]>
Commit | Line | Data |
---|---|---|
fe2870c5 JP |
1 | Post-v2.11.0 |
2 | --------------------- | |
8411b6cc IM |
3 | - DPDK: |
4 | * New option 'other_config:dpdk-socket-limit' to limit amount of | |
5 | hugepage memory that can be used by DPDK. | |
29718ad4 BP |
6 | - OpenFlow: |
7 | * Removed support for OpenFlow 1.6 (draft), which ONF abandoned. | |
9b2b8497 VDA |
8 | - Userspace datapath: |
9 | * ICMPv6 ND enhancements: support for match and set ND options type | |
10 | and reserved fields. | |
4ea96698 DB |
11 | * Add v4/v6 fragmentation support for conntrack. |
12 | * New ovs-appctl "dpctl/ipf-set-enabled" and "dpctl/ipf-set-disabled" | |
13 | commands for userspace datapath conntrack fragmentation support. | |
14 | * New "ovs-appctl dpctl/ipf-set-min-frag" command for userspace | |
15 | datapath conntrack fragmentation support. | |
16 | * New "ovs-appctl dpctl/ipf-set-max-nfrags" command for userspace datapath | |
17 | conntrack fragmentation support. | |
18 | * New "ovs-appctl dpctl/ipf-get-status" command for userspace datapath | |
19 | conntrack fragmentation support. | |
23a4e016 HZ |
20 | - OVSDB: |
21 | * OVSDB clients can now resynchronize with clustered servers much more | |
22 | quickly after a brief disconnection, saving bandwidth and CPU time. | |
23 | See section 4.1.15 of ovsdb-server(7) for details of related OVSDB | |
24 | protocol extension. | |
f1301a25 | 25 | - OVN: |
de0c1c32 LB |
26 | * IPAM/MACAM: |
27 | - select IPAM mac_prefix in a random manner if not provided by the user | |
28 | - add the capability to specify a static IPv4 and/or IPv6 address and | |
29 | get the L2 one allocated dynamically using the following syntax: | |
30 | ovn-nbctl lsp-set-addresses <port> "dynamic <IPv4 addr> <IPv6 addr>" | |
bddb73db | 31 | * Added the HA chassis group support. |
96080083 | 32 | * Added 'external' logical port support. |
2f564bb1 | 33 | - New QoS type "linux-netem" on Linux. |
fe2870c5 | 34 | |
0af63ac5 | 35 | v2.11.0 - 19 Feb 2019 |
024810cf | 36 | --------------------- |
4e413ac8 BP |
37 | - OpenFlow: |
38 | * OFPMP_TABLE_FEATURES_REQUEST can now modify table features. | |
39 | - ovs-ofctl: | |
40 | * "mod-table" command can now change OpenFlow table names. | |
08c05ad2 | 41 | - ovn: |
b6413ae4 HZ |
42 | * OVN-SB schema changed: duplicated IP with same Encapsulation type |
43 | is not allowed any more. Please refer to | |
44 | Documentation/intro/install/ovn-upgrades.rst for the instructions | |
45 | in case there are problems encountered when upgrading from an earlier | |
46 | version. | |
fcd8f561 | 47 | * New support for IPSEC encrypted tunnels between hypervisors. |
08c05ad2 | 48 | * ovn-ctl: allow passing user:group ids to the OVN daemons. |
e46b7020 LB |
49 | * IPAM/MACAM: |
50 | - add the capability to dynamically assign just L2 addresses | |
51 | - add the capability to specify a static ip address and get the L2 one | |
52 | allocated dynamically using the following syntax: | |
53 | ovn-nbctl lsp-set-addresses <port> "dynamic <IP>" | |
e77c97b9 | 54 | - DPDK: |
2fbadeb6 IM |
55 | * Add support for DPDK 18.11 |
56 | * Add support for port representors. | |
57 | - Userspace datapath: | |
e77c97b9 KT |
58 | * Add option for simple round-robin based Rxq to PMD assignment. |
59 | It can be set with pmd-rxq-assign. | |
5bf84282 | 60 | * Add support for Auto load balancing of PMDs (experimental) |
2fbadeb6 IM |
61 | * Added new per-port configurable option to manage EMC: |
62 | 'other_config:emc-enable'. | |
84ddf96c | 63 | - Add 'symmetric_l3' hash function. |
f9417807 | 64 | - OVS now honors 'updelay' and 'downdelay' for bonds with LACP configured. |
57924fc9 SB |
65 | - ovs-vswitchd: |
66 | * New configuration option "offload-rebalance", that enables dynamic | |
67 | rebalancing of offloaded flows. | |
8511af87 JP |
68 | - The environment variable OVS_SYSLOG_METHOD, if set, is now used |
69 | as the default syslog method. | |
70 | - The environment variable OVS_CTL_TIMEOUT, if set, is now used | |
71 | as the default timeout for control utilities. | |
9ce4aa8e YS |
72 | - The environment variable OVS_RESOLV_CONF, if set, is now used |
73 | as the DNS server configuration file. | |
78203a9c NS |
74 | - RHEL packaging: |
75 | * OVN packages are split from OVS packages. A new spec | |
76 | file - ovn-fedora.spec.in is added to generate OVN packages. | |
7c84d7f4 | 77 | - Linux datapath: |
8511af87 | 78 | * Support for the kernel versions 4.16.x, 4.17.x, and 4.18.x. |
024810cf | 79 | |
52499f66 | 80 | v2.10.0 - 18 Aug 2018 |
b1ca64f0 | 81 | --------------------- |
771680d9 YS |
82 | - ovs-vswitchd and utilities now support DNS names in OpenFlow and |
83 | OVSDB remotes. | |
4bc938cc | 84 | - ovs-vswitchd: |
8e98556b | 85 | * New options --l7 and --l7-len to "ofproto/trace" command. |
4bc938cc BP |
86 | * Previous versions gave OpenFlow tables default names of the form |
87 | "table#". These are not helpful names for the purpose of accepting | |
88 | and displaying table names, so now tables by default have no names. | |
ee60eefe | 89 | * The "null" interface type, deprecated since 2013, has been removed. |
60405863 | 90 | * Add minimum network namespace support for Linux. |
49b9cad3 | 91 | * New command "lacp/show-stats" |
8e98556b BP |
92 | - ovs-ofctl: |
93 | * ovs-ofctl now accepts and display table names in place of numbers. By | |
94 | default it always accepts names and in interactive use it displays them; | |
95 | use --names or --no-names to override. See ovs-ofctl(8) for details. | |
ec5ef1cf | 96 | - ovs-vsctl: New commands "add-bond-iface" and "del-bond-iface". |
4eeec031 YHW |
97 | - ovs-dpctl: |
98 | * New commands "ct-set-limits", "ct-del-limits", and "ct-get-limits". | |
b0e07d50 BP |
99 | - OpenFlow: |
100 | * OFPT_ROLE_STATUS is now available in OpenFlow 1.3. | |
7b809df9 BP |
101 | * OpenFlow 1.5 extensible statistics (OXS) now implemented. |
102 | * New OpenFlow 1.0 extensions for group support. | |
06db81cc JS |
103 | * Default selection method for select groups is now dp_hash with improved |
104 | accuracy. | |
e02b6f81 AZ |
105 | - Linux datapath |
106 | * Add support for compiling OVS with the latest Linux 4.14 kernel. | |
107 | * Added support for meters. | |
cb2a5486 | 108 | * Add support for conntrack zone limit. |
c319fabc | 109 | - ovn: |
047791dc | 110 | * Implemented icmp4/icmp6/tcp_reset actions in order to drop the packet |
c319fabc LB |
111 | and reply with a RST for TCP or ICMPv4/ICMPv6 unreachable message for |
112 | other IPv4/IPv6-based protocols whenever a reject ACL rule is hit. | |
689829d5 | 113 | * ACL match conditions can now match on Port_Groups as well as address |
1beb60af HZ |
114 | sets that are automatically generated by Port_Groups. ACLs can be |
115 | applied directly to Port_Groups as well. | |
7e5f6b1e BP |
116 | * ovn-nbctl can now run as a daemon (long-lived, background process). |
117 | See ovn-nbctl(8) for details. | |
a7e4849e MR |
118 | - DPDK: |
119 | * New 'check-dpdk' Makefile target to run a new system testsuite. | |
120 | See Testing topic for the details. | |
f8b64a61 | 121 | * Add LSC interrupt support for DPDK physical devices. |
3e52fa56 | 122 | * Allow init to fail and record DPDK status/version in OVS database. |
c3c722d2 | 123 | * Add experimental flow hardware offload support |
43307ad0 | 124 | * Support both shared and per port mempools for DPDK devices. |
79f36875 JS |
125 | - Userspace datapath: |
126 | * Commands ovs-appctl dpif-netdev/pmd-*-show can now work on a single PMD | |
127 | * Detailed PMD performance metrics available with new command | |
128 | ovs-appctl dpif-netdev/pmd-perf-show | |
7178fefb JS |
129 | * Supervision of PMD performance metrics and logging of suspicious |
130 | iterations | |
60d8ccae YW |
131 | * Add signature match cache (SMC) as experimental feature. When turned on, |
132 | it improves throughput when traffic has many more flows than EMC size. | |
4ee9f056 WT |
133 | - ERSPAN: |
134 | * Implemented ERSPAN protocol (draft-foschiano-erspan-00.txt) for | |
135 | both kernel datapath and userspace datapath. | |
136 | * Added port-based and flow-based ERSPAN tunnel port support, added | |
137 | OpenFlow rules matching ERSPAN fields. See ovs-fields(7). | |
c8efec6e QX |
138 | - ovs-pki |
139 | * ovs-pki now generates x.509 version 3 certificate. The new format adds | |
140 | subjectAltName field and sets its value the same as common name (CN). | |
a1ba48e0 | 141 | |
430d7d15 | 142 | v2.9.0 - 19 Feb 2018 |
e656b165 | 143 | -------------------- |
9a180f2c | 144 | - NSH implementation now conforms to latest draft (draft-ietf-sfc-nsh-28). |
17553f27 | 145 | * Add ttl field. |
491e05c2 | 146 | * Add a new action dec_nsh_ttl. |
96b82f6d | 147 | * Enable NSH support in kernel datapath. |
1b1d2e6d | 148 | - OVSDB has new, experimental support for database clustering: |
12b84d50 BP |
149 | * New high-level documentation in ovsdb(7). |
150 | * New file format documentation for developers in ovsdb(5). | |
151 | * Protocol documentation moved from ovsdb-server(1) to ovsdb-server(7). | |
53178986 BP |
152 | * ovsdb-server now supports online schema conversion via |
153 | "ovsdb-client convert". | |
6bb9b060 BP |
154 | * ovsdb-server now always hosts a built-in database named _Server. See |
155 | ovsdb-server(5) for more details. | |
1b1d2e6d BP |
156 | * ovsdb-client: New "get-schema-cksum", "query", "backup", "restore", |
157 | and "wait" commands. New --timeout option. | |
158 | * ovsdb-tool: New "create-cluster", "join-cluster", "db-cid", "db-sid", | |
159 | "db-local-address", "db-is-clustered", "db-is-standalone", "db-name", | |
160 | "schema-name", "compare-versions", and "check-cluster" commands. | |
161 | * ovsdb-server: New ovs-appctl commands for managing clusters. | |
162 | * ovs-sandbox: New support for clustered databases. | |
80f66ee0 BP |
163 | - ovs-vsctl and other commands that display data in tables now support a |
164 | --max-column-width option to limit column width. | |
d39ec23d JP |
165 | - No longer slow-path traffic that sends to a controller. Applications, |
166 | such as OVN ACL logging, want to send a copy of a packet to a | |
167 | controller while leaving the actual packet forwarding in the datapath. | |
bd32425f RB |
168 | - OVN: |
169 | * The "requested-chassis" option for a logical switch port now accepts a | |
170 | chassis "hostname" in addition to a chassis "name". | |
d601127b NS |
171 | * IPv6 |
172 | - Added support to send IPv6 Router Advertisement packets in response to | |
173 | the IPv6 Router Solicitation packets from the VIF ports. | |
174 | - Added support to generate Neighbor Solicitation packets using the OVN | |
175 | action 'nd_ns' to resolve unknown next hop MAC addresses for the | |
176 | IPv6 packets. | |
047791dc | 177 | * Add support for QoS bandwidth limit with DPDK. |
74103dc2 | 178 | * ovn-ctl: New commands run_nb_ovsdb and run_sb_ovsdb. |
1b1d2e6d | 179 | * ovn-sbctl, ovn-nbctl: New options --leader-only, --no-leader-only. |
a1ba48e0 JP |
180 | - OpenFlow: |
181 | * ct_clear action is now backed by kernel datapath. Support is probed for | |
182 | when OVS starts. | |
4a67e420 GR |
183 | - Linux kernel 4.13 |
184 | * Add support for compiling OVS with the latest Linux 4.13 kernel | |
c92339ad DB |
185 | - ovs-dpctl and related ovs-appctl commands: |
186 | * "flush-conntrack" now accept a 5-tuple to delete a specific | |
187 | connection tracking entry. | |
875075b3 DB |
188 | * New "ct-set-maxconns", "ct-get-maxconns", and "ct-get-nconns" commands |
189 | for userspace datapath. | |
22dcb534 FL |
190 | - No longer send packets to the Linux TAP device if it's DOWN unless it is |
191 | in another networking namespace. | |
5e925ccc MK |
192 | - DPDK: |
193 | * Add support for DPDK v17.11 | |
a14d1cc8 | 194 | * Add support for vHost IOMMU |
be481733 | 195 | * New debug appctl command 'netdev-dpdk/get-mempool-info'. |
40f185ac | 196 | * All the netdev-dpdk appctl commands described in ovs-vswitchd man page. |
971f4b39 MW |
197 | * Custom statistics: |
198 | - DPDK physical ports now return custom set of "dropped", "error" and | |
199 | "management" statistics. | |
200 | - ovs-ofctl dump-ports command now prints new of set custom statistics | |
201 | if available (for OpenFlow 1.4+). | |
a1e53988 SF |
202 | * Switch from round-robin allocation of rxq to pmd assignments to a |
203 | utilization-based allocation. | |
c190e2ad KT |
204 | * New appctl command 'dpif-netdev/pmd-rxq-rebalance' to rebalance rxq to |
205 | pmd assignments. | |
2a2c67b4 | 206 | * Add rxq utilization of pmd to appctl 'dpif-netdev/pmd-rxq-show'. |
93c0ef12 | 207 | * Add support for vHost dequeue zero copy (experimental). |
06ee1d3e IM |
208 | - Userspace datapath: |
209 | * Output packet batching support. | |
62705b81 BP |
210 | - vswitchd: |
211 | * Datapath IDs may now be specified as 0x1 (etc.) instead of 16 digits. | |
d3b84833 BP |
212 | * Configuring a controller, or unconfiguring all controllers, now deletes |
213 | all groups and meters (as well as all flows). | |
d4042a70 | 214 | - New --enable-sparse configure option enables "sparse" checking by default. |
b2e8b12f | 215 | - Added additional information to vhost-user status. |
e656b165 | 216 | |
a61016be | 217 | v2.8.0 - 31 Aug 2017 |
3a32d0ae | 218 | -------------------- |
1b3758c3 BP |
219 | - ovs-ofctl: |
220 | * ovs-ofctl can now accept and display port names in place of numbers. By | |
221 | default it always accepts names and in interactive use it displays them; | |
222 | use --names or --no-names to override. See ovs-ofctl(8) for details. | |
223 | * "ovs-ofctl dump-flows" now accepts --no-stats to omit flow statistics. | |
8a0d9d85 | 224 | - New ovs-dpctl command "ct-stats-show" to show connection tracking stats. |
e2218eee JP |
225 | - Tunnels: |
226 | * Added support to set packet mark for tunnel endpoint using | |
227 | `egress_pkt_mark` OVSDB option. | |
921c370a EG |
228 | * When using Linux kernel datapath tunnels may be created using rtnetlink. |
229 | This will allow us to take advantage of new tunnel features without | |
230 | having to make changes to the vport modules. | |
4c30b246 CL |
231 | - EMC insertion probability is reduced to 1% and is configurable via |
232 | the new 'other_config:emc-insert-inv-prob' option. | |
736ca516 IM |
233 | - DPDK: |
234 | * DPDK log messages redirected to OVS logging subsystem. | |
235 | Log level can be changed in a usual OVS way using | |
236 | 'ovs-appctl vlog' commands for 'dpdk' module. Lower bound | |
237 | still can be configured via extra arguments for DPDK EAL. | |
28ca969e AC |
238 | * dpdkvhostuser ports are marked as deprecated. They will be removed |
239 | in an upcoming release. | |
f3e7ec25 | 240 | * Support for DPDK v17.05.1. |
0b4f83e2 PS |
241 | - IPFIX now provides additional counters: |
242 | * Total counters since metering process startup. | |
243 | * Per-flow TCP flag counters. | |
ebfe9a21 | 244 | * Multicast, broadcast, and unicast counters. |
fed8962a EG |
245 | - New support for multiple VLANs (802.1ad or "QinQ"), including a new |
246 | "dot1q-tunnel" port VLAN mode. | |
4e3000a0 BP |
247 | - In ovn-vsctl and vtep-ctl, record UUIDs in commands may now be |
248 | abbreviated to 4 hex digits. | |
3346c985 DB |
249 | - Userspace Datapath: |
250 | * Added NAT support for userspace datapath. | |
05f282c2 | 251 | * Added FTP and TFTP support with NAT for userspace datapath. |
ab27bfa6 | 252 | * Experimental NSH (Network Service Header) support in userspace datapath. |
b89d25e5 | 253 | - OVN: |
302eda27 | 254 | * New built-in DNS support. |
161ea2c8 | 255 | * IPAM for IPv4 can now exclude user-defined addresses from assignment. |
7cc0741e | 256 | * IPAM can now assign IPv6 addresses. |
b89d25e5 | 257 | * Make the DHCPv4 router setting optional. |
f40c5588 | 258 | * Gratuitous ARP for NAT addresses on a distributed logical router. |
4d232c75 LR |
259 | * Allow ovn-controller SSL configuration to be obtained from vswitchd |
260 | database. | |
42c1e58e | 261 | * ovn-trace now has basic support for tracing distributed firewalls. |
4e3000a0 BP |
262 | * In ovn-nbctl and ovn-sbctl, record UUIDs in commands may now be |
263 | abbreviated to 4 hex digits. | |
c2f4c39b BP |
264 | * "ovn-sbctl lflow-list" can now print OpenFlow flows that correspond |
265 | to logical flows. | |
75ddb5f4 | 266 | * Now uses OVSDB RBAC support to reduce impact of compromised hypervisors. |
35ad41ba RB |
267 | * Multiple chassis may now be specified for L3 gateways. When more than |
268 | one chassis is specified, OVN will manage high availability for that | |
269 | gateway. | |
d383eed5 | 270 | * Add support for ACL logging. |
46a54ce7 | 271 | * ovn-northd now has native support for active-standby high availability. |
0f2f05bb | 272 | - Tracing with ofproto/trace now traces through recirculation. |
d6db7b3c LR |
273 | - OVSDB: |
274 | * New support for role-based access control (see ovsdb-server(1)). | |
cc3a32f3 | 275 | - New commands 'stp/show' and 'rstp/show' (see ovs-vswitchd(8)). |
417cfdb6 | 276 | - OpenFlow: |
8d348579 BP |
277 | * All features required by OpenFlow 1.4 are now implemented, so |
278 | ovs-vswitchd now enables OpenFlow 1.4 by default (in addition to | |
279 | OpenFlow 1.0 to 1.3). | |
2f2b904f | 280 | * Increased support for OpenFlow 1.6 (draft). |
417cfdb6 | 281 | * Bundles now support hashing by just nw_src or nw_dst. |
282 | * The "learn" action now supports a "limit" option (see ovs-ofctl(8)). | |
f73b83fd | 283 | * The port status bit OFPPS_LIVE now reflects link aliveness. |
577bfa9f | 284 | * OpenFlow 1.5 packet-out is now supported. |
f839892a JS |
285 | * Support for OpenFlow 1.5 field packet_type and packet-type-aware |
286 | pipeline (PTAP). | |
287 | * Added generic encap and decap actions (EXT-382). | |
288 | First supported use case is encap/decap for Ethernet. | |
b48f44ff YY |
289 | * Added NSH (Network Service Header) support in userspace |
290 | Used generic encap and decap actions to implement encapsulation and | |
291 | decapsulation of NSH header. | |
292 | IETF NSH draft - https://datatracker.ietf.org/doc/draft-ietf-sfc-nsh/ | |
f6fabcc6 JP |
293 | * Conntrack state is only available to the processing path that |
294 | follows the "recirc_table" argument of the ct() action. Starting | |
295 | in OVS 2.8, this state is now cleared for the current processing | |
296 | path whenever ct() is called. | |
44dd4cc4 LR |
297 | - Fedora Packaging: |
298 | * OVN services are no longer restarted automatically after upgrade. | |
e3e738a3 | 299 | * ovs-vswitchd and ovsdb-server run as non-root users by default. |
fe13ccdc | 300 | - Add --cleanup option to command 'ovs-appctl exit' (see ovs-vswitchd(8)). |
63171f04 | 301 | - L3 tunneling: |
875ab130 | 302 | * Use new tunnel port option "packet_type" to configure L2 vs. L3. |
f839892a JS |
303 | * In conjunction with PTAP tunnel ports can handle a mix of L2 and L3 |
304 | payload. | |
439f39cb | 305 | * New vxlan tunnel extension "gpe" to support VXLAN-GPE tunnels. |
875ab130 | 306 | * New support for non-Ethernet (L3) payloads in GRE and VXLAN-GPE. |
4cefc3da | 307 | - The BFD detection multiplier is now user-configurable. |
2a85b7cc | 308 | - Add experimental support for hardware offloading |
bf090264 RD |
309 | * HW offloading is disabled by default. |
310 | * HW offloading is done through the TC interface. | |
5d77b36b BP |
311 | - IPv6 link local addresses are now supported on Linux. Use % to designate |
312 | the scope device. | |
e2218eee | 313 | |
a9c838b2 | 314 | v2.7.0 - 21 Feb 2017 |
92690eae | 315 | --------------------- |
e18a1d08 ER |
316 | - Utilities and daemons that support SSL now allow protocols and |
317 | ciphers to be configured with --ssl-protocols and --ssl-ciphers. | |
a6095f81 BS |
318 | - OVN: |
319 | * QoS is now implemented via egress shaping rather than ingress policing. | |
1a03fc7d | 320 | * DSCP marking is now supported, via the new northbound QoS table. |
6374d518 | 321 | * IPAM now supports fixed MAC addresses. |
440a9f4b | 322 | * Support for source IP address based routing. |
d444a914 BP |
323 | * ovn-trace: |
324 | - New --ovs option to also print OpenFlow flows. | |
325 | - put_dhcp_opts and put_dhcp_optsv6 actions may now be traced. | |
821302cf | 326 | * Support for managing SSL and remote connection configuration in |
10471820 | 327 | northbound and southbound databases. |
84d0ca5d LR |
328 | * TCP connections to northbound and southbound databases are no |
329 | longer enabled by default and must be explicitly configured. | |
330 | See documentation for ovn-sbctl/ovn-nbctl "set-connection" | |
331 | command or the ovn-ctl "--db-sb-create-insecure-remote" and | |
332 | "--db-nb-create-insecure-remote" command-line options for | |
333 | information regarding remote connection configuration. | |
714651c7 JP |
334 | * New appctl "inject-pkt" command in ovn-controller that allows |
335 | packets to be injected into the connected OVS instance. | |
878b54d7 MS |
336 | * Distributed logical routers may now be connected directly to |
337 | logical switches with localnet ports, by specifying a | |
338 | "redirect-chassis" on the distributed gateway port of the | |
339 | logical router. NAT rules may be specified directly on the | |
340 | distributed logical router, and are handled either centrally on | |
341 | the "redirect-chassis", or in many cases are handled locally on | |
342 | the hypervisor where the corresponding logical port resides. | |
343 | Gratuitous ARP for NAT addresses on a distributed logical | |
344 | router is not yet supported, but will be added in a future | |
345 | version. | |
a027899e JR |
346 | - Fixed regression in table stats maintenance introduced in OVS |
347 | 2.3.0, wherein the number of OpenFlow table hits and misses was | |
348 | not accurate. | |
51bb26fa | 349 | - OpenFlow: |
6dd3c787 | 350 | * OFPT_PACKET_OUT messages are now supported in bundles. |
53cc166a JR |
351 | * A new "selection_method=dp_hash" type for OpenFlow select group |
352 | bucket selection that uses the datapath computed 5-tuple hash | |
353 | without making datapath flows match the 5-tuple fields, which | |
354 | is useful for more efficient load balancing, for example. This | |
355 | uses the Netronome extension to OpenFlow 1.5+ that allows | |
356 | control over the OpenFlow select groups selection method. See | |
357 | "selection_method" and related options in ovs-ofctl(8) for | |
358 | details. | |
4930ea56 | 359 | * The "sample" action now supports "ingress" and "egress" options. |
40c7b2fc | 360 | * The "ct" action now supports the TFTP ALG where support is available. |
72fe7578 | 361 | * New actions "clone" and "ct_clear". |
798a1033 | 362 | * The "meter" action is now supported in the userspace datapath. |
6dd3c787 JR |
363 | - ovs-ofctl: |
364 | * 'bundle' command now supports packet-out messages. | |
365 | * New syntax for 'ovs-ofctl packet-out' command, which uses the | |
366 | same string parser as the 'bundle' command. The old 'packet-out' | |
367 | syntax is deprecated and will be removed in a later OVS | |
368 | release. | |
369 | * New unixctl "ofctl/packet-out" command, which can be used to | |
370 | instruct a flow monitor to issue OpenFlow packet-out messages. | |
9c1a1182 LR |
371 | - ovsdb-server: |
372 | * Remote connections can now be made read-only (see ovsdb-server(1)). | |
8d8ab6c2 JG |
373 | - Tunnels: |
374 | * TLV mappings for protocols such as Geneve are now segregated on | |
375 | a per-OpenFlow bridge basis rather than globally. (The interface | |
376 | has not changed.) | |
2b02d770 | 377 | * Removed support for IPsec tunnels. |
08484bae CL |
378 | - DPDK: |
379 | * New option 'n_rxq_desc' and 'n_txq_desc' fields for DPDK interfaces | |
380 | which set the number of rx and tx descriptors to use for the given port. | |
04de404e | 381 | * Support for DPDK v16.11. |
1a2bb118 | 382 | * Support for rx checksum offload. Refer DPDK HOWTO for details. |
b8374d0d | 383 | * Port Hotplug is now supported. |
55e075e6 CL |
384 | * DPDK physical ports can now have arbitrary names. The PCI address of |
385 | the device must be set using the 'dpdk-devargs' option. Compatibility | |
386 | with the old dpdk<portid> naming scheme is broken, and as such a | |
387 | device will not be available for use until a valid dpdk-devargs is | |
388 | specified. | |
69876ed7 | 389 | * Virtual DPDK Poll Mode Driver (vdev PMD) support. |
602e24ee | 390 | * Removed experimental tag. |
5771f476 FL |
391 | - Fedora packaging: |
392 | * A package upgrade does not automatically restart OVS service. | |
58d636ee BK |
393 | - ovs-vswitchd/ovs-vsctl: |
394 | * Ports now have a "protected" flag. Protected ports can not forward | |
395 | frames to other protected ports. Unprotected ports can receive and | |
396 | forward frames to protected and other unprotected ports. | |
1ab39058 LR |
397 | - ovs-vsctl, ovn-nbctl, ovn-sbctl, vtep-ctl: |
398 | * Database commands now accept integer ranges, e.g. "set port | |
399 | eth0 trunks=1-10" to enable trunking VLANs 1 to 10. | |
92690eae | 400 | |
62f0430e | 401 | v2.6.0 - 27 Sep 2016 |
ca32170a | 402 | --------------------- |
e921fc3f JP |
403 | - First supported release of OVN. See ovn-architecture(7) for more |
404 | details. | |
92f8d65b | 405 | - ovsdb-server: |
c383f3bf LS |
406 | * New "monitor_cond" "monitor_cond_update" and "update2" extensions to |
407 | RFC 7047. | |
56085be5 | 408 | - OpenFlow: |
8225b3b7 JR |
409 | * OpenFlow 1.3+ bundles now expire after 10 seconds since the |
410 | last time the bundle was either opened, modified, or closed. | |
fe996936 JR |
411 | * OpenFlow 1.3 Extension 230, adding OpenFlow Bundles support, is |
412 | now implemented. | |
25070e04 JR |
413 | * OpenFlow 1.3+ bundles are now supported for group mods as well as |
414 | flow mods and port mods. Both 'atomic' and 'ordered' bundle | |
415 | flags are supported for group mods as well as flow mods. | |
5fc0ad0a JR |
416 | * Internal OpenFlow rule representation for load and set-field |
417 | actions is now much more memory efficient. For a complex flow | |
418 | table this can reduce rule memory consumption by 40%. | |
419 | * Bundles are now much more memory efficient than in OVS 2.5. | |
420 | Together with memory efficiency improvements in OpenFlow rule | |
421 | representation, the peak OVS resident memory use during a | |
422 | bundle commit for large complex set of flow mods can be only | |
423 | 25% of that in OVS 2.5 (4x lower). | |
56085be5 | 424 | * OpenFlow 1.1+ OFPT_QUEUE_GET_CONFIG_REQUEST now supports OFPP_ANY. |
e016fb63 | 425 | * OpenFlow 1.4+ OFPMP_QUEUE_DESC is now supported. |
6c6eedc5 | 426 | * OpenFlow 1.4+ OFPT_TABLE_STATUS is now supported. |
bdcad671 | 427 | * New property-based packet-in message format NXT_PACKET_IN2 with support |
77ab5fd2 BP |
428 | for arbitrary user-provided data and for serializing flow table |
429 | traversal into a continuation for later resumption. | |
430 | * New extension message NXT_SET_ASYNC_CONFIG2 to allow OpenFlow 1.4-like | |
431 | control over asynchronous messages in earlier versions of OpenFlow. | |
bef3f465 | 432 | * New OpenFlow extension NXM_NX_MPLS_TTL to provide access to MPLS TTL. |
aaca4fe0 WT |
433 | * New output option, output(port=N,max_len=M), to allow truncating a |
434 | packet to size M bytes when outputting to port N. | |
88b87a36 JS |
435 | * New command OFPGC_ADD_OR_MOD for OFPT_GROUP_MOD message that adds a |
436 | new group or modifies an existing groups | |
54b78c95 JR |
437 | * The optional OpenFlow packet buffering feature is deprecated in |
438 | this release, and will be removed in the next OVS release | |
439 | (2.7). After the change OVS always sends the 'buffer_id' as | |
440 | 0xffffffff in packet-in messages and will send an error | |
441 | response if any other value of this field is included in | |
442 | packet-out and flow mod sent by a controller. Controllers are | |
443 | already expected to work properly in cases where the switch can | |
444 | not buffer packets, so this change should not affect existing | |
445 | users. | |
2a7c4805 | 446 | * New OpenFlow extension NXT_CT_FLUSH_ZONE to flush conntrack zones. |
4b684612 | 447 | - Improved OpenFlow version compatibility for actions: |
88c8ca26 | 448 | * New OpenFlow extension to support the "group" action in OpenFlow 1.0. |
0f2aaee9 | 449 | * OpenFlow 1.0 "enqueue" action now properly translated to OpenFlow 1.1+. |
56a91749 BP |
450 | * OpenFlow 1.1 "mod_nw_ecn" and OpenFlow 1.1+ "mod_nw_ttl" actions now |
451 | properly translated to OpenFlow 1.0. | |
e016fb63 BP |
452 | - ovs-ofctl: |
453 | * queue-get-config command now allows a queue ID to be specified. | |
25070e04 JR |
454 | * '--bundle' option can now be used with OpenFlow 1.3 and with group mods. |
455 | * New "bundle" command allows executing a mixture of flow and group mods | |
456 | as a single atomic transaction. | |
8743fa8c | 457 | * New option "--color" to produce colorized output for some commands. |
88b87a36 | 458 | * New option '--may-create' to use OFPGC_ADD_OR_MOD in mod-group command. |
c97320eb WZ |
459 | - IPFIX: |
460 | * New "sampling_port" option for "sample" action to allow sampling | |
461 | ingress and egress tunnel metadata with IPFIX. | |
462 | * New ovs-ofctl commands "dump-ipfix-bridge" and "dump-ipfix-flow" to | |
463 | dump bridge IPFIX statistics and flow based IPFIX statistics. | |
464 | * New setting other-config:virtual_obs_id to add an arbitrary string | |
465 | to IPFIX records. | |
6cf888b8 | 466 | - Linux: |
fe996936 JR |
467 | * OVS Linux datapath now implements Conntrack NAT action with all |
468 | supported Linux kernels. | |
469 | * Support for truncate action. | |
6cf888b8 BS |
470 | * New QoS type "linux-noop" that prevents Open vSwitch from trying to |
471 | manage QoS for a given port (useful when other software manages QoS). | |
a14b8947 IM |
472 | - DPDK: |
473 | * New option "n_rxq" for PMD interfaces. | |
474 | Old 'other_config:n-dpdk-rxqs' is no longer supported. | |
81acebda IM |
475 | Not supported by vHost interfaces. For them number of rx and tx queues |
476 | is applied from connected virtio device. | |
3eb67853 IM |
477 | * New 'other_config:pmd-rxq-affinity' field for PMD interfaces, that |
478 | allows to pin port's rx queues to desired cores. | |
ce179f11 IM |
479 | * New appctl command 'dpif-netdev/pmd-rxq-show' to check the port/rxq |
480 | assignment. | |
481 | * Type of log messages from PMD threads changed from INFO to DBG. | |
0bf765f7 | 482 | * QoS functionality with sample egress-policer implementation. |
bab69409 AC |
483 | * The mechanism for configuring DPDK has changed to use database |
484 | * Sensible defaults have been introduced for many of the required | |
485 | configuration options | |
486 | * DB entries have been added for many of the DPDK EAL command line | |
eac84432 AC |
487 | arguments. Additional arguments can be passed via the dpdk-extra |
488 | entry. | |
9509913a | 489 | * Add ingress policing functionality. |
db8f13b0 CL |
490 | * PMD threads servicing vHost User ports can now come from the NUMA |
491 | node that device memory is located on if CONFIG_RTE_LIBRTE_VHOST_NUMA | |
492 | is enabled in DPDK. | |
5cf3edb3 DDP |
493 | * Basic connection tracking for the userspace datapath (no ALG, |
494 | fragmentation or NAT support yet) | |
0a0f39df | 495 | * Support for DPDK 16.07 |
4b88d678 | 496 | * Optional support for DPDK pdump enabled. |
0072e931 | 497 | * Jumbo frame support |
41987644 | 498 | * Remove dpdkvhostcuse port type. |
c1ff66ac | 499 | * OVS client mode for vHost and vHost reconnect (Requires QEMU 2.7) |
2d24d165 | 500 | * 'dpdkvhostuserclient' port type. |
847b8b02 | 501 | - Increase number of registers to 16. |
e7529141 BP |
502 | - ovs-benchmark: This utility has been removed due to lack of use and |
503 | bitrot. | |
06380128 BP |
504 | - ovs-appctl: |
505 | * New "vlog/close" command. | |
7fc28c50 AC |
506 | - ovs-ctl: |
507 | * Added the ability to selectively start the forwarding and database | |
508 | functions (ovs-vswitchd and ovsdb-server, respectively). | |
acdd0764 AZ |
509 | - ovsdb-server: |
510 | * Remove max number of sessions limit, to enable connection scaling | |
511 | testing. | |
99c8be3e RB |
512 | - python: |
513 | * Added support for Python 3.4+ in addition to existing support | |
514 | for 2.7+. | |
9b897c91 AA |
515 | - SELinux: |
516 | * Introduced SELinux policy package. | |
8063e095 PS |
517 | - Datapath Linux kernel compatibility. |
518 | * Dropped support for kernel older than 3.10. | |
42deb67d | 519 | * Removed VLAN splinters feature. |
c3cbb286 | 520 | * Datapath supports kernel upto 4.7. |
80c4589a PS |
521 | - Tunnels: |
522 | * Flow based tunnel match and action can be used for IPv6 address using | |
523 | tun_ipv6_src, tun_ipv6_dst fields. | |
8a2d4905 | 524 | * Added support for IPv6 tunnels, for details checkout FAQ. |
9e9d0384 | 525 | * Deprecated support for IPsec tunnels ports. |
314ce647 AC |
526 | - A wrapper script, 'ovs-tcpdump', to easily port-mirror an OVS port and |
527 | watch with tcpdump | |
81d2f75c AA |
528 | - Introduce --no-self-confinement flag that allows daemons to work with |
529 | sockets outside their run directory. | |
29dd784d BP |
530 | - ovs-pki: Changed message digest algorithm from SHA-1 to SHA-512 because |
531 | SHA-1 is no longer secure and some operating systems have started to | |
532 | disable it in OpenSSL. | |
56abcf49 | 533 | - Add 'mtu_request' column to the Interface table. It can be used to |
3a414a0a | 534 | configure the MTU of the ports. |
29dd784d | 535 | |
c0fa821f JS |
536 | Known issues: |
537 | - Using openvswitch module in conjunction with upstream Linux tunnels: | |
538 | * When using the openvswitch module distributed with OVS against kernel | |
539 | versions 4.4 to 4.6, the openvswitch module cannot be loaded or used at | |
540 | the same time as "ip_gre". | |
541 | - Conntrack FTP ALGs: When using the openvswitch module distributed with | |
542 | OVS, particular Linux distribution kernels versions may provide diminished | |
543 | functionality. This typically affects active FTP data connections when | |
544 | using "actions=ct(alg=ftp),..." in flow tables. Specifically: | |
545 | * Centos 7.1 kernels (3.10.0-2xx) kernels are unable to correctly set | |
546 | up expectations for FTP data connections in multiple zones, | |
547 | eg "actions=ct(zone=1,alg=ftp),ct(zone=2,alg=ftp),...". Executing the | |
548 | "ct" action for subsequent data connections may fail to determine that | |
549 | the data connection is "related" to an existing connection. | |
550 | * Centos 7.2 kernels (3.10.0-3xx) kernels may not establish FTP ALG state | |
551 | correctly for NATed connections. As a result, flows that perform NAT, | |
552 | eg "actions=ct(nat,ftp=alg,table=1),..." may fail to NAT the packet, | |
553 | and will populate the "ct_state=inv" bit in the flow. | |
554 | ||
ca32170a | 555 | |
1c0383a9 | 556 | v2.5.0 - 26 Feb 2016 |
c4c7e593 | 557 | --------------------- |
e23812fc BP |
558 | - Dropped support for Python older than version 2.7. As a consequence, |
559 | using Open vSwitch 2.5 or later on XenServer 6.5 or earlier (which | |
560 | have Python 2.4) requires first installing Python 2.7. | |
0eb48fe1 BP |
561 | - OpenFlow: |
562 | * Group chaining (where one OpenFlow group triggers another) is | |
563 | now supported. | |
f70b94de | 564 | * OpenFlow 1.4+ "importance" is now considered for flow eviction. |
82c22d34 | 565 | * OpenFlow 1.4+ OFPTC_EVICTION is now implemented. |
de7d3c07 | 566 | * OpenFlow 1.4+ OFPTC_VACANCY_EVENTS is now implemented. |
03c72922 | 567 | * OpenFlow 1.4+ OFPMP_TABLE_DESC is now implemented. |
f6ecf944 | 568 | * Allow modifying the ICMPv4/ICMPv6 type and code fields. |
c61f4bc1 BP |
569 | * OpenFlow 1.4+ OFPT_SET_ASYNC_CONFIG and OFPT_GET_ASYNC_CONFIG are |
570 | now implemented. | |
6d5d1f3b BP |
571 | - ovs-ofctl: |
572 | * New "out_group" keyword for OpenFlow 1.1+ matching on output group. | |
c61f4bc1 BP |
573 | - Tunnels: |
574 | * Geneve tunnels can now match and set options and the OAM bit. | |
575 | * The nonstandard GRE64 tunnel extension has been dropped. | |
06994f87 | 576 | - Support Multicast Listener Discovery (MLDv1 and MLDv2). |
4249b547 | 577 | - Add 'symmetric_l3l4' and 'symmetric_l3l4+udp' hash functions. |
7321bda3 | 578 | - sFlow agent now reports tunnel and MPLS structures. |
548f9fe7 DDP |
579 | - New 'check-system-userspace', 'check-kmod' and 'check-kernel' Makefile |
580 | targets to run a new system testsuite. These tests can be run inside | |
581 | a Vagrant box. See INSTALL.md for details | |
195360dc AA |
582 | - Mark --syslog-target argument as deprecated. It will be removed in |
583 | the next OVS release. | |
e91b927d | 584 | - Added --user option to all daemons |
07659514 | 585 | - Add support for connection tracking through the new "ct" action |
9daf2348 JS |
586 | and "ct_state"/"ct_zone"/"ct_mark"/"ct_label" match fields. Only |
587 | available on Linux kernels with the connection tracking module loaded. | |
a2e61be6 RB |
588 | - Add experimental version of OVN. OVN, the Open Virtual Network, is a |
589 | system to support virtual network abstraction. OVN complements the | |
590 | existing capabilities of OVS to add native support for virtual network | |
591 | abstractions, such as virtual L2 and L3 overlays and security groups. | |
f6bf8880 PM |
592 | - RHEL packaging: |
593 | * DPDK ports may now be created via network scripts (see README.RHEL). | |
4573fbd3 FL |
594 | - DPDK: |
595 | * Requires DPDK 2.2 | |
596 | * Added multiqueue support to vhost-user | |
db6e1383 | 597 | * Note: QEMU 2.5+ required for multiqueue support |
c4c7e593 | 598 | |
2fac5fed | 599 | v2.4.0 - 20 Aug 2015 |
2c7ea589 | 600 | --------------------- |
39c94593 JR |
601 | - Flow table modifications are now atomic, meaning that each packet |
602 | now sees a coherent version of the OpenFlow pipeline. For | |
603 | example, if a controller removes all flows with a single OpenFlow | |
604 | "flow_mod", no packet sees an intermediate version of the OpenFlow | |
605 | pipeline where only some of the flows have been deleted. | |
db5076ee | 606 | - Added support for SFQ, FQ_CoDel and CoDel qdiscs. |
557570fa AW |
607 | - Add bash command-line completion support for ovs-vsctl Please check |
608 | utilities/ovs-command-compgen.INSTALL.md for how to use. | |
9d078ec2 BP |
609 | - The MAC learning feature now includes per-port fairness to mitigate |
610 | MAC flooding attacks. | |
18080541 BP |
611 | - New support for a "conjunctive match" OpenFlow extension, which |
612 | allows constructing OpenFlow matches of the form "field1 in | |
613 | {a,b,c...} AND field2 in {d,e,f...}" and generalizations. For details, | |
cc23805c | 614 | see documentation for the "conjunction" action in ovs-ofctl(8). |
423ede18 AW |
615 | - Add bash command-line completion support for ovs-appctl/ovs-dpctl/ |
616 | ovs-ofctl/ovsdb-tool commands. Please check | |
617 | utilities/ovs-command-compgen.INSTALL.md for how to use. | |
35f48b8b BP |
618 | - The "learn" action supports a new flag "delete_learned" that causes |
619 | the learned flows to be deleted when the flow with the "learn" action | |
620 | is deleted. | |
c1fc1411 JG |
621 | - Basic support for the Geneve tunneling protocol. It is not yet |
622 | possible to generate or match options. This is planned for a future | |
623 | release. The protocol is documented at | |
624 | http://tools.ietf.org/html/draft-gross-geneve-00 | |
a413195e | 625 | - The OVS database now reports controller rate limiting statistics. |
50b9699f | 626 | - sflow now exports information about LACP-based bonds, port names, and |
3d2912f2 | 627 | OpenFlow port numbers, as well as datapath performance counters. |
fceef209 DDP |
628 | - ovs-dpctl functionality is now available for datapaths integrated |
629 | into ovs-vswitchd, via ovs-appctl. Some existing ovs-appctl | |
630 | commands are now redundant and will be removed in a future | |
631 | release. See ovs-vswitchd(8) for details. | |
79fe0f46 | 632 | - OpenFlow: |
1c38055d JR |
633 | * OpenFlow 1.4 bundles are now supported for flow mods and port |
634 | mods. For flow mods, both 'atomic' and 'ordered' bundle flags | |
635 | are trivially supported, as all bundled messages are executed | |
636 | in the order they were added and all flow table modifications | |
637 | are now atomic to the datapath. Port mods may not appear in | |
638 | atomic bundles, as port status modifications are not atomic. | |
e60e935b | 639 | * IPv6 flow label and neighbor discovery fields are now modifiable. |
d3cb080e BP |
640 | * OpenFlow 1.5 extended registers are now supported. |
641 | * The OpenFlow 1.5 actset_output field is now supported. | |
642 | * OpenFlow 1.5 Copy-Field action is now supported. | |
643 | * OpenFlow 1.5 masked Set-Field action is now supported. | |
3c4e10fb | 644 | * OpenFlow 1.3+ table features requests are now supported (read-only). |
1b0ee636 | 645 | * Nicira extension "move" actions may now be included in action sets. |
2e34a6a3 SS |
646 | * "resubmit" actions may now be included in action sets. The resubmit |
647 | is executed last, and only if the action set has no "output" or "group" | |
648 | action. | |
ca26eb44 | 649 | * OpenFlow 1.4+ flow "importance" is now maintained in the flow table. |
0c4b9393 SH |
650 | * A new Netronome extension to OpenFlow 1.5+ allows control over the |
651 | fields hashed for OpenFlow select groups. See "selection_method" and | |
652 | related options in ovs-ofctl(8) for details. | |
db5076ee JR |
653 | - ovs-ofctl has a new '--bundle' option that makes the flow mod commands |
654 | ('add-flow', 'add-flows', 'mod-flows', 'del-flows', and 'replace-flows') | |
655 | use an OpenFlow 1.4 bundle to operate the modifications as a single | |
39c94593 JR |
656 | atomic transaction. If any of the flow mods in a transaction fail, none |
657 | of them are executed. All flow mods in a bundle appear to datapath | |
658 | lookups simultaneously. | |
db5076ee JR |
659 | - ovs-ofctl 'add-flow' and 'add-flows' commands now accept arbitrary flow |
660 | mods as an input by allowing the flow specification to start with an | |
661 | explicit 'add', 'modify', 'modify_strict', 'delete', or 'delete_strict' | |
662 | keyword. A missing keyword is treated as 'add', so this is fully | |
663 | backwards compatible. With the new '--bundle' option all the flow mods | |
39c94593 | 664 | are executed as a single atomic transaction using an OpenFlow 1.4 bundle. |
4a1f9610 | 665 | - ovs-pki: Changed message digest algorithm from MD5 to SHA-1 because |
9ff33ca7 BP |
666 | MD5 is no longer secure and some operating systems have started to disable |
667 | it in OpenSSL. | |
09e25603 TW |
668 | - ovsdb-server: New OVSDB protocol extension allows inequality tests on |
669 | "optional scalar" columns. See ovsdb-server(1) for details. | |
ff495b63 BP |
670 | - ovs-vsctl now permits immutable columns in a new row to be modified in |
671 | the same transaction that creates the row. | |
0bc1b46a BP |
672 | - test-controller has been renamed ovs-testcontroller at request of users |
673 | who find it useful for testing basic OpenFlow setups. It is still not | |
674 | a necessary or desirable part of most Open vSwitch deployments. | |
cccf7e9d | 675 | - Support for travis-ci.org based continuous integration builds has been |
542cc9bb | 676 | added. Build failures are reported to build@openvswitch.org. See INSTALL.md |
cccf7e9d | 677 | file for additional details. |
bbda3a2f DV |
678 | - Support for the Rapid Spanning Tree Protocol (IEEE 802.1D-2004). |
679 | The implementation has been tested successfully against the Ixia Automated | |
680 | Network Validation Library (ANVL). | |
2f9dd77f | 681 | - Stats are no longer updated on fake bond interface. |
3e5aeeb5 | 682 | - Keep active bond slave selection across OVS restart. |
ec8f0f0c | 683 | - A simple wrapper script, 'ovs-docker', to integrate OVS with Docker |
62dbc5bd GS |
684 | containers. If and when there is a native integration of Open vSwitch |
685 | with Docker, the wrapper script will be retired. | |
e5a1caee JG |
686 | - Added support for DPDK Tunneling. VXLAN, GRE, and Geneve are supported |
687 | protocols. This is generic tunneling mechanism for userspace datapath. | |
e3102e42 | 688 | - Support for multicast snooping (IGMPv1, IGMPv2 and IGMPv3) |
3afcde43 | 689 | - Support for Linux kernels up to 4.0.x |
d5460484 GS |
690 | - The documentation now use the term 'destination' to mean one of syslog, |
691 | console or file for vlog logging instead of the previously used term | |
692 | 'facility'. | |
ac6073e3 | 693 | - Support for VXLAN Group Policy extension |
99eef98b DF |
694 | - Initial support for the IETF Auto-Attach SPBM draft standard. This |
695 | contains rudimentary support for the LLDP protocol as needed for | |
696 | Auto-Attach. | |
d4763d1d JP |
697 | - The default OpenFlow and OVSDB ports are now the IANA-assigned |
698 | numbers. OpenFlow is 6653 and OVSDB is 6640. | |
58397e6c | 699 | - Support for DPDK vHost. |
4752cc0c | 700 | - Support for outer UDP checksums in Geneve and VXLAN. |
d0d986a5 TG |
701 | - The kernel vports with dependencies are no longer part of the overall |
702 | openvswitch.ko but built and loaded automatically as individual kernel | |
703 | modules (vport-*.ko). | |
4237026e | 704 | - Support for STT tunneling. |
6901639b BP |
705 | - ovs-sim: New developer tool for simulating multiple OVS instances. |
706 | See ovs-sim(1) for more information. | |
fe089c0d AA |
707 | - Support to configure method (--syslog-method argument) that determines |
708 | how daemons will talk with syslog. | |
532e1463 AA |
709 | - Support for "ovs-appctl vlog/list-pattern" command that lets to query |
710 | logging message format for each destination. | |
2c7ea589 JP |
711 | |
712 | ||
e13440fc | 713 | v2.3.0 - 14 Aug 2014 |
c5cf1059 | 714 | --------------------- |
6dc53744 BP |
715 | - OpenFlow 1.1, 1.2, and 1.3 are now enabled by default in |
716 | ovs-vswitchd. | |
69d6040e JR |
717 | - Linux kernel datapath now has an exact match cache optimizing the |
718 | flow matching process. | |
719 | - Datapath flows now have partially wildcarded tranport port field | |
720 | matches. This reduces userspace upcalls, but increases the | |
721 | number of different masks in the datapath. The kernel datapath | |
722 | exact match cache removes the overhead of matching the incoming | |
723 | packets with the larger number of masks, but when paired with an | |
724 | older kernel module, some workloads may perform worse with the | |
725 | new userspace. | |
0877a018 | 726 | - Compatibility with autoconf 2.63 (previously >=2.64) |
c5cf1059 | 727 | |
012c3a52 | 728 | v2.2.0 - Internal Release |
bff46ebb | 729 | --------------------- |
1839c356 FL |
730 | - Internal ports are no longer brought up by default, because it |
731 | should be an administrator task to bring up devices as they are | |
732 | configured properly. | |
c3ccfe98 AZ |
733 | - ovs-vsctl now reports when ovs-vswitchd fails to create a new port or |
734 | bridge. | |
9500f505 TG |
735 | - Port creation and configuration errors are now stored in a new error |
736 | column of the Interface table and included in 'ovs-vsctl show'. | |
7868fbc6 BP |
737 | - The "ovsdbmonitor" graphical tool has been removed, because it was |
738 | poorly maintained and not widely used. | |
e3c7ed29 | 739 | - New "check-ryu" Makefile target for running Ryu tests for OpenFlow |
542cc9bb | 740 | controllers against Open vSwitch. See INSTALL.md for details. |
f51e8ccb | 741 | - Added IPFIX support for SCTP flows and templates for ICMPv4/v6 flows. |
0b114fa0 GS |
742 | - Upon the receipt of a SIGHUP signal, ovs-vswitchd no longer reopens its |
743 | log file (it will terminate instead). Please use 'ovs-appctl vlog/reopen' | |
744 | instead. | |
e2f3178f | 745 | - Support for Linux kernels up to 3.14. From Kernel 3.12 onwards OVS uses |
cb25142c | 746 | tunnel API for GRE and VXLAN. |
8a9562d2 | 747 | - Added DPDK support. |
a5ed8fe3 | 748 | - Added support for custom vlog patterns in Python |
f51e8ccb | 749 | |
bff46ebb | 750 | |
a3aabcd2 | 751 | v2.1.0 - 19 Mar 2014 |
b366c1f4 | 752 | --------------------- |
13751fd8 JR |
753 | - Address prefix tracking support for flow tables. New columns |
754 | "prefixes" in OVS-DB table "Flow_Table" controls which packet | |
755 | header fields are used for address prefix tracking. Prefix | |
756 | tracking allows the classifier to skip rules with longer than | |
757 | necessary prefixes, resulting in better wildcarding for datapath | |
758 | flows. Default configuration is to not use any fields for prefix | |
759 | tracking. However, if any flow tables contain both exact matches | |
760 | and masked matches for IP address fields, OVS performance may be | |
761 | increased by using this feature. | |
762 | * As of now, the fields for which prefix lookup can be enabled | |
763 | are: 'tun_id', 'tun_src', 'tun_dst', 'nw_src', 'nw_dst' (or | |
764 | aliases 'ip_src' and 'ip_dst'), 'ipv6_src', and 'ipv6_dst'. | |
765 | (Using this feature for 'tun_id' would only make sense if the | |
766 | tunnel IDs have prefix structure similar to IP addresses.) | |
767 | * There is a maximum number of fields that can be enabled for any | |
768 | one flow table. Currently this limit is 3. | |
769 | * Examples: | |
770 | $ ovs-vsctl set Bridge br0 flow_tables:0=@N1 -- \ | |
771 | --id=@N1 create Flow_Table name=table0 | |
772 | $ ovs-vsctl set Bridge br0 flow_tables:1=@N1 -- \ | |
773 | --id=@N1 create Flow_Table name=table1 | |
774 | $ ovs-vsctl set Flow_Table table0 prefixes=ip_dst,ip_src | |
775 | $ ovs-vsctl set Flow_Table table1 prefixes=[] | |
bcb8bde4 JR |
776 | - TCP flags matching: OVS now supports matching of TCP flags. This |
777 | has an adverse performance impact when using OVS userspace 1.10 | |
778 | or older (no megaflows support) together with the new OVS kernel | |
779 | module. It is recommended that the kernel and userspace modules | |
780 | both are upgraded at the same time. | |
36359150 JP |
781 | - The default OpenFlow and OVSDB ports will change to |
782 | IANA-assigned numbers in a future release. Consider updating | |
783 | your installations to specify port numbers instead of using the | |
784 | defaults. | |
7fdb60a7 SH |
785 | - OpenFlow: |
786 | * The OpenFlow 1.1+ "Write-Actions" instruction is now supported. | |
484c8355 BP |
787 | * OVS limits the OpenFlow port numbers it assigns to port 32767 and |
788 | below, leaving port numbers above that range free for assignment | |
789 | by the controller. | |
4abb8608 BP |
790 | * ovs-vswitchd now honors changes to the "ofport_request" column |
791 | in the Interface table by changing the port's OpenFlow port | |
792 | number. | |
5dc6f8e1 | 793 | * The Open vSwitch software switch now supports OpenFlow groups. |
a5ae88ff AA |
794 | - ovs-vswitchd.conf.db.5 man page will contain graphviz/dot |
795 | diagram only if graphviz package was installed at the build time. | |
54af97ad | 796 | - Support for Linux kernels up to 3.11 |
847108dc AZ |
797 | - ovs-dpctl: |
798 | The "show" command also displays mega flow mask stats. | |
60e46251 BP |
799 | - ovs-ofctl: |
800 | * New command "ofp-parse-pcap" to dump OpenFlow from PCAP files. | |
1d5aaa61 BP |
801 | - ovs-controller has been renamed test-controller. It is no longer |
802 | packaged or installed by default, because too many users assumed | |
803 | incorrectly that ovs-controller was a necessary or desirable part | |
804 | of an Open vSwitch deployment. | |
afc9f547 | 805 | - Added vlog option to export to a UDP syslog sink. |
4227b221 BP |
806 | - ovsdb-client: |
807 | * The "monitor" command can now monitor all tables in a database, | |
808 | instead of being limited to a single table. | |
e79a6c83 EJ |
809 | - The flow-eviction-threshold has been replaced by the flow-limit which is a |
810 | hard limit on the number of flows in the datapath. It defaults to 200,000 | |
811 | flows. OVS automatically adjusts this number depending on network | |
812 | conditions. | |
e731d71b | 813 | - Added IPv6 support for active and passive socket communications. |
b366c1f4 JP |
814 | |
815 | ||
2fdb1879 | 816 | v2.0.0 - 15 Oct 2013 |
9f31efc7 | 817 | --------------------- |
d27705ea JP |
818 | - The ovs-vswitchd process is no longer single-threaded. Multiple |
819 | threads are now used to handle flow set up and asynchronous | |
820 | logging. | |
0ad90c84 | 821 | - OpenFlow: |
75fa58f8 BP |
822 | * Experimental support for OpenFlow 1.1 (in addition to 1.2 and |
823 | 1.3, which had experimental support in 1.10). | |
7395c052 NZ |
824 | * Experimental protocol support for OpenFlow 1.1+ groups. This |
825 | does not yet include an implementation in the Open vSwitch | |
826 | software switch. | |
827 | * Experimental protocol support for OpenFlow 1.2+ meters. This | |
828 | does not yet include an implementation in the Open vSwitch | |
829 | software switch. | |
0ad90c84 JR |
830 | * New support for matching outer source and destination IP address |
831 | of tunneled packets, for tunnel ports configured with the newly | |
e0eeeca5 | 832 | added "remote_ip=flow" and "local_ip=flow" options. |
ac923e91 JG |
833 | * Support for matching on metadata 'pkt_mark' for interacting with |
834 | other system components. On Linux this corresponds to the skb | |
835 | mark. | |
fe8a1798 | 836 | * Support matching, rewriting SCTP ports |
ea401d9a NM |
837 | - The Interface table in the database has a new "ifindex" column to |
838 | report the interface's OS-assigned ifindex. | |
81a114e5 BP |
839 | - New "check-oftest" Makefile target for running OFTest against Open |
840 | vSwitch. See README-OFTest for details. | |
380f49c4 | 841 | - The flow eviction threshold has been moved to the Open_vSwitch table. |
fb6de52c GS |
842 | - Database names are now mandatory when specifying ovsdb-server options |
843 | through database paths (e.g. Private key option with the database name | |
844 | should look like "--private-key=db:Open_vSwitch,SSL,private_key"). | |
fef5244f | 845 | - Added ovs-dev.py, a utility script helpful for Open vSwitch developers. |
9b764edf | 846 | - Support for Linux kernels up to 3.10 |
1ac0e975 BP |
847 | - ovs-ofctl: |
848 | * New "ofp-parse" for printing OpenFlow messages read from a file. | |
7395c052 | 849 | * New commands for OpenFlow 1.1+ groups. |
978427a5 | 850 | - Added configurable flow caching support to IPFIX exporter. |
37418c86 | 851 | - Dropped support for Linux pre-2.6.32. |
7c018033 BP |
852 | - Log file timestamps and ovsdb commit timestamps are now reported |
853 | with millisecond resolution. (Previous versions only reported | |
854 | whole seconds.) | |
9f31efc7 JP |
855 | |
856 | ||
03c8f0b7 | 857 | v1.11.0 - 28 Aug 2013 |
d224e350 | 858 | --------------------- |
d445cc16 JP |
859 | - Support for megaflows, which allows wildcarding in the kernel (and |
860 | any dpif implementation that supports wildcards). Depending on | |
861 | the flow table and switch configuration, flow set up rates are | |
862 | close to the Linux bridge. | |
eeecce05 BP |
863 | - The "tutorial" directory contains a new tutorial for some advanced |
864 | Open vSwitch features. | |
df53d41c | 865 | - Stable bond mode has been removed. |
1bda9b9e | 866 | - The autopath action has been removed. |
a6ae068b LJ |
867 | - New support for the data encapsulation format of the LISP tunnel |
868 | protocol (RFC 6830). An external control plane or manual flow | |
869 | setup is required for EID-to-RLOC mapping. | |
b676167a | 870 | - OpenFlow: |
0f3f3c3d SH |
871 | * The "dec_mpls_ttl" and "set_mpls_ttl" actions from OpenFlow |
872 | 1.1 and later are now implemented. | |
bd85dac1 AZ |
873 | * New "stack" extension for use in actions, to push and pop from |
874 | NXM fields. | |
a7b07d4c BP |
875 | * The "load" and "set_field" actions can now modify the "in_port". (This |
876 | allows one to enable output to a flow's input port by setting the | |
877 | in_port to some unused value, such as OFPP_NONE.) | |
186afbfe BP |
878 | - ovs-dpctl: |
879 | * New debugging commands "add-flow", "mod-flow", "del-flow". | |
041e7168 | 880 | * "dump-flows" now has a -m option to increase output verbosity. |
bcd2633a JP |
881 | - In dpif-based bridges, cache action translations, which can improve |
882 | flow set up performance by 80% with a complicated flow table. | |
ca03aae0 | 883 | - New syslog format, prefixed with "ovs|", to be easier to filter. |
f9ee9dcb GS |
884 | - RHEL: Removes the default firewall rule that allowed GRE traffic to |
885 | pass through. Any users that relied on this automatic firewall hole | |
886 | will have to manually configure it. The ovs-ctl(8) manpage documents | |
887 | the "enable-protocol" command that can be used as an alternative. | |
90967e95 EJ |
888 | - New CFM demand mode which uses data traffic to indicate interface |
889 | liveness. | |
d224e350 | 890 | |
b82b19e9 | 891 | v1.10.0 - 01 May 2013 |
4191f435 | 892 | --------------------- |
685e46da BP |
893 | - Bridge compatibility support has been removed. Any uses that |
894 | rely on ovs-brcompatd will have to stick with Open vSwitch 1.9.x | |
895 | or adapt to native Open vSwitch support (e.g. use ovs-vsctl instead | |
896 | of brctl). | |
c4069512 | 897 | - The maximum size of the MAC learning table is now configurable. |
989fd548 JP |
898 | - With the Linux datapath, packets for new flows are now queued |
899 | separately on a per-port basis, so it should no longer be | |
900 | possible for a large number of new flows arriving on one port to | |
901 | prevent new flows from being processed on other ports. | |
43d18dc1 BP |
902 | - ovs-vsctl: |
903 | * Previously ovs-vsctl would retry connecting to the database forever, | |
904 | causing it to hang if ovsdb-server was not running. Now, ovs-vsctl | |
905 | only tries once by default (use --retry to try forever). This change | |
906 | means that you may want to remove uses of --timeout to avoid hangs | |
907 | in ovs-vsctl calls. | |
908 | * Many "ovs-vsctl" database commands now accept an --if-exists option. | |
909 | Please refer to the ovs-vsctl manpage for details. | |
e6024057 | 910 | - OpenFlow: |
d6123831 JP |
911 | - Experimental support for newer versions of OpenFlow. See |
912 | the "What versions of OpenFlow does Open vSwitch support?" | |
913 | question in the FAQ for more details. | |
e6024057 JP |
914 | - The OpenFlow "dp_desc" may now be configured by setting the |
915 | value of other-config:dp-desc in the Bridge table. | |
916 | - It is possible to request the OpenFlow port number with the | |
917 | "ofport_request" column in the Interface table. | |
c9accf5b BP |
918 | - The NXM flow_removed message now reports the OpenFlow table ID |
919 | from which the flow was removed. | |
3c23e920 JP |
920 | - Tunneling: |
921 | - New support for the VXLAN tunnel protocol (see the IETF draft here: | |
238bc978 | 922 | http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-03). |
3c23e920 JP |
923 | - Tunneling requires the version of the kernel module paired with |
924 | Open vSwitch 1.9.0 or later. | |
925 | - Inheritance of the Don't Fragment bit in IP tunnels (df_inherit) | |
926 | is no longer supported. | |
927 | - Path MTU discovery is no longer supported. | |
ccd989e0 JG |
928 | - CAPWAP tunneling support removed. |
929 | - Tunnels with multicast destination ports are no longer supported. | |
e6024057 JP |
930 | - ovs-dpctl: |
931 | - The "dump-flows" and "del-flows" no longer require an argument | |
932 | if only one datapath exists. | |
933 | - ovs-appctl: | |
934 | - New "vlog/disable-rate-limit" and "vlog/enable-rate-limit" | |
935 | commands available allow control over logging rate limits. | |
936 | - New "dpif/dump-dps", "dpif/show", and "dpif/dump-flows" command | |
937 | that mimic the equivalent ovs-dpctl commands. | |
e6024057 JP |
938 | - The ofproto library is now responsible for assigning OpenFlow port |
939 | numbers. An ofproto implementation should assign them when | |
940 | port_construct() is called. | |
941 | - All dpif-based bridges of a particular type share a common | |
942 | datapath called "ovs-<type>", e.g. "ovs-system". The ovs-dpctl | |
943 | commands will now return information on that shared datapath. To | |
944 | get the equivalent bridge-specific information, use the new | |
945 | "ovs-appctl dpif/*" commands. | |
bedde04c GS |
946 | - Backward-incompatible changes: |
947 | - Earlier Open vSwitch versions treated ANY as a wildcard in flow | |
948 | syntax. OpenFlow 1.1 adds a port named ANY, which introduces a | |
949 | conflict. ANY was rarely used in flow syntax, so we chose to | |
950 | retire that meaning of ANY in favor of the OpenFlow 1.1 meaning. | |
3c23e920 JP |
951 | - Patch ports no longer require kernel support, so they now work |
952 | with FreeBSD and the kernel module built into Linux 3.3 and later. | |
29089a54 | 953 | - New "sample" action. |
f07ee64c | 954 | |
e5f77cc3 | 955 | |
fdfe872d JP |
956 | v1.9.0 - 26 Feb 2013 |
957 | ------------------------ | |
72e8bf28 AA |
958 | - Datapath: |
959 | - Support for ipv6 set action. | |
960 | - SKB mark matching and setting. | |
64807dfb | 961 | - support for Linux kernels up to 3.8 |
f6eb6b20 GL |
962 | - FreeBSD is now a supported platform, thanks to code contributions from |
963 | Gaetano Catalli, Ed Maste, and Giuseppe Lettieri. | |
b592e726 | 964 | - ovs-bugtool: New --ovs option to report only OVS related information. |
781dee08 BP |
965 | - New %t and %T log escapes to identify the subprogram within a |
966 | cooperating group of processes or threads that emitted a log message. | |
967 | The default log patterns now include this information. | |
32455024 | 968 | - OpenFlow: |
e878338b SH |
969 | - Allow bitwise masking for SHA and THA fields in ARP, SLL and TLL |
970 | fields in IPv6 neighbor discovery messages, and IPv6 flow label. | |
4cceacb9 | 971 | - Adds support for writing to the metadata field for a flow. |
3c23e920 JP |
972 | - Tunneling: |
973 | - The tunneling code no longer assumes input and output keys are | |
974 | symmetric. If they are not, PMTUD needs to be disabled for | |
975 | tunneling to work. Note this only applies to flow-based keys. | |
976 | - New support for a nonstandard form of GRE that supports a 64-bit key. | |
977 | - Tunnel Path MTU Discovery default value was set to 'disabled'. | |
978 | This feature is deprecated and will be removed soon. | |
979 | - Tunnel header caching removed. | |
c6100d92 BP |
980 | - ovs-ofctl: |
981 | - Commands and actions that accept port numbers now also accept keywords | |
982 | that represent those ports (such as LOCAL, NONE, and ALL). This is | |
983 | also the recommended way to specify these ports, for compatibility | |
984 | with OpenFlow 1.1 and later (which use the OpenFlow 1.0 numbers | |
985 | for these ports for different purposes). | |
2562714a | 986 | - ovs-dpctl: |
4b3b8d8f JP |
987 | - Support requesting the port number with the "port_no" option in |
988 | the "add-if" command. | |
2562714a BP |
989 | - ovs-pki: The "online PKI" features have been removed, along with |
990 | the ovs-pki-cgi program that facilitated it, because of some | |
991 | alarmist insecurity claims. We do not believe that these claims | |
992 | are true, but because we do not know of any users for this | |
993 | feature it seems better on balance to remove it. (The ovs-pki-cgi | |
994 | program was not included in distribution packaging.) | |
341c4e59 BP |
995 | - ovsdb-server now enforces the immutability of immutable columns. This |
996 | was not enforced in earlier versions due to an oversight. | |
fd38af85 BP |
997 | - The following features are now deprecated. They will be removed no |
998 | earlier than February 2013. Please email dev@openvswitch.org with | |
999 | concerns. | |
a8643e44 | 1000 | - Bridge compatibility. |
fd38af85 BP |
1001 | - Stable bond mode. |
1002 | - The autopath action. | |
1003 | - Interface type "null". | |
1004 | - Numeric values for reserved ports (see "ovs-ofctl" note above). | |
85340733 | 1005 | - Tunnel Path MTU Discovery. |
1280bf0e | 1006 | - CAPWAP tunnel support. |
f07ee64c MM |
1007 | - The data in the RARP packets can now be matched in the same way as the |
1008 | data in ARP packets. | |
945cad7f | 1009 | |
79f827fa | 1010 | |
fdfe872d | 1011 | v1.8.0 - 26 Feb 2013 |
c8d5d22c | 1012 | ------------------------ |
fdfe872d | 1013 | *** Internal only release *** |
c483d489 | 1014 | - New FAQ. Please send updates and additions! |
f25d0cf3 BP |
1015 | - Authors of controllers, please read the new section titled "Action |
1016 | Reproduction" in DESIGN, which describes an Open vSwitch change in | |
1017 | behavior in corner cases that may affect some controllers. | |
2d8bdd8f AA |
1018 | - ovs-l3ping: |
1019 | - A new test utility that can create L3 tunnel between two Open | |
1020 | vSwitches and detect connectivity issues. | |
5498c01f | 1021 | - ovs-ofctl: |
bdcc5925 | 1022 | - New --sort and --rsort options for "dump-flows" command. |
5498c01f | 1023 | - "mod-port" command can now control all OpenFlow config flags. |
c08201d6 | 1024 | - OpenFlow: |
ff0b06ee BP |
1025 | - Allow general bitwise masking for IPv4 and IPv6 addresses in |
1026 | IPv4, IPv6, and ARP packets. (Previously, only CIDR masks | |
c08201d6 BP |
1027 | were allowed.) |
1028 | - Allow support for arbitrary Ethernet masks. (Previously, only | |
1029 | the multicast bit in the destination address could be individually | |
5a0e4aec | 1030 | masked.) |
969fc56c | 1031 | - New field OXM_OF_METADATA, to align with OpenFlow 1.1. |
0414d158 BP |
1032 | - The OFPST_QUEUE request now reports an error if a specified port or |
1033 | queue does not exist, or for requests for a specific queue on all | |
1034 | ports, if the specified queue does not exist on any port. (Previous | |
1035 | versions generally reported an empty set of results.) | |
2b07c8b1 BP |
1036 | - New "flow monitor" feature to allow controllers to be notified of |
1037 | flow table changes as they happen. | |
c93f9a78 EJ |
1038 | - Additional protocols are not mirrored and dropped when forward-bpdu is |
1039 | false. For a full list, see the ovs-vswitchd.conf.db man page. | |
38f7147c EJ |
1040 | - Open vSwitch now sends RARP packets in situations where it previously |
1041 | sent a custom protocol, making it consistent with behavior of QEMU and | |
1042 | VMware. | |
969e46a2 AS |
1043 | - All Open vSwitch programs and log files now show timestamps in UTC, |
1044 | instead the local timezone, by default. | |
c8d5d22c JP |
1045 | |
1046 | ||
3b4ab170 | 1047 | v1.7.0 - 30 Jul 2012 |
dd1ba5b3 | 1048 | ------------------------ |
9b80f761 CW |
1049 | - kernel modules are renamed. openvswitch_mod.ko is now |
1050 | openvswitch.ko and brcompat_mod.ko is now brcompat.ko. | |
e9358af6 | 1051 | - Increased the number of NXM registers to 8. |
22dd5cec | 1052 | - Added ability to configure DSCP setting for manager and controller |
f125905c MM |
1053 | connections. By default, these connections have a DSCP value of |
1054 | Internetwork Control (0xc0). | |
3967a833 MM |
1055 | - Added the granular link health statistics, 'cfm_health', to an |
1056 | interface. | |
47284b1f AA |
1057 | - OpenFlow: |
1058 | - Added support to mask nd_target for ICMPv6 neighbor discovery flows. | |
2be393ed JP |
1059 | - Added support for OpenFlow 1.3 port description (OFPMP_PORT_DESC) |
1060 | multipart messages. | |
1061 | - ovs-ofctl: | |
1062 | - Added the "dump-ports-desc" command to retrieve port | |
1063 | information using the new port description multipart messages. | |
8d25d9a2 AA |
1064 | - ovs-test: |
1065 | - Added support for spawning ovs-test server from the client. | |
1066 | - Now ovs-test is able to automatically create test bridges and ports. | |
7393104d | 1067 | - "ovs-dpctl dump-flows" now prints observed TCP flags in TCP flows. |
22dd5cec | 1068 | - Tripled flow setup performance. |
a5f607bc BP |
1069 | - The "coverage/log" command previously available through ovs-appctl |
1070 | has been replaced by "coverage/show". The new command replies with | |
1071 | coverage counter values, instead of logging them. | |
dd1ba5b3 JP |
1072 | |
1073 | ||
9d564cb2 | 1074 | v1.6.1 - 25 Jun 2012 |
d0a8c2e0 | 1075 | ------------------------ |
9d564cb2 JP |
1076 | - Allow OFPP_CONTROLLER as the in_port for packet-out messages. |
1077 | ||
1078 | ||
1079 | v1.6.0 - 24 Feb 2012 | |
1080 | ------------------------ | |
1081 | *** Internal only release *** | |
4df08875 | 1082 | - bonding |
bdebeece EJ |
1083 | - LACP bonds no longer fall back to balance-slb when negotiations fail. |
1084 | Instead they drop traffic. | |
4df08875 EJ |
1085 | - The default bond_mode changed from SLB to active-backup, to protect |
1086 | unsuspecting users from the significant risks of SLB bonds (which are | |
1087 | documented in vswitchd/INTERNALS). | |
bc1b010c EJ |
1088 | - Load balancing can be disabled by setting the bond-rebalance-interval |
1089 | to zero. | |
73f33563 BP |
1090 | - OpenFlow: |
1091 | - Added support for bitwise matching on TCP and UDP ports. | |
1092 | See ovs-ofctl(8) for more information. | |
80d5aefd BP |
1093 | - NXM flow dumps now include times elapsed toward idle and hard |
1094 | timeouts. | |
1095 | - Added an OpenFlow extension NXT_SET_ASYNC_CONFIG that allows | |
1096 | controllers more precise control over which OpenFlow messages they | |
1097 | receive asynchronously. | |
0e553d9c BP |
1098 | - New "fin_timeout" action. |
1099 | - Added "fin_timeout" support to "learn" action. | |
a7349929 BP |
1100 | - New Nicira action NXAST_CONTROLLER that offers additional features |
1101 | over output to OFPP_CONTROLLER. | |
2c999774 BP |
1102 | - When QoS settings for an interface do not configure a default queue |
1103 | (queue 0), Open vSwitch now uses a default configuration for that | |
1104 | queue, instead of dropping all packets as in previous versions. | |
2a3e30b2 BP |
1105 | - Logging: |
1106 | - Logging to console and file will have UTC timestamp as a default for | |
1107 | all the daemons. An example of the default format is | |
1108 | 2012-01-27T16:35:17Z. ovs-appctl can be used to change the default | |
1109 | format as before. | |
1110 | - The syntax of commands and options to set log levels was simplified, | |
1111 | to make it easier to remember. | |
254750ce BP |
1112 | - New support for limiting the number of flows in an OpenFlow flow |
1113 | table, with configurable policy for evicting flows upon | |
1114 | overflow. See the Flow_Table table in ovs-vswitch.conf.db(5) | |
1115 | for more information. | |
9886b662 BP |
1116 | - New "enable-async-messages" column in the Controller table. If set to |
1117 | false, OpenFlow connections to the controller will initially have all | |
1118 | asynchronous messages disabled, overriding normal OpenFlow behavior. | |
1745cd08 BP |
1119 | - ofproto-provider interface: |
1120 | - "struct rule" has a new member "used" that ofproto implementations | |
1121 | should maintain by updating with ofproto_rule_update_used(). | |
8f46c9bb BP |
1122 | - ovsdb-client: |
1123 | - The new option --timestamp causes the "monitor" command to print | |
1124 | a timestamp with every update. | |
a7aa2d3c | 1125 | - CFM module CCM broadcasts can now be tagged with an 802.1p priority. |
d0a8c2e0 JP |
1126 | |
1127 | ||
a6492d91 | 1128 | v1.5.0 - 01 Jun 2012 |
e68bfcfc | 1129 | ------------------------ |
e729e793 JP |
1130 | - OpenFlow: |
1131 | - Added support for querying, modifying, and deleting flows | |
1132 | based on flow cookie when using NXM. | |
b4b7f827 | 1133 | - Added new NXM_PACKET_IN format. |
f0fd1a17 | 1134 | - Added new NXAST_DEC_TTL action. |
1eb85ef5 EJ |
1135 | - ovs-ofctl: |
1136 | - Added daemonization support to the monitor and snoop commands. | |
2a9537e2 BP |
1137 | - ovs-vsctl: |
1138 | - The "find" command supports new set relational operators | |
1139 | {=}, {!=}, {<}, {>}, {<=}, and {>=}. | |
e4476f74 BP |
1140 | - ovsdb-tool now uses the typical database and schema installation |
1141 | directories as defaults. | |
d1add61d JP |
1142 | - The default MAC learning timeout has been increased from 60 seconds |
1143 | to 300 seconds. The MAC learning timeout is now configurable. | |
e68bfcfc JP |
1144 | |
1145 | ||
ef13dc11 | 1146 | v1.4.0 - 30 Jan 2012 |
b6a9a95b | 1147 | ------------------------ |
50bf17cd | 1148 | - Compatible with Open vSwitch kernel module included in Linux 3.3. |
52a90c29 BP |
1149 | - New "VLAN splinters" feature to work around buggy device drivers |
1150 | in old Linux versions. (This feature is deprecated. When | |
1151 | broken device drivers are no longer in widespread use, we will | |
1152 | delete this feature.) See ovs-vswitchd.conf.db(5) for more | |
1153 | information. | |
fa8223b7 JP |
1154 | - OpenFlow: |
1155 | - Added ability to match on IPv6 flow label through NXM. | |
530180fd | 1156 | - Added ability to match on ECN bits in IPv4 and IPv6 through NXM. |
a61680c6 | 1157 | - Added ability to match on TTL in IPv4 and IPv6 through NXM. |
530180fd | 1158 | - Added ability to modify ECN bits in IPv4. |
a61680c6 | 1159 | - Added ability to modify TTL in IPv4. |
9d24de3b | 1160 | - ovs-vswitchd: |
c06bba01 JP |
1161 | - Don't require the "normal" action to use mirrors. Traffic will |
1162 | now be properly mirrored for any flows, regardless of their | |
1163 | actions. | |
9d24de3b | 1164 | - Track packet and byte statistics sent on mirrors. |
733adf2a LG |
1165 | - The sFlow implementation can now usually infer the correct agent |
1166 | device instead of having to be told explicitly. | |
f0a3aa2e AA |
1167 | - ovs-appctl: |
1168 | - New "fdb/flush" command to flush bridge's MAC learning table. | |
0be6140a AA |
1169 | - ovs-test: |
1170 | - A new distributed testing tool that allows one to diagnose performance | |
1171 | and connectivity issues. This tool currently is not included in RH or | |
1172 | Xen packages. | |
0fb42626 | 1173 | - RHEL packaging now supports integration with Red Hat network scripts. |
4c57c3bc EJ |
1174 | - bonding: |
1175 | - Post 1.4.*, OVS will be changing the default bond mode from balance-slb | |
1176 | to active-backup. SLB bonds carry significant risks with them | |
1177 | (documented vswitchd/INTERNALS) which we want to prevent unsuspecting | |
1178 | users from running into. Users are advised to update any scripts or | |
1179 | configuration which may be negatively impacted by explicitly setting | |
1180 | the bond mode which they want to use. | |
b6a9a95b | 1181 | |
0be6140a | 1182 | |
ddc29387 | 1183 | v1.3.0 - 09 Dec 2011 |
3e60856b | 1184 | ------------------------ |
f694937d EJ |
1185 | - OpenFlow: |
1186 | - Added an OpenFlow extension which allows the "output" action to accept | |
1187 | NXM fields. | |
75a75043 | 1188 | - Added an OpenFlow extension for flexible learning. |
d2c0fed9 | 1189 | - Bumped number of NXM registers from four to five. |
d5e1e5ed | 1190 | - ovs-appctl: |
ae75dae3 JP |
1191 | - New "version" command to determine version of running daemon. |
1192 | - If no argument is provided for "cfm/show", displays detailed | |
1193 | information about all interfaces with CFM enabled. | |
5dab8ece JP |
1194 | - If no argument is provided for "lacp/show", displays detailed |
1195 | information about all ports with LACP enabled. | |
10500639 BP |
1196 | - ovs-dpctl: |
1197 | - New "set-if" command to modify a datapath port's configuration. | |
29901626 BP |
1198 | - ovs-vswitchd: |
1199 | - The software switch now supports 255 OpenFlow tables, instead | |
1200 | of just one. By default, only table 0 is consulted, but the | |
1201 | new NXAST_RESUBMIT_TABLE action can look up in additional | |
1202 | tables. Tables 128 and above are reserved for use by the | |
1203 | switch itself; please use only tables 0 through 127. | |
21f7563c | 1204 | - Add support for 802.1D spanning tree (STP). |
7257b535 BP |
1205 | - Fragment handling extensions: |
1206 | - New OFPC_FRAG_NX_MATCH fragment handling mode, in which L4 | |
1207 | fields are made available for matching in fragments with | |
1208 | offset 0. | |
1209 | - New NXM_NX_IP_FRAG match field for matching IP fragments (usable | |
1210 | via "ip_frag" in ovs-ofctl). | |
1211 | - New ovs-ofctl "get-frags" and "set-frags" commands to get and set | |
1212 | fragment handling policy. | |
2f4bc10d BP |
1213 | - CAPWAP tunneling now supports an extension to transport a 64-bit key. |
1214 | By default it remains compatible with the old version and other | |
c87112ca | 1215 | standards-based implementations. |
17411ecf JG |
1216 | - Flow setups are now processed in a round-robin manner across ports |
1217 | to prevent any single client from monopolizing the CPU and conducting | |
1218 | a denial of service attack. | |
ecac4ebf BP |
1219 | - Added support for native VLAN tagging. A new "vlan_mode" |
1220 | parameter can be set for "port". Possible values: "access", | |
1221 | "trunk", "native-tagged" and "native-untagged". | |
023e1e0a | 1222 | - test-openflowd has been removed. Please use ovs-vswitchd instead. |
3e60856b | 1223 | |
5e9c5b61 | 1224 | v1.2.0 - 03 Aug 2011 |
b78f6b77 | 1225 | ------------------------ |
1a142ced JP |
1226 | - New "ofproto" abstraction layer to ease porting to hardware |
1227 | switching ASICs. | |
1228 | - Packaging for Red Hat Enterprise Linux 5.6 and 6.0. | |
1229 | - Datapath support for Linux kernels up to 3.0. | |
1230 | - OpenFlow: | |
1231 | - New "bundle" and "bundle_load" action extensions. | |
1232 | - Database: | |
1233 | - Implement table unique constraints. | |
1234 | - Support cooperative locking between callers. | |
1235 | - ovs-dpctl: | |
1236 | - New "-s" option for "show" command prints packet and byte | |
1237 | counters for each port. | |
c4ea79bf BP |
1238 | - ovs-ofctl: |
1239 | - New "--readd" option for "replace-flows". | |
9b1735a7 BP |
1240 | - ovs-vsctl: |
1241 | - New "show" command to print an overview of configuration. | |
1a142ced | 1242 | - New "comment" command to add remark that explains intentions. |
2b01925c | 1243 | - ovs-brcompatd has been rewritten to fix long-standing bugs. |
045b2e5c BP |
1244 | - ovs-openflowd has been renamed test-openflowd and moved into the |
1245 | tests directory. Its presence confused too many users. Please | |
1246 | use ovs-vswitchd instead. | |
1a142ced JP |
1247 | - New ovs-benchmark utility to test flow setup performance. |
1248 | - A new log level "off" has been added. Configuring a log facility | |
1249 | "off" prevents any messages from being logged to it. Previously, | |
1250 | "emer" was effectively "off" because no messages were ever logged at | |
1251 | level "emer". Now, errors that cause a process to exit are logged | |
1252 | at "emer" level. | |
8a2d6596 BP |
1253 | - "configure" option --with-l26 has been renamed --with-linux, and |
1254 | --with-l26-source has been renamed --with-linux-source. The old | |
1255 | names will be removed after the next release, so please update | |
1256 | your scripts. | |
22bcc0e7 JG |
1257 | - The "-2.6" suffix has been dropped from the datapath/linux-2.6 and |
1258 | datapath/linux-2.6/compat-2.6 directories. | |
b78f6b77 BP |
1259 | - Feature removals: |
1260 | - Dropped support for "tun_id_from_cookie" OpenFlow extension. | |
0be6140a | 1261 | Please use the extensible match extensions instead. |
93b8df38 EJ |
1262 | - Removed the Maintenance_Point and Monitor tables in an effort |
1263 | to simplify 802.1ag configuration. | |
1a142ced JP |
1264 | - Performance and scalability improvements |
1265 | - Bug fixes | |
b78f6b77 | 1266 | |
d4da3acc JP |
1267 | v1.1.0 - 05 Apr 2011 |
1268 | ------------------------ | |
1269 | - Ability to define policies over IPv6 | |
1270 | - LACP | |
1271 | - 802.1ag CCM | |
1272 | - Support for extensible match extensions to OpenFlow | |
1273 | - QoS: | |
1274 | - Support for HFSC qdisc. | |
1275 | - Queue used by in-band control can now be configured. | |
1276 | - Kernel: | |
1277 | - Kernel<->userspace interface has been reworked and should be | |
1278 | close to a stable ABI now. | |
1279 | - "Port group" concept has been dropped. | |
1280 | - GRE over IPSEC tunnels | |
1281 | - Bonding: | |
1282 | - New active backup bonding mode. | |
1283 | - New L4 hashing support when LACP is enabled. | |
1284 | - Source MAC hash now includes VLAN field also. | |
1285 | - miimon support. | |
1286 | - Greatly improved handling of large flow tables | |
1287 | - ovs-dpctl: | |
1288 | - "show" command now prints full vport configuration. | |
1289 | - "dump-groups" command removed since kernel support for | |
1290 | port groups was dropped. | |
1291 | - ovs-vsctl: | |
1292 | - New commands for working with the new Managers table. | |
1293 | - "list" command enhanced with new formatting options and --columns | |
1294 | option. | |
1295 | - "get" command now accepts new --id option. | |
1296 | - New "find" command. | |
1297 | - ovs-ofctl: | |
1298 | - New "queue-stats" command for printing queue stats. | |
1299 | - New commands "replace-flows" and "diff-flows". | |
1300 | - Commands to add and remove flows can now read from files. | |
1301 | - New --flow-format option to enable or disable NXM. | |
1302 | - New --more option to increase OpenFlow message verbosity. | |
1303 | - Removed "tun-cookie" command, which is no longer useful. | |
1304 | - ovs-controller enhancements for testing various features. | |
1305 | - New ovs-vlan-test command for testing for Linux kernel driver VLAN | |
1306 | bugs. New ovs-vlan-bug-workaround command for enabling and | |
1307 | disabling a workaround for these driver bugs. | |
1308 | - OpenFlow support: | |
35d25d44 | 1309 | - "Resubmit" actions now update flow statistics. |
d4da3acc JP |
1310 | - New "register" extension for use in matching and actions, via NXM. |
1311 | - New "multipath" experimental action extension. | |
1312 | - New support for matching multicast Ethernet frames, via NXM. | |
1313 | - New extension for OpenFlow vendor error codes. | |
1314 | - New extension to set the QoS output queue without actually | |
1315 | sending to an output port. | |
1316 | - Open vSwitch now reports a single flow table, instead of | |
1317 | separate hash and wildcard tables. This better models the | |
1318 | current implementation. | |
1319 | - New experimental "note" action. | |
1320 | - New "ofproto/trace" ovs-appctl command and associated utilities | |
1321 | to ease debugging complex flow tables. | |
1322 | - Database: | |
1323 | - Schema documentation now includes an entity-relationship diagram. | |
1324 | - The database is now garbage collected. In most tables, | |
1325 | unreferenced rows will be deleted automatically. | |
1326 | - Many tables now include statistics updated periodically by | |
1327 | ovs-vswitchd or ovsdb-server. | |
1328 | - Every table now has an "external-ids" column for use by OVS | |
1329 | integrators. | |
1330 | - There is no default controller anymore. Each bridge must have its | |
1331 | controller individually specified. | |
1332 | - The "fail-mode" is now a property of a Bridge instead of a Controller. | |
1333 | - New versioning and checksum features. | |
1334 | - New Managers table and manager_options column in Open_vSwitch table | |
1335 | for specifying managers. The old "managers" column in the | |
1336 | Open_vSwitch table has been removed. | |
1337 | - Many "name" columns are now immutable. | |
1338 | - Feature removals: | |
1339 | - Dropped support for XenServer pre-5.6.100. | |
1340 | - Dropped support for Linux pre-2.6.18. | |
1341 | - Dropped controller discovery support. | |
1342 | - Dropped "ovs-ofctl status" and the OpenFlow extension that it used. | |
1343 | Statistics reporting in the database is a rough equivalent. | |
1344 | - Dropped the "corekeeper" package (now separate, at | |
1345 | http://openvswitch.org/cgi-bin/gitweb.cgi?p=corekeeper). | |
1346 | - Performance and scalability improvements | |
1347 | - Bug fixes | |
1348 | ||
d5905136 JP |
1349 | v1.1.0pre2 - 13 Sep 2010 |
1350 | ------------------------ | |
1351 | - Bug fixes | |
1352 | ||
fdf20378 JP |
1353 | v1.1.0pre1 - 31 Aug 2010 |
1354 | ------------------------ | |
476d56f5 JP |
1355 | - OpenFlow 1.0 slicing (QoS) functionality |
1356 | - Python bindings for configuration database (no write support) | |
1357 | - Performance and scalability improvements | |
1358 | - Bug fixes | |
1359 | ||
b9b0865a JP |
1360 | v1.0.1 - 31 May 2010 |
1361 | -------------------- | |
1362 | - New "patch" interface type | |
1363 | - Bug fixes | |
1364 | ||
7c284ac4 JP |
1365 | v1.0.0 - 15 May 2010 |
1366 | -------------------- | |
1367 | - Configuration database with remote management | |
1368 | - OpenFlow 1.0 | |
1369 | - GRE tunneling | |
1370 | - Support for XenServer 5.5 and 5.6 | |
1371 | - Performance and scalability improvements | |
1372 | - Bug fixes | |
1373 | ||
2f0a1f42 JP |
1374 | v0.99.2 - 18 Feb 2010 |
1375 | --------------------- | |
1376 | - Bug fixes | |
1377 | ||
b84a0589 JP |
1378 | v0.99.1 - 25 Jan 2010 |
1379 | --------------------- | |
1380 | - Add support for sFlow(R) | |
1381 | - Make headers compatible with C++ | |
1382 | - Bug fixes | |
1383 | ||
b7f22a6a JP |
1384 | v0.99.0 - 14 Jan 2010 |
1385 | --------------------- | |
1386 | - User-space forwarding engine | |
1387 | - Bug fixes | |
35d25d44 | 1388 | |
6d735676 JP |
1389 | v0.90.7 - 29 Nov 2009 |
1390 | --------------------- | |
1391 | - Add support for NetFlow active timeouts | |
1392 | - Bug fixes | |
b7f22a6a | 1393 | |
ef5925df JP |
1394 | v0.90.6 - 6 Oct 2009 |
1395 | -------------------- | |
1396 | - Bug fixes | |
1397 | ||
3c708eb8 | 1398 | v0.90.5 - 21 Sep 2009 |
30ee1c4d JP |
1399 | --------------------- |
1400 | - Generalize in-band control to more diverse network setups | |
1401 | - Bug fixes |