failures are reported to build@openvswitch.org. See INSTALL.md |
cccf7e9d | 621 | file for additional details. |
bbda3a2f DV |
622 | - Support for the Rapid Spanning Tree Protocol (IEEE 802.1D-2004). |
623 | The implementation has been tested successfully against the Ixia Automated | |
624 | Network Validation Library (ANVL). | |
2f9dd77f | 625 | - Stats are no longer updated on fake bond interface. |
3e5aeeb5 | 626 | - Keep active bond slave selection across OVS restart. |
ec8f0f0c | 627 | - A simple wrapper script, 'ovs-docker', to integrate OVS with Docker |
62dbc5bd GS |
628 | containers. If and when there is a native integration of Open vSwitch |
629 | with Docker, the wrapper script will be retired. | |
e5a1caee JG |
630 | - Added support for DPDK Tunneling. VXLAN, GRE, and Geneve are supported |
631 | protocols. This is generic tunneling mechanism for userspace datapath. | |
e3102e42 | 632 | - Support for multicast snooping (IGMPv1, IGMPv2 and IGMPv3) |
3afcde43 | 633 | - Support for Linux kernels up to 4.0.x |
d5460484 GS |
634 | - The documentation now use the term 'destination' to mean one of syslog, |
635 | console or file for vlog logging instead of the previously used term | |
636 | 'facility'. | |
ac6073e3 | 637 | - Support for VXLAN Group Policy extension |
99eef98b DF |
638 | - Initial support for the IETF Auto-Attach SPBM draft standard. This |
639 | contains rudimentary support for the LLDP protocol as needed for | |
640 | Auto-Attach. | |
d4763d1d JP |
641 | - The default OpenFlow and OVSDB ports are now the IANA-assigned |
642 | numbers. OpenFlow is 6653 and OVSDB is 6640. | |
58397e6c | 643 | - Support for DPDK vHost. |
4752cc0c | 644 | - Support for outer UDP checksums in Geneve and VXLAN. |
d0d986a5 TG |
645 | - The kernel vports with dependencies are no longer part of the overall |
646 | openvswitch.ko but built and loaded automatically as individual kernel | |
647 | modules (vport-*.ko). | |
4237026e | 648 | - Support for STT tunneling. |
6901639b BP |
649 | - ovs-sim: New developer tool for simulating multiple OVS instances. |
650 | See ovs-sim(1) for more information. | |
fe089c0d AA |
651 | - Support to configure method (--syslog-method argument) that determines |
652 | how daemons will talk with syslog. | |
532e1463 AA |
653 | - Support for "ovs-appctl vlog/list-pattern" command that lets to query |
654 | logging message format for each destination. | |
2c7ea589 JP |
655 | |
656 | ||
e13440fc | 657 | v2.3.0 - 14 Aug 2014 |
c5cf1059 | 658 | --------------------- |
6dc53744 BP |
659 | - OpenFlow 1.1, 1.2, and 1.3 are now enabled by default in |
660 | ovs-vswitchd. | |
69d6040e JR |
661 | - Linux kernel datapath now has an exact match cache optimizing the |
662 | flow matching process. | |
663 | - Datapath flows now have partially wildcarded tranport port field | |
664 | matches. This reduces userspace upcalls, but increases the | |
665 | number of different masks in the datapath. The kernel datapath | |
666 | exact match cache removes the overhead of matching the incoming | |
667 | packets with the larger number of masks, but when paired with an | |
668 | older kernel module, some workloads may perform worse with the | |
669 | new userspace. | |
0877a018 | 670 | - Compatibility with autoconf 2.63 (previously >=2.64) |
c5cf1059 | 671 | |
012c3a52 | 672 | v2.2.0 - Internal Release |
bff46ebb | 673 | --------------------- |
1839c356 FL |
674 | - Internal ports are no longer brought up by default, because it |
675 | should be an administrator task to bring up devices as they are | |
676 | configured properly. | |
c3ccfe98 AZ |
677 | - ovs-vsctl now reports when ovs-vswitchd fails to create a new port or |
678 | bridge. | |
9500f505 TG |
679 | - Port creation and configuration errors are now stored in a new error |
680 | column of the Interface table and included in 'ovs-vsctl show'. | |
7868fbc6 BP |
681 | - The "ovsdbmonitor" graphical tool has been removed, because it was |
682 | poorly maintained and not widely used. | |
e3c7ed29 | 683 | - New "check-ryu" Makefile target for running Ryu tests for OpenFlow |
542cc9bb | 684 | controllers against Open vSwitch. See INSTALL.md for details. |
f51e8ccb | 685 | - Added IPFIX support for SCTP flows and templates for ICMPv4/v6 flows. |
0b114fa0 GS |
686 | - Upon the receipt of a SIGHUP signal, ovs-vswitchd no longer reopens its |
687 | log file (it will terminate instead). Please use 'ovs-appctl vlog/reopen' | |
688 | instead. | |
e2f3178f | 689 | - Support for Linux kernels up to 3.14. From Kernel 3.12 onwards OVS uses |
cb25142c | 690 | tunnel API for GRE and VXLAN. |
8a9562d2 | 691 | - Added DPDK support. |
a5ed8fe3 | 692 | - Added support for custom vlog patterns in Python |
f51e8ccb | 693 | |
bff46ebb | 694 | |
a3aabcd2 | 695 | v2.1.0 - 19 Mar 2014 |
b366c1f4 | 696 | --------------------- |
13751fd8 JR |
697 | - Address prefix tracking support for flow tables. New columns |
698 | "prefixes" in OVS-DB table "Flow_Table" controls which packet | |
699 | header fields are used for address prefix tracking. Prefix | |
700 | tracking allows the classifier to skip rules with longer than | |
701 | necessary prefixes, resulting in better wildcarding for datapath | |
702 | flows. Default configuration is to not use any fields for prefix | |
703 | tracking. However, if any flow tables contain both exact matches | |
704 | and masked matches for IP address fields, OVS performance may be | |
705 | increased by using this feature. | |
706 | * As of now, the fields for which prefix lookup can be enabled | |
707 | are: 'tun_id', 'tun_src', 'tun_dst', 'nw_src', 'nw_dst' (or | |
708 | aliases 'ip_src' and 'ip_dst'), 'ipv6_src', and 'ipv6_dst'. | |
709 | (Using this feature for 'tun_id' would only make sense if the | |
710 | tunnel IDs have prefix structure similar to IP addresses.) | |
711 | * There is a maximum number of fields that can be enabled for any | |
712 | one flow table. Currently this limit is 3. | |
713 | * Examples: | |
714 | $ ovs-vsctl set Bridge br0 flow_tables:0=@N1 -- \ | |
715 | --id=@N1 create Flow_Table name=table0 | |
716 | $ ovs-vsctl set Bridge br0 flow_tables:1=@N1 -- \ | |
717 | --id=@N1 create Flow_Table name=table1 | |
718 | $ ovs-vsctl set Flow_Table table0 prefixes=ip_dst,ip_src | |
719 | $ ovs-vsctl set Flow_Table table1 prefixes=[] | |
bcb8bde4 JR |
720 | - TCP flags matching: OVS now supports matching of TCP flags. This |
721 | has an adverse performance impact when using OVS userspace 1.10 | |
722 | or older (no megaflows support) together with the new OVS kernel | |
723 | module. It is recommended that the kernel and userspace modules | |
724 | both are upgraded at the same time. | |
36359150 JP |
725 | - The default OpenFlow and OVSDB ports will change to |
726 | IANA-assigned numbers in a future release. Consider updating | |
727 | your installations to specify port numbers instead of using the | |
728 | defaults. | |
7fdb60a7 SH |
729 | - OpenFlow: |
730 | * The OpenFlow 1.1+ "Write-Actions" instruction is now supported. | |
484c8355 BP |
731 | * OVS limits the OpenFlow port numbers it assigns to port 32767 and |
732 | below, leaving port numbers above that range free for assignment | |
733 | by the controller. | |
4abb8608 BP |
734 | * ovs-vswitchd now honors changes to the "ofport_request" column |
735 | in the Interface table by changing the port's OpenFlow port | |
736 | number. | |
5dc6f8e1 | 737 | * The Open vSwitch software switch now supports OpenFlow groups. |
a5ae88ff AA |
738 | - ovs-vswitchd.conf.db.5 man page will contain graphviz/dot |
739 | diagram only if graphviz package was installed at the build time. | |
54af97ad | 740 | - Support for Linux kernels up to 3.11 |
847108dc AZ |
741 | - ovs-dpctl: |
742 | The "show" command also displays mega flow mask stats. | |
60e46251 BP |
743 | - ovs-ofctl: |
744 | * New command "ofp-parse-pcap" to dump OpenFlow from PCAP files. | |
1d5aaa61 BP |
745 | - ovs-controller has been renamed test-controller. It is no longer |
746 | packaged or installed by default, because too many users assumed | |
747 | incorrectly that ovs-controller was a necessary or desirable part | |
748 | of an Open vSwitch deployment. | |
afc9f547 | 749 | - Added vlog option to export to a UDP syslog sink. |
4227b221 BP |
750 | - ovsdb-client: |
751 | * The "monitor" command can now monitor all tables in a database, | |
752 | instead of being limited to a single table. | |
e79a6c83 EJ |
753 | - The flow-eviction-threshold has been replaced by the flow-limit which is a |
754 | hard limit on the number of flows in the datapath. It defaults to 200,000 | |
755 | flows. OVS automatically adjusts this number depending on network | |
756 | conditions. | |
e731d71b | 757 | - Added IPv6 support for active and passive socket communications. |
b366c1f4 JP |
758 | |
759 | ||
2fdb1879 | 760 | v2.0.0 - 15 Oct 2013 |
9f31efc7 | 761 | --------------------- |
d27705ea JP |
762 | - The ovs-vswitchd process is no longer single-threaded. Multiple |
763 | threads are now used to handle flow set up and asynchronous | |
764 | logging. | |
0ad90c84 | 765 | - OpenFlow: |
75fa58f8 BP |
766 | * Experimental support for OpenFlow 1.1 (in addition to 1.2 and |
767 | 1.3, which had experimental support in 1.10). | |
7395c052 NZ |
768 | * Experimental protocol support for OpenFlow 1.1+ groups. This |
769 | does not yet include an implementation in the Open vSwitch | |
770 | software switch. | |
771 | * Experimental protocol support for OpenFlow 1.2+ meters. This | |
772 | does not yet include an implementation in the Open vSwitch | |
773 | software switch. | |
0ad90c84 JR |
774 | * New support for matching outer source and destination IP address |
775 | of tunneled packets, for tunnel ports configured with the newly | |
e0eeeca5 | 776 | added "remote_ip=flow" and "local_ip=flow" options. |
ac923e91 JG |
777 | * Support for matching on metadata 'pkt_mark' for interacting with |
778 | other system components. On Linux this corresponds to the skb | |
779 | mark. | |
fe8a1798 | 780 | * Support matching, rewriting SCTP ports |
ea401d9a NM |
781 | - The Interface table in the database has a new "ifindex" column to |
782 | report the interface's OS-assigned ifindex. | |
81a114e5 BP |
783 | - New "check-oftest" Makefile target for running OFTest against Open |
784 | vSwitch. See README-OFTest for details. | |
380f49c4 | 785 | - The flow eviction threshold has been moved to the Open_vSwitch table. |
fb6de52c GS |
786 | - Database names are now mandatory when specifying ovsdb-server options |
787 | through database paths (e.g. Private key option with the database name | |
788 | should look like "--private-key=db:Open_vSwitch,SSL,private_key"). | |
fef5244f | 789 | - Added ovs-dev.py, a utility script helpful for Open vSwitch developers. |
9b764edf | 790 | - Support for Linux kernels up to 3.10 |
1ac0e975 BP |
791 | - ovs-ofctl: |
792 | * New "ofp-parse" for printing OpenFlow messages read from a file. | |
7395c052 | 793 | * New commands for OpenFlow 1.1+ groups. |
978427a5 | 794 | - Added configurable flow caching support to IPFIX exporter. |
37418c86 | 795 | - Dropped support for Linux pre-2.6.32. |
7c018033 BP |
796 | - Log file timestamps and ovsdb commit timestamps are now reported |
797 | with millisecond resolution. (Previous versions only reported | |
798 | whole seconds.) | |
9f31efc7 JP |
799 | |
800 | ||
03c8f0b7 | 801 | v1.11.0 - 28 Aug 2013 |
d224e350 | 802 | --------------------- |
d445cc16 JP |
803 | - Support for megaflows, which allows wildcarding in the kernel (and |
804 | any dpif implementation that supports wildcards). Depending on | |
805 | the flow table and switch configuration, flow set up rates are | |
806 | close to the Linux bridge. | |
eeecce05 BP |
807 | - The "tutorial" directory contains a new tutorial for some advanced |
808 | Open vSwitch features. | |
df53d41c | 809 | - Stable bond mode has been removed. |
1bda9b9e | 810 | - The autopath action has been removed. |
a6ae068b LJ |
811 | - New support for the data encapsulation format of the LISP tunnel |
812 | protocol (RFC 6830). An external control plane or manual flow | |
813 | setup is required for EID-to-RLOC mapping. | |
b676167a | 814 | - OpenFlow: |
0f3f3c3d SH |
815 | * The "dec_mpls_ttl" and "set_mpls_ttl" actions from OpenFlow |
816 | 1.1 and later are now implemented. | |
bd85dac1 AZ |
817 | * New "stack" extension for use in actions, to push and pop from |
818 | NXM fields. | |
a7b07d4c BP |
819 | * The "load" and "set_field" actions can now modify the "in_port". (This |
820 | allows one to enable output to a flow's input port by setting the | |
821 | in_port to some unused value, such as OFPP_NONE.) | |
186afbfe BP |
822 | - ovs-dpctl: |
823 | * New debugging commands "add-flow", "mod-flow", "del-flow". | |
041e7168 | 824 | * "dump-flows" now has a -m option to increase output verbosity. |
bcd2633a JP |
825 | - In dpif-based bridges, cache action translations, which can improve |
826 | flow set up performance by 80% with a complicated flow table. | |
ca03aae0 | 827 | - New syslog format, prefixed with "ovs|", to be easier to filter. |
f9ee9dcb GS |
828 | - RHEL: Removes the default firewall rule that allowed GRE traffic to |
829 | pass through. Any users that relied on this automatic firewall hole | |
830 | will have to manually configure it. The ovs-ctl(8) manpage documents | |
831 | the "enable-protocol" command that can be used as an alternative. | |
90967e95 EJ |
832 | - New CFM demand mode which uses data traffic to indicate interface |
833 | liveness. | |
d224e350 | 834 | |
b82b19e9 | 835 | v1.10.0 - 01 May 2013 |
4191f435 | 836 | --------------------- |
685e46da BP |
837 | - Bridge compatibility support has been removed. Any uses that |
838 | rely on ovs-brcompatd will have to stick with Open vSwitch 1.9.x | |
839 | or adapt to native Open vSwitch support (e.g. use ovs-vsctl instead | |
840 | of brctl). | |
c4069512 | 841 | - The maximum size of the MAC learning table is now configurable. |
989fd548 JP |
842 | - With the Linux datapath, packets for new flows are now queued |
843 | separately on a per-port basis, so it should no longer be | |
844 | possible for a large number of new flows arriving on one port to | |
845 | prevent new flows from being processed on other ports. | |
43d18dc1 BP |
846 | - ovs-vsctl: |
847 | * Previously ovs-vsctl would retry connecting to the database forever, | |
848 | causing it to hang if ovsdb-server was not running. Now, ovs-vsctl | |
849 | only tries once by default (use --retry to try forever). This change | |
850 | means that you may want to remove uses of --timeout to avoid hangs | |
851 | in ovs-vsctl calls. | |
852 | * Many "ovs-vsctl" database commands now accept an --if-exists option. | |
853 | Please refer to the ovs-vsctl manpage for details. | |
e6024057 | 854 | - OpenFlow: |
d6123831 JP |
855 | - Experimental support for newer versions of OpenFlow. See |
856 | the "What versions of OpenFlow does Open vSwitch support?" | |
857 | question in the FAQ for more details. | |
e6024057 JP |
858 | - The OpenFlow "dp_desc" may now be configured by setting the |
859 | value of other-config:dp-desc in the Bridge table. | |
860 | - It is possible to request the OpenFlow port number with the | |
861 | "ofport_request" column in the Interface table. | |
c9accf5b BP |
862 | - The NXM flow_removed message now reports the OpenFlow table ID |
863 | from which the flow was removed. | |
3c23e920 JP |
864 | - Tunneling: |
865 | - New support for the VXLAN tunnel protocol (see the IETF draft here: | |
238bc978 | 866 | http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-03). |
3c23e920 JP |
867 | - Tunneling requires the version of the kernel module paired with |
868 | Open vSwitch 1.9.0 or later. | |
869 | - Inheritance of the Don't Fragment bit in IP tunnels (df_inherit) | |
870 | is no longer supported. | |
871 | - Path MTU discovery is no longer supported. | |
ccd989e0 JG |
872 | - CAPWAP tunneling support removed. |
873 | - Tunnels with multicast destination ports are no longer supported. | |
e6024057 JP |
874 | - ovs-dpctl: |
875 | - The "dump-flows" and "del-flows" no longer require an argument | |
876 | if only one datapath exists. | |
877 | - ovs-appctl: | |
878 | - New "vlog/disable-rate-limit" and "vlog/enable-rate-limit" | |
879 | commands available allow control over logging rate limits. | |
880 | - New "dpif/dump-dps", "dpif/show", and "dpif/dump-flows" command | |
881 | that mimic the equivalent ovs-dpctl commands. | |
e6024057 JP |
882 | - The ofproto library is now responsible for assigning OpenFlow port |
883 | numbers. An ofproto implementation should assign them when | |
884 | port_construct() is called. | |
885 | - All dpif-based bridges of a particular type share a common | |
886 | datapath called "ovs-<type>", e.g. "ovs-system". The ovs-dpctl | |
887 | commands will now return information on that shared datapath. To | |
888 | get the equivalent bridge-specific information, use the new | |
889 | "ovs-appctl dpif/*" commands. | |
bedde04c GS |
890 | - Backward-incompatible changes: |
891 | - Earlier Open vSwitch versions treated ANY as a wildcard in flow | |
892 | syntax. OpenFlow 1.1 adds a port named ANY, which introduces a | |
893 | conflict. ANY was rarely used in flow syntax, so we chose to | |
894 | retire that meaning of ANY in favor of the OpenFlow 1.1 meaning. | |
3c23e920 JP |
895 | - Patch ports no longer require kernel support, so they now work |
896 | with FreeBSD and the kernel module built into Linux 3.3 and later. | |
29089a54 | 897 | - New "sample" action. |
f07ee64c | 898 | |
e5f77cc3 | 899 | |
fdfe872d JP |
900 | v1.9.0 - 26 Feb 2013 |
901 | ------------------------ | |
72e8bf28 AA |
902 | - Datapath: |
903 | - Support for ipv6 set action. | |
904 | - SKB mark matching and setting. | |
64807dfb | 905 | - support for Linux kernels up to 3.8 |
f6eb6b20 GL |
906 | - FreeBSD is now a supported platform, thanks to code contributions from |
907 | Gaetano Catalli, Ed Maste, and Giuseppe Lettieri. | |
b592e726 | 908 | - ovs-bugtool: New --ovs option to report only OVS related information. |
781dee08 BP |
909 | - New %t and %T log escapes to identify the subprogram within a |
910 | cooperating group of processes or threads that emitted a log message. | |
911 | The default log patterns now include this information. | |
32455024 | 912 | - OpenFlow: |
e878338b SH |
913 | - Allow bitwise masking for SHA and THA fields in ARP, SLL and TLL |
914 | fields in IPv6 neighbor discovery messages, and IPv6 flow label. | |
4cceacb9 | 915 | - Adds support for writing to the metadata field for a flow. |
3c23e920 JP |
916 | - Tunneling: |
917 | - The tunneling code no longer assumes input and output keys are | |
918 | symmetric. If they are not, PMTUD needs to be disabled for | |
919 | tunneling to work. Note this only applies to flow-based keys. | |
920 | - New support for a nonstandard form of GRE that supports a 64-bit key. | |
921 | - Tunnel Path MTU Discovery default value was set to 'disabled'. | |
922 | This feature is deprecated and will be removed soon. | |
923 | - Tunnel header caching removed. | |
c6100d92 BP |
924 | - ovs-ofctl: |
925 | - Commands and actions that accept port numbers now also accept keywords | |
926 | that represent those ports (such as LOCAL, NONE, and ALL). This is | |
927 | also the recommended way to specify these ports, for compatibility | |
928 | with OpenFlow 1.1 and later (which use the OpenFlow 1.0 numbers | |
929 | for these ports for different purposes). | |
2562714a | 930 | - ovs-dpctl: |
4b3b8d8f JP |
931 | - Support requesting the port number with the "port_no" option in |
932 | the "add-if" command. | |
2562714a BP |
933 | - ovs-pki: The "online PKI" features have been removed, along with |
934 | the ovs-pki-cgi program that facilitated it, because of some | |
935 | alarmist insecurity claims. We do not believe that these claims | |
936 | are true, but because we do not know of any users for this | |
937 | feature it seems better on balance to remove it. (The ovs-pki-cgi | |
938 | program was not included in distribution packaging.) | |
341c4e59 BP |
939 | - ovsdb-server now enforces the immutability of immutable columns. This |
940 | was not enforced in earlier versions due to an oversight. | |
fd38af85 BP |
941 | - The following features are now deprecated. They will be removed no |
942 | earlier than February 2013. Please email dev@openvswitch.org with | |
943 | concerns. | |
a8643e44 | 944 | - Bridge compatibility. |
fd38af85 BP |
945 | - Stable bond mode. |
946 | - The autopath action. | |
947 | - Interface type "null". | |
948 | - Numeric values for reserved ports (see "ovs-ofctl" note above). | |
85340733 | 949 | - Tunnel Path MTU Discovery. |
1280bf0e | 950 | - CAPWAP tunnel support. |
f07ee64c MM |
951 | - The data in the RARP packets can now be matched in the same way as the |
952 | data in ARP packets. | |
945cad7f | 953 | |
79f827fa | 954 | |
fdfe872d | 955 | v1.8.0 - 26 Feb 2013 |
c8d5d22c | 956 | ------------------------ |
fdfe872d | 957 | *** Internal only release *** |
c483d489 | 958 | - New FAQ. Please send updates and additions! |
f25d0cf3 BP |
959 | - Authors of controllers, please read the new section titled "Action |
960 | Reproduction" in DESIGN, which describes an Open vSwitch change in | |
961 | behavior in corner cases that may affect some controllers. | |
2d8bdd8f AA |
962 | - ovs-l3ping: |
963 | - A new test utility that can create L3 tunnel between two Open | |
964 | vSwitches and detect connectivity issues. | |
5498c01f | 965 | - ovs-ofctl: |
bdcc5925 | 966 | - New --sort and --rsort options for "dump-flows" command. |
5498c01f | 967 | - "mod-port" command can now control all OpenFlow config flags. |
c08201d6 | 968 | - OpenFlow: |
ff0b06ee BP |
969 | - Allow general bitwise masking for IPv4 and IPv6 addresses in |
970 | IPv4, IPv6, and ARP packets. (Previously, only CIDR masks | |
c08201d6 BP |
971 | were allowed.) |
972 | - Allow support for arbitrary Ethernet masks. (Previously, only | |
973 | the multicast bit in the destination address could be individually | |
5a0e4aec | 974 | masked.) |
969fc56c | 975 | - New field OXM_OF_METADATA, to align with OpenFlow 1.1. |
0414d158 BP |
976 | - The OFPST_QUEUE request now reports an error if a specified port or |
977 | queue does not exist, or for requests for a specific queue on all | |
978 | ports, if the specified queue does not exist on any port. (Previous | |
979 | versions generally reported an empty set of results.) | |
2b07c8b1 BP |
980 | - New "flow monitor" feature to allow controllers to be notified of |
981 | flow table changes as they happen. | |
c93f9a78 EJ |
982 | - Additional protocols are not mirrored and dropped when forward-bpdu is |
983 | false. For a full list, see the ovs-vswitchd.conf.db man page. | |
38f7147c EJ |
984 | - Open vSwitch now sends RARP packets in situations where it previously |
985 | sent a custom protocol, making it consistent with behavior of QEMU and | |
986 | VMware. | |
969e46a2 AS |
987 | - All Open vSwitch programs and log files now show timestamps in UTC, |
988 | instead the local timezone, by default. | |
c8d5d22c JP |
989 | |
990 | ||
3b4ab170 | 991 | v1.7.0 - 30 Jul 2012 |
dd1ba5b3 | 992 | ------------------------ |
9b80f761 CW |
993 | - kernel modules are renamed. openvswitch_mod.ko is now |
994 | openvswitch.ko and brcompat_mod.ko is now brcompat.ko. | |
e9358af6 | 995 | - Increased the number of NXM registers to 8. |
22dd5cec | 996 | - Added ability to configure DSCP setting for manager and controller |
f125905c MM |
997 | connections. By default, these connections have a DSCP value of |
998 | Internetwork Control (0xc0). | |
3967a833 MM |
999 | - Added the granular link health statistics, 'cfm_health', to an |
1000 | interface. | |
47284b1f AA |
1001 | - OpenFlow: |
1002 | - Added support to mask nd_target for ICMPv6 neighbor discovery flows. | |
2be393ed JP |
1003 | - Added support for OpenFlow 1.3 port description (OFPMP_PORT_DESC) |
1004 | multipart messages. | |
1005 | - ovs-ofctl: | |
1006 | - Added the "dump-ports-desc" command to retrieve port | |
1007 | information using the new port description multipart messages. | |
8d25d9a2 AA |
1008 | - ovs-test: |
1009 | - Added support for spawning ovs-test server from the client. | |
1010 | - Now ovs-test is able to automatically create test bridges and ports. | |
7393104d | 1011 | - "ovs-dpctl dump-flows" now prints observed TCP flags in TCP flows. |
22dd5cec | 1012 | - Tripled flow setup performance. |
a5f607bc BP |
1013 | - The "coverage/log" command previously available through ovs-appctl |
1014 | has been replaced by "coverage/show". The new command replies with | |
1015 | coverage counter values, instead of logging them. | |
dd1ba5b3 JP |
1016 | |
1017 | ||
9d564cb2 | 1018 | v1.6.1 - 25 Jun 2012 |
d0a8c2e0 | 1019 | ------------------------ |
9d564cb2 JP |
1020 | - Allow OFPP_CONTROLLER as the in_port for packet-out messages. |
1021 | ||
1022 | ||
1023 | v1.6.0 - 24 Feb 2012 | |
1024 | ------------------------ | |
1025 | *** Internal only release *** | |
4df08875 | 1026 | - bonding |
bdebeece EJ |
1027 | - LACP bonds no longer fall back to balance-slb when negotiations fail. |
1028 | Instead they drop traffic. | |
4df08875 EJ |
1029 | - The default bond_mode changed from SLB to active-backup, to protect |
1030 | unsuspecting users from the significant risks of SLB bonds (which are | |
1031 | documented in vswitchd/INTERNALS). | |
bc1b010c EJ |
1032 | - Load balancing can be disabled by setting the bond-rebalance-interval |
1033 | to zero. | |
73f33563 BP |
1034 | - OpenFlow: |
1035 | - Added support for bitwise matching on TCP and UDP ports. | |
1036 | See ovs-ofctl(8) for more information. | |
80d5aefd BP |
1037 | - NXM flow dumps now include times elapsed toward idle and hard |
1038 | timeouts. | |
1039 | - Added an OpenFlow extension NXT_SET_ASYNC_CONFIG that allows | |
1040 | controllers more precise control over which OpenFlow messages they | |
1041 | receive asynchronously. | |
0e553d9c BP |
1042 | - New "fin_timeout" action. |
1043 | - Added "fin_timeout" support to "learn" action. | |
a7349929 BP |
1044 | - New Nicira action NXAST_CONTROLLER that offers additional features |
1045 | over output to OFPP_CONTROLLER. | |
2c999774 BP |
1046 | - When QoS settings for an interface do not configure a default queue |
1047 | (queue 0), Open vSwitch now uses a default configuration for that | |
1048 | queue, instead of dropping all packets as in previous versions. | |
2a3e30b2 BP |
1049 | - Logging: |
1050 | - Logging to console and file will have UTC timestamp as a default for | |
1051 | all the daemons. An example of the default format is | |
1052 | 2012-01-27T16:35:17Z. ovs-appctl can be used to change the default | |
1053 | format as before. | |
1054 | - The syntax of commands and options to set log levels was simplified, | |
1055 | to make it easier to remember. | |
254750ce BP |
1056 | - New support for limiting the number of flows in an OpenFlow flow |
1057 | table, with configurable policy for evicting flows upon | |
1058 | overflow. See the Flow_Table table in ovs-vswitch.conf.db(5) | |
1059 | for more information. | |
9886b662 BP |
1060 | - New "enable-async-messages" column in the Controller table. If set to |
1061 | false, OpenFlow connections to the controller will initially have all | |
1062 | asynchronous messages disabled, overriding normal OpenFlow behavior. | |
1745cd08 BP |
1063 | - ofproto-provider interface: |
1064 | - "struct rule" has a new member "used" that ofproto implementations | |
1065 | should maintain by updating with ofproto_rule_update_used(). | |
8f46c9bb BP |
1066 | - ovsdb-client: |
1067 | - The new option --timestamp causes the "monitor" command to print | |
1068 | a timestamp with every update. | |
a7aa2d3c | 1069 | - CFM module CCM broadcasts can now be tagged with an 802.1p priority. |
d0a8c2e0 JP |
1070 | |
1071 | ||
a6492d91 | 1072 | v1.5.0 - 01 Jun 2012 |
e68bfcfc | 1073 | ------------------------ |
e729e793 JP |
1074 | - OpenFlow: |
1075 | - Added support for querying, modifying, and deleting flows | |
1076 | based on flow cookie when using NXM. | |
b4b7f827 | 1077 | - Added new NXM_PACKET_IN format. |
f0fd1a17 | 1078 | - Added new NXAST_DEC_TTL action. |
1eb85ef5 EJ |
1079 | - ovs-ofctl: |
1080 | - Added daemonization support to the monitor and snoop commands. | |
2a9537e2 BP |
1081 | - ovs-vsctl: |
1082 | - The "find" command supports new set relational operators | |
1083 | {=}, {!=}, {<}, {>}, {<=}, and {>=}. | |
e4476f74 BP |
1084 | - ovsdb-tool now uses the typical database and schema installation |
1085 | directories as defaults. | |
d1add61d JP |
1086 | - The default MAC learning timeout has been increased from 60 seconds |
1087 | to 300 seconds. The MAC learning timeout is now configurable. | |
e68bfcfc JP |
1088 | |
1089 | ||
ef13dc11 | 1090 | v1.4.0 - 30 Jan 2012 |
b6a9a95b | 1091 | ------------------------ |
50bf17cd | 1092 | - Compatible with Open vSwitch kernel module included in Linux 3.3. |
52a90c29 BP |
1093 | - New "VLAN splinters" feature to work around buggy device drivers |
1094 | in old Linux versions. (This feature is deprecated. When | |
1095 | broken device drivers are no longer in widespread use, we will | |
1096 | delete this feature.) See ovs-vswitchd.conf.db(5) for more | |
1097 | information. | |
fa8223b7 JP |
1098 | - OpenFlow: |
1099 | - Added ability to match on IPv6 flow label through NXM. | |
530180fd | 1100 | - Added ability to match on ECN bits in IPv4 and IPv6 through NXM. |
a61680c6 | 1101 | - Added ability to match on TTL in IPv4 and IPv6 through NXM. |
530180fd | 1102 | - Added ability to modify ECN bits in IPv4. |
a61680c6 | 1103 | - Added ability to modify TTL in IPv4. |
9d24de3b | 1104 | - ovs-vswitchd: |
c06bba01 JP |
1105 | - Don't require the "normal" action to use mirrors. Traffic will |
1106 | now be properly mirrored for any flows, regardless of their | |
1107 | actions. | |
9d24de3b | 1108 | - Track packet and byte statistics sent on mirrors. |
733adf2a LG |
1109 | - The sFlow implementation can now usually infer the correct agent |
1110 | device instead of having to be told explicitly. | |
f0a3aa2e AA |
1111 | - ovs-appctl: |
1112 | - New "fdb/flush" command to flush bridge's MAC learning table. | |
0be6140a AA |
1113 | - ovs-test: |
1114 | - A new distributed testing tool that allows one to diagnose performance | |
1115 | and connectivity issues. This tool currently is not included in RH or | |
1116 | Xen packages. | |
0fb42626 | 1117 | - RHEL packaging now supports integration with Red Hat network scripts. |
4c57c3bc EJ |
1118 | - bonding: |
1119 | - Post 1.4.*, OVS will be changing the default bond mode from balance-slb | |
1120 | to active-backup. SLB bonds carry significant risks with them | |
1121 | (documented vswitchd/INTERNALS) which we want to prevent unsuspecting | |
1122 | users from running into. Users are advised to update any scripts or | |
1123 | configuration which may be negatively impacted by explicitly setting | |
1124 | the bond mode which they want to use. | |
b6a9a95b | 1125 | |
0be6140a | 1126 | |
ddc29387 | 1127 | v1.3.0 - 09 Dec 2011 |
3e60856b | 1128 | ------------------------ |
f694937d EJ |
1129 | - OpenFlow: |
1130 | - Added an OpenFlow extension which allows the "output" action to accept | |
1131 | NXM fields. | |
75a75043 | 1132 | - Added an OpenFlow extension for flexible learning. |
d2c0fed9 | 1133 | - Bumped number of NXM registers from four to five. |
d5e1e5ed | 1134 | - ovs-appctl: |
ae75dae3 JP |
1135 | - New "version" command to determine version of running daemon. |
1136 | - If no argument is provided for "cfm/show", displays detailed | |
1137 | information about all interfaces with CFM enabled. | |
5dab8ece JP |
1138 | - If no argument is provided for "lacp/show", displays detailed |
1139 | information about all ports with LACP enabled. | |
10500639 BP |
1140 | - ovs-dpctl: |
1141 | - New "set-if" command to modify a datapath port's configuration. | |
29901626 BP |
1142 | - ovs-vswitchd: |
1143 | - The software switch now supports 255 OpenFlow tables, instead | |
1144 | of just one. By default, only table 0 is consulted, but the | |
1145 | new NXAST_RESUBMIT_TABLE action can look up in additional | |
1146 | tables. Tables 128 and above are reserved for use by the | |
1147 | switch itself; please use only tables 0 through 127. | |
21f7563c | 1148 | - Add support for 802.1D spanning tree (STP). |
7257b535 BP |
1149 | - Fragment handling extensions: |
1150 | - New OFPC_FRAG_NX_MATCH fragment handling mode, in which L4 | |
1151 | fields are made available for matching in fragments with | |
1152 | offset 0. | |
1153 | - New NXM_NX_IP_FRAG match field for matching IP fragments (usable | |
1154 | via "ip_frag" in ovs-ofctl). | |
1155 | - New ovs-ofctl "get-frags" and "set-frags" commands to get and set | |
1156 | fragment handling policy. | |
2f4bc10d BP |
1157 | - CAPWAP tunneling now supports an extension to transport a 64-bit key. |
1158 | By default it remains compatible with the old version and other | |
c87112ca | 1159 | standards-based implementations. |
17411ecf JG |
1160 | - Flow setups are now processed in a round-robin manner across ports |
1161 | to prevent any single client from monopolizing the CPU and conducting | |
1162 | a denial of service attack. | |
ecac4ebf BP |
1163 | - Added support for native VLAN tagging. A new "vlan_mode" |
1164 | parameter can be set for "port". Possible values: "access", | |
1165 | "trunk", "native-tagged" and "native-untagged". | |
023e1e0a | 1166 | - test-openflowd has been removed. Please use ovs-vswitchd instead. |
3e60856b | 1167 | |
5e9c5b61 | 1168 | v1.2.0 - 03 Aug 2011 |
b78f6b77 | 1169 | ------------------------ |
1a142ced JP |
1170 | - New "ofproto" abstraction layer to ease porting to hardware |
1171 | switching ASICs. | |
1172 | - Packaging for Red Hat Enterprise Linux 5.6 and 6.0. | |
1173 | - Datapath support for Linux kernels up to 3.0. | |
1174 | - OpenFlow: | |
1175 | - New "bundle" and "bundle_load" action extensions. | |
1176 | - Database: | |
1177 | - Implement table unique constraints. | |
1178 | - Support cooperative locking between callers. | |
1179 | - ovs-dpctl: | |
1180 | - New "-s" option for "show" command prints packet and byte | |
1181 | counters for each port. | |
c4ea79bf BP |
1182 | - ovs-ofctl: |
1183 | - New "--readd" option for "replace-flows". | |
9b1735a7 BP |
1184 | - ovs-vsctl: |
1185 | - New "show" command to print an overview of configuration. | |
1a142ced | 1186 | - New "comment" command to add remark that explains intentions. |
2b01925c | 1187 | - ovs-brcompatd has been rewritten to fix long-standing bugs. |
045b2e5c BP |
1188 | - ovs-openflowd has been renamed test-openflowd and moved into the |
1189 | tests directory. Its presence confused too many users. Please | |
1190 | use ovs-vswitchd instead. | |
1a142ced JP |
1191 | - New ovs-benchmark utility to test flow setup performance. |
1192 | - A new log level "off" has been added. Configuring a log facility | |
1193 | "off" prevents any messages from being logged to it. Previously, | |
1194 | "emer" was effectively "off" because no messages were ever logged at | |
1195 | level "emer". Now, errors that cause a process to exit are logged | |
1196 | at "emer" level. | |
8a2d6596 BP |
1197 | - "configure" option --with-l26 has been renamed --with-linux, and |
1198 | --with-l26-source has been renamed --with-linux-source. The old | |
1199 | names will be removed after the next release, so please update | |
1200 | your scripts. | |
22bcc0e7 JG |
1201 | - The "-2.6" suffix has been dropped from the datapath/linux-2.6 and |
1202 | datapath/linux-2.6/compat-2.6 directories. | |
b78f6b77 BP |
1203 | - Feature removals: |
1204 | - Dropped support for "tun_id_from_cookie" OpenFlow extension. | |
0be6140a | 1205 | Please use the extensible match extensions instead. |
93b8df38 EJ |
1206 | - Removed the Maintenance_Point and Monitor tables in an effort |
1207 | to simplify 802.1ag configuration. | |
1a142ced JP |
1208 | - Performance and scalability improvements |
1209 | - Bug fixes | |
b78f6b77 | 1210 | |
d4da3acc JP |
1211 | v1.1.0 - 05 Apr 2011 |
1212 | ------------------------ | |
1213 | - Ability to define policies over IPv6 | |
1214 | - LACP | |
1215 | - 802.1ag CCM | |
1216 | - Support for extensible match extensions to OpenFlow | |
1217 | - QoS: | |
1218 | - Support for HFSC qdisc. | |
1219 | - Queue used by in-band control can now be configured. | |
1220 | - Kernel: | |
1221 | - Kernel<->userspace interface has been reworked and should be | |
1222 | close to a stable ABI now. | |
1223 | - "Port group" concept has been dropped. | |
1224 | - GRE over IPSEC tunnels | |
1225 | - Bonding: | |
1226 | - New active backup bonding mode. | |
1227 | - New L4 hashing support when LACP is enabled. | |
1228 | - Source MAC hash now includes VLAN field also. | |
1229 | - miimon support. | |
1230 | - Greatly improved handling of large flow tables | |
1231 | - ovs-dpctl: | |
1232 | - "show" command now prints full vport configuration. | |
1233 | - "dump-groups" command removed since kernel support for | |
1234 | port groups was dropped. | |
1235 | - ovs-vsctl: | |
1236 | - New commands for working with the new Managers table. | |
1237 | - "list" command enhanced with new formatting options and --columns | |
1238 | option. | |
1239 | - "get" command now accepts new --id option. | |
1240 | - New "find" command. | |
1241 | - ovs-ofctl: | |
1242 | - New "queue-stats" command for printing queue stats. | |
1243 | - New commands "replace-flows" and "diff-flows". | |
1244 | - Commands to add and remove flows can now read from files. | |
1245 | - New --flow-format option to enable or disable NXM. | |
1246 | - New --more option to increase OpenFlow message verbosity. | |
1247 | - Removed "tun-cookie" command, which is no longer useful. | |
1248 | - ovs-controller enhancements for testing various features. | |
1249 | - New ovs-vlan-test command for testing for Linux kernel driver VLAN | |
1250 | bugs. New ovs-vlan-bug-workaround command for enabling and | |
1251 | disabling a workaround for these driver bugs. | |
1252 | - OpenFlow support: | |
35d25d44 | 1253 | - "Resubmit" actions now update flow statistics. |
d4da3acc JP |
1254 | - New "register" extension for use in matching and actions, via NXM. |
1255 | - New "multipath" experimental action extension. | |
1256 | - New support for matching multicast Ethernet frames, via NXM. | |
1257 | - New extension for OpenFlow vendor error codes. | |
1258 | - New extension to set the QoS output queue without actually | |
1259 | sending to an output port. | |
1260 | - Open vSwitch now reports a single flow table, instead of | |
1261 | separate hash and wildcard tables. This better models the | |
1262 | current implementation. | |
1263 | - New experimental "note" action. | |
1264 | - New "ofproto/trace" ovs-appctl command and associated utilities | |
1265 | to ease debugging complex flow tables. | |
1266 | - Database: | |
1267 | - Schema documentation now includes an entity-relationship diagram. | |
1268 | - The database is now garbage collected. In most tables, | |
1269 | unreferenced rows will be deleted automatically. | |
1270 | - Many tables now include statistics updated periodically by | |
1271 | ovs-vswitchd or ovsdb-server. | |
1272 | - Every table now has an "external-ids" column for use by OVS | |
1273 | integrators. | |
1274 | - There is no default controller anymore. Each bridge must have its | |
1275 | controller individually specified. | |
1276 | - The "fail-mode" is now a property of a Bridge instead of a Controller. | |
1277 | - New versioning and checksum features. | |
1278 | - New Managers table and manager_options column in Open_vSwitch table | |
1279 | for specifying managers. The old "managers" column in the | |
1280 | Open_vSwitch table has been removed. | |
1281 | - Many "name" columns are now immutable. | |
1282 | - Feature removals: | |
1283 | - Dropped support for XenServer pre-5.6.100. | |
1284 | - Dropped support for Linux pre-2.6.18. | |
1285 | - Dropped controller discovery support. | |
1286 | - Dropped "ovs-ofctl status" and the OpenFlow extension that it used. | |
1287 | Statistics reporting in the database is a rough equivalent. | |
1288 | - Dropped the "corekeeper" package (now separate, at | |
1289 | http://openvswitch.org/cgi-bin/gitweb.cgi?p=corekeeper). | |
1290 | - Performance and scalability improvements | |
1291 | - Bug fixes | |
1292 | ||
d5905136 JP |
1293 | v1.1.0pre2 - 13 Sep 2010 |
1294 | ------------------------ | |
1295 | - Bug fixes | |
1296 | ||
fdf20378 JP |
1297 | v1.1.0pre1 - 31 Aug 2010 |
1298 | ------------------------ | |
476d56f5 JP |
1299 | - OpenFlow 1.0 slicing (QoS) functionality |
1300 | - Python bindings for configuration database (no write support) | |
1301 | - Performance and scalability improvements | |
1302 | - Bug fixes | |
1303 | ||
b9b0865a JP |
1304 | v1.0.1 - 31 May 2010 |
1305 | -------------------- | |
1306 | - New "patch" interface type | |
1307 | - Bug fixes | |
1308 | ||
7c284ac4 JP |
1309 | v1.0.0 - 15 May 2010 |
1310 | -------------------- | |
1311 | - Configuration database with remote management | |
1312 | - OpenFlow 1.0 | |
1313 | - GRE tunneling | |
1314 | - Support for XenServer 5.5 and 5.6 | |
1315 | - Performance and scalability improvements | |
1316 | - Bug fixes | |
1317 | ||
2f0a1f42 JP |
1318 | v0.99.2 - 18 Feb 2010 |
1319 | --------------------- | |
1320 | - Bug fixes | |
1321 | ||
b84a0589 JP |
1322 | v0.99.1 - 25 Jan 2010 |
1323 | --------------------- | |
1324 | - Add support for sFlow(R) | |
1325 | - Make headers compatible with C++ | |
1326 | - Bug fixes | |
1327 | ||
b7f22a6a JP |
1328 | v0.99.0 - 14 Jan 2010 |
1329 | --------------------- | |
1330 | - User-space forwarding engine | |
1331 | - Bug fixes | |
35d25d44 | 1332 | |
6d735676 JP |
1333 | v0.90.7 - 29 Nov 2009 |
1334 | --------------------- | |
1335 | - Add support for NetFlow active timeouts | |
1336 | - Bug fixes | |
b7f22a6a | 1337 | |
ef5925df JP |
1338 | v0.90.6 - 6 Oct 2009 |
1339 | -------------------- | |
1340 | - Bug fixes | |
1341 | ||
3c708eb8 | 1342 | v0.90.5 - 21 Sep 2009 |
30ee1c4d JP |
1343 | --------------------- |
1344 | - Generalize in-band control to more diverse network setups | |
1345 | - Bug fixes |