]> git.proxmox.com Git - mirror_ovs.git/blame_incremental - NEWS
projects / mirror_ovs.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
ovsdb-server: Add new RPC "set_db_change_aware".
[mirror_ovs.git] / NEWS
... / ...
CommitLineData
1Post-v2.9.0
2--------------------
3 - ovs-vswitchd:
4 * New options --l7 and --l7-len to "ofproto/trace" command.
5 * Previous versions gave OpenFlow tables default names of the form
6 "table#". These are not helpful names for the purpose of accepting
7 and displaying table names, so now tables by default have no names.
8 * The "null" interface type, deprecated since 2013, has been removed.
9 - ovs-ofctl:
10 * ovs-ofctl now accepts and display table names in place of numbers. By
11 default it always accepts names and in interactive use it displays them;
12 use --names or --no-names to override. See ovs-ofctl(8) for details.
13 - ovs-vsctl: New commands "add-bond-iface" and "del-bond-iface".
14 - OpenFlow:
15 * OFPT_ROLE_STATUS is now available in OpenFlow 1.3.
16 - Linux kernel 4.14
17 * Add support for compiling OVS with the latest Linux 4.14 kernel
18
19v2.9.0 - 19 Feb 2018
20--------------------
21 - NSH implementation now conforms to latest draft (draft-ietf-sfc-nsh-28).
22 * Add ttl field.
23 * Add a new action dec_nsh_ttl.
24 * Enable NSH support in kernel datapath.
25 - OVSDB:
26 * New high-level documentation in ovsdb(7).
27 * New file format documentation for developers in ovsdb(5).
28 * Protocol documentation moved from ovsdb-server(1) to ovsdb-server(7).
29 * ovsdb-server now always hosts a built-in database named _Server. See
30 ovsdb-server(5) for more details.
31 * ovsdb-client: New "get-schema-cksum" and "query" commands.
32 * ovsdb-client: New "backup" and "restore" commands.
33 * ovsdb-client: New --timeout option.
34 * ovsdb-tool: New "db-name" and "schema-name" commands.
35 - ovs-vsctl and other commands that display data in tables now support a
36 --max-column-width option to limit column width.
37 - No longer slow-path traffic that sends to a controller. Applications,
38 such as OVN ACL logging, want to send a copy of a packet to a
39 controller while leaving the actual packet forwarding in the datapath.
40 - OVN:
41 * The "requested-chassis" option for a logical switch port now accepts a
42 chassis "hostname" in addition to a chassis "name".
43 * IPv6
44 - Added support to send IPv6 Router Advertisement packets in response to
45 the IPv6 Router Solicitation packets from the VIF ports.
46 - Added support to generate Neighbor Solicitation packets using the OVN
47 action 'nd_ns' to resolve unknown next hop MAC addresses for the
48 IPv6 packets.
49 * ovn-ctl: New commands run_nb_ovsdb and run_sb_ovsdb.
50 - OpenFlow:
51 * ct_clear action is now backed by kernel datapath. Support is probed for
52 when OVS starts.
53 - Linux kernel 4.13
54 * Add support for compiling OVS with the latest Linux 4.13 kernel
55 - ovs-dpctl and related ovs-appctl commands:
56 * "flush-conntrack" now accept a 5-tuple to delete a specific
57 connection tracking entry.
58 * New "ct-set-maxconns", "ct-get-maxconns", and "ct-get-nconns" commands
59 for userspace datapath.
60 - No longer send packets to the Linux TAP device if it's DOWN unless it is
61 in another networking namespace.
62 - DPDK:
63 * Add support for DPDK v17.11
64 * Add support for vHost IOMMU
65 * New debug appctl command 'netdev-dpdk/get-mempool-info'.
66 * All the netdev-dpdk appctl commands described in ovs-vswitchd man page.
67 * Custom statistics:
68 - DPDK physical ports now return custom set of "dropped", "error" and
69 "management" statistics.
70 - ovs-ofctl dump-ports command now prints new of set custom statistics
71 if available (for OpenFlow 1.4+).
72 * New appctl command 'dpif-netdev/pmd-rxq-rebalance' to rebalance rxq to
73 pmd assignments.
74 * Add rxq utilization of pmd to appctl 'dpif-netdev/pmd-rxq-show'.
75 * Add support for vHost dequeue zero copy (experimental)
76 - Userspace datapath:
77 * Output packet batching support.
78 - vswitchd:
79 * Datapath IDs may now be specified as 0x1 (etc.) instead of 16 digits.
80 * Configuring a controller, or unconfiguring all controllers, now deletes
81 all groups and meters (as well as all flows).
82 - New --enable-sparse configure option enables "sparse" checking by default.
83 - Added additional information to vhost-user status.
84
85v2.8.0 - 31 Aug 2017
86--------------------
87 - ovs-ofctl:
88 * ovs-ofctl can now accept and display port names in place of numbers. By
89 default it always accepts names and in interactive use it displays them;
90 use --names or --no-names to override. See ovs-ofctl(8) for details.
91 * "ovs-ofctl dump-flows" now accepts --no-stats to omit flow statistics.
92 - New ovs-dpctl command "ct-stats-show" to show connection tracking stats.
93 - Tunnels:
94 * Added support to set packet mark for tunnel endpoint using
95 `egress_pkt_mark` OVSDB option.
96 * When using Linux kernel datapath tunnels may be created using rtnetlink.
97 This will allow us to take advantage of new tunnel features without
98 having to make changes to the vport modules.
99 - EMC insertion probability is reduced to 1% and is configurable via
100 the new 'other_config:emc-insert-inv-prob' option.
101 - DPDK:
102 * DPDK log messages redirected to OVS logging subsystem.
103 Log level can be changed in a usual OVS way using
104 'ovs-appctl vlog' commands for 'dpdk' module. Lower bound
105 still can be configured via extra arguments for DPDK EAL.
106 * dpdkvhostuser ports are marked as deprecated. They will be removed
107 in an upcoming release.
108 * Support for DPDK v17.05.1.
109 - IPFIX now provides additional counters:
110 * Total counters since metering process startup.
111 * Per-flow TCP flag counters.
112 * Multicast, broadcast, and unicast counters.
113 - New support for multiple VLANs (802.1ad or "QinQ"), including a new
114 "dot1q-tunnel" port VLAN mode.
115 - In ovn-vsctl and vtep-ctl, record UUIDs in commands may now be
116 abbreviated to 4 hex digits.
117 - Userspace Datapath:
118 * Added NAT support for userspace datapath.
119 * Added FTP and TFTP support with NAT for userspace datapath.
120 * Experimental NSH (Network Service Header) support in userspace datapath.
121 - OVN:
122 * New built-in DNS support.
123 * IPAM for IPv4 can now exclude user-defined addresses from assignment.
124 * IPAM can now assign IPv6 addresses.
125 * Make the DHCPv4 router setting optional.
126 * Gratuitous ARP for NAT addresses on a distributed logical router.
127 * Allow ovn-controller SSL configuration to be obtained from vswitchd
128 database.
129 * ovn-trace now has basic support for tracing distributed firewalls.
130 * In ovn-nbctl and ovn-sbctl, record UUIDs in commands may now be
131 abbreviated to 4 hex digits.
132 * "ovn-sbctl lflow-list" can now print OpenFlow flows that correspond
133 to logical flows.
134 * Now uses OVSDB RBAC support to reduce impact of compromised hypervisors.
135 * Multiple chassis may now be specified for L3 gateways. When more than
136 one chassis is specified, OVN will manage high availability for that
137 gateway.
138 * Add support for ACL logging.
139 * ovn-northd now has native support for active-standby high availability.
140 * Add support for QoS bandwidth limt with DPDK.
141 - Tracing with ofproto/trace now traces through recirculation.
142 - OVSDB:
143 * New support for role-based access control (see ovsdb-server(1)).
144 - New commands 'stp/show' and 'rstp/show' (see ovs-vswitchd(8)).
145 - OpenFlow:
146 * All features required by OpenFlow 1.4 are now implemented, so
147 ovs-vswitchd now enables OpenFlow 1.4 by default (in addition to
148 OpenFlow 1.0 to 1.3).
149 * Increased support for OpenFlow 1.6 (draft).
150 * Bundles now support hashing by just nw_src or nw_dst.
151 * The "learn" action now supports a "limit" option (see ovs-ofctl(8)).
152 * The port status bit OFPPS_LIVE now reflects link aliveness.
153 * OpenFlow 1.5 packet-out is now supported.
154 * Support for OpenFlow 1.5 field packet_type and packet-type-aware
155 pipeline (PTAP).
156 * Added generic encap and decap actions (EXT-382).
157 First supported use case is encap/decap for Ethernet.
158 * Added NSH (Network Service Header) support in userspace
159 Used generic encap and decap actions to implement encapsulation and
160 decapsulation of NSH header.
161 IETF NSH draft - https://datatracker.ietf.org/doc/draft-ietf-sfc-nsh/
162 * Conntrack state is only available to the processing path that
163 follows the "recirc_table" argument of the ct() action. Starting
164 in OVS 2.8, this state is now cleared for the current processing
165 path whenever ct() is called.
166 - Fedora Packaging:
167 * OVN services are no longer restarted automatically after upgrade.
168 * ovs-vswitchd and ovsdb-server run as non-root users by default.
169 - Add --cleanup option to command 'ovs-appctl exit' (see ovs-vswitchd(8)).
170 - L3 tunneling:
171 * Use new tunnel port option "packet_type" to configure L2 vs. L3.
172 * In conjunction with PTAP tunnel ports can handle a mix of L2 and L3
173 payload.
174 * New vxlan tunnel extension "gpe" to support VXLAN-GPE tunnels.
175 * New support for non-Ethernet (L3) payloads in GRE and VXLAN-GPE.
176 - The BFD detection multiplier is now user-configurable.
177 - Add experimental support for hardware offloading
178 * HW offloading is disabled by default.
179 * HW offloading is done through the TC interface.
180 - IPv6 link local addresses are now supported on Linux. Use % to designate
181 the scope device.
182
183v2.7.0 - 21 Feb 2017
184---------------------
185 - Utilities and daemons that support SSL now allow protocols and
186 ciphers to be configured with --ssl-protocols and --ssl-ciphers.
187 - OVN:
188 * QoS is now implemented via egress shaping rather than ingress policing.
189 * DSCP marking is now supported, via the new northbound QoS table.
190 * IPAM now supports fixed MAC addresses.
191 * Support for source IP address based routing.
192 * ovn-trace:
193 - New --ovs option to also print OpenFlow flows.
194 - put_dhcp_opts and put_dhcp_optsv6 actions may now be traced.
195 * Support for managing SSL and remote connection configuration in
196 northbound and southbound databases.
197 * TCP connections to northbound and southbound databases are no
198 longer enabled by default and must be explicitly configured.
199 See documentation for ovn-sbctl/ovn-nbctl "set-connection"
200 command or the ovn-ctl "--db-sb-create-insecure-remote" and
201 "--db-nb-create-insecure-remote" command-line options for
202 information regarding remote connection configuration.
203 * New appctl "inject-pkt" command in ovn-controller that allows
204 packets to be injected into the connected OVS instance.
205 * Distributed logical routers may now be connected directly to
206 logical switches with localnet ports, by specifying a
207 "redirect-chassis" on the distributed gateway port of the
208 logical router. NAT rules may be specified directly on the
209 distributed logical router, and are handled either centrally on
210 the "redirect-chassis", or in many cases are handled locally on
211 the hypervisor where the corresponding logical port resides.
212 Gratuitous ARP for NAT addresses on a distributed logical
213 router is not yet supported, but will be added in a future
214 version.
215 - Fixed regression in table stats maintenance introduced in OVS
216 2.3.0, wherein the number of OpenFlow table hits and misses was
217 not accurate.
218 - OpenFlow:
219 * OFPT_PACKET_OUT messages are now supported in bundles.
220 * A new "selection_method=dp_hash" type for OpenFlow select group
221 bucket selection that uses the datapath computed 5-tuple hash
222 without making datapath flows match the 5-tuple fields, which
223 is useful for more efficient load balancing, for example. This
224 uses the Netronome extension to OpenFlow 1.5+ that allows
225 control over the OpenFlow select groups selection method. See
226 "selection_method" and related options in ovs-ofctl(8) for
227 details.
228 * The "sample" action now supports "ingress" and "egress" options.
229 * The "ct" action now supports the TFTP ALG where support is available.
230 * New actions "clone" and "ct_clear".
231 * The "meter" action is now supported in the userspace datapath.
232 - ovs-ofctl:
233 * 'bundle' command now supports packet-out messages.
234 * New syntax for 'ovs-ofctl packet-out' command, which uses the
235 same string parser as the 'bundle' command. The old 'packet-out'
236 syntax is deprecated and will be removed in a later OVS
237 release.
238 * New unixctl "ofctl/packet-out" command, which can be used to
239 instruct a flow monitor to issue OpenFlow packet-out messages.
240 - ovsdb-server:
241 * Remote connections can now be made read-only (see ovsdb-server(1)).
242 - Tunnels:
243 * TLV mappings for protocols such as Geneve are now segregated on
244 a per-OpenFlow bridge basis rather than globally. (The interface
245 has not changed.)
246 * Removed support for IPsec tunnels.
247 - DPDK:
248 * New option 'n_rxq_desc' and 'n_txq_desc' fields for DPDK interfaces
249 which set the number of rx and tx descriptors to use for the given port.
250 * Support for DPDK v16.11.
251 * Support for rx checksum offload. Refer DPDK HOWTO for details.
252 * Port Hotplug is now supported.
253 * DPDK physical ports can now have arbitrary names. The PCI address of
254 the device must be set using the 'dpdk-devargs' option. Compatibility
255 with the old dpdk<portid> naming scheme is broken, and as such a
256 device will not be available for use until a valid dpdk-devargs is
257 specified.
258 * Virtual DPDK Poll Mode Driver (vdev PMD) support.
259 * Removed experimental tag.
260 - Fedora packaging:
261 * A package upgrade does not automatically restart OVS service.
262 - ovs-vswitchd/ovs-vsctl:
263 * Ports now have a "protected" flag. Protected ports can not forward
264 frames to other protected ports. Unprotected ports can receive and
265 forward frames to protected and other unprotected ports.
266 - ovs-vsctl, ovn-nbctl, ovn-sbctl, vtep-ctl:
267 * Database commands now accept integer ranges, e.g. "set port
268 eth0 trunks=1-10" to enable trunking VLANs 1 to 10.
269
270v2.6.0 - 27 Sep 2016
271---------------------
272 - First supported release of OVN. See ovn-architecture(7) for more
273 details.
274 - ovsdb-server:
275 * New "monitor_cond" "monitor_cond_update" and "update2" extensions to
276 RFC 7047.
277 - OpenFlow:
278 * OpenFlow 1.3+ bundles now expire after 10 seconds since the
279 last time the bundle was either opened, modified, or closed.
280 * OpenFlow 1.3 Extension 230, adding OpenFlow Bundles support, is
281 now implemented.
282 * OpenFlow 1.3+ bundles are now supported for group mods as well as
283 flow mods and port mods. Both 'atomic' and 'ordered' bundle
284 flags are supported for group mods as well as flow mods.
285 * Internal OpenFlow rule representation for load and set-field
286 actions is now much more memory efficient. For a complex flow
287 table this can reduce rule memory consumption by 40%.
288 * Bundles are now much more memory efficient than in OVS 2.5.
289 Together with memory efficiency improvements in OpenFlow rule
290 representation, the peak OVS resident memory use during a
291 bundle commit for large complex set of flow mods can be only
292 25% of that in OVS 2.5 (4x lower).
293 * OpenFlow 1.1+ OFPT_QUEUE_GET_CONFIG_REQUEST now supports OFPP_ANY.
294 * OpenFlow 1.4+ OFPMP_QUEUE_DESC is now supported.
295 * OpenFlow 1.4+ OFPT_TABLE_STATUS is now supported.
296 * New property-based packet-in message format NXT_PACKET_IN2 with support
297 for arbitrary user-provided data and for serializing flow table
298 traversal into a continuation for later resumption.
299 * New extension message NXT_SET_ASYNC_CONFIG2 to allow OpenFlow 1.4-like
300 control over asynchronous messages in earlier versions of OpenFlow.
301 * New OpenFlow extension NXM_NX_MPLS_TTL to provide access to MPLS TTL.
302 * New output option, output(port=N,max_len=M), to allow truncating a
303 packet to size M bytes when outputting to port N.
304 * New command OFPGC_ADD_OR_MOD for OFPT_GROUP_MOD message that adds a
305 new group or modifies an existing groups
306 * The optional OpenFlow packet buffering feature is deprecated in
307 this release, and will be removed in the next OVS release
308 (2.7). After the change OVS always sends the 'buffer_id' as
309 0xffffffff in packet-in messages and will send an error
310 response if any other value of this field is included in
311 packet-out and flow mod sent by a controller. Controllers are
312 already expected to work properly in cases where the switch can
313 not buffer packets, so this change should not affect existing
314 users.
315 * New OpenFlow extension NXT_CT_FLUSH_ZONE to flush conntrack zones.
316 - Improved OpenFlow version compatibility for actions:
317 * New OpenFlow extension to support the "group" action in OpenFlow 1.0.
318 * OpenFlow 1.0 "enqueue" action now properly translated to OpenFlow 1.1+.
319 * OpenFlow 1.1 "mod_nw_ecn" and OpenFlow 1.1+ "mod_nw_ttl" actions now
320 properly translated to OpenFlow 1.0.
321 - ovs-ofctl:
322 * queue-get-config command now allows a queue ID to be specified.
323 * '--bundle' option can now be used with OpenFlow 1.3 and with group mods.
324 * New "bundle" command allows executing a mixture of flow and group mods
325 as a single atomic transaction.
326 * New option "--color" to produce colorized output for some commands.
327 * New option '--may-create' to use OFPGC_ADD_OR_MOD in mod-group command.
328 - IPFIX:
329 * New "sampling_port" option for "sample" action to allow sampling
330 ingress and egress tunnel metadata with IPFIX.
331 * New ovs-ofctl commands "dump-ipfix-bridge" and "dump-ipfix-flow" to
332 dump bridge IPFIX statistics and flow based IPFIX statistics.
333 * New setting other-config:virtual_obs_id to add an arbitrary string
334 to IPFIX records.
335 - Linux:
336 * OVS Linux datapath now implements Conntrack NAT action with all
337 supported Linux kernels.
338 * Support for truncate action.
339 * New QoS type "linux-noop" that prevents Open vSwitch from trying to
340 manage QoS for a given port (useful when other software manages QoS).
341 - DPDK:
342 * New option "n_rxq" for PMD interfaces.
343 Old 'other_config:n-dpdk-rxqs' is no longer supported.
344 Not supported by vHost interfaces. For them number of rx and tx queues
345 is applied from connected virtio device.
346 * New 'other_config:pmd-rxq-affinity' field for PMD interfaces, that
347 allows to pin port's rx queues to desired cores.
348 * New appctl command 'dpif-netdev/pmd-rxq-show' to check the port/rxq
349 assignment.
350 * Type of log messages from PMD threads changed from INFO to DBG.
351 * QoS functionality with sample egress-policer implementation.
352 * The mechanism for configuring DPDK has changed to use database
353 * Sensible defaults have been introduced for many of the required
354 configuration options
355 * DB entries have been added for many of the DPDK EAL command line
356 arguments. Additional arguments can be passed via the dpdk-extra
357 entry.
358 * Add ingress policing functionality.
359 * PMD threads servicing vHost User ports can now come from the NUMA
360 node that device memory is located on if CONFIG_RTE_LIBRTE_VHOST_NUMA
361 is enabled in DPDK.
362 * Basic connection tracking for the userspace datapath (no ALG,
363 fragmentation or NAT support yet)
364 * Support for DPDK 16.07
365 * Optional support for DPDK pdump enabled.
366 * Jumbo frame support
367 * Remove dpdkvhostcuse port type.
368 * OVS client mode for vHost and vHost reconnect (Requires QEMU 2.7)
369 * 'dpdkvhostuserclient' port type.
370 - Increase number of registers to 16.
371 - ovs-benchmark: This utility has been removed due to lack of use and
372 bitrot.
373 - ovs-appctl:
374 * New "vlog/close" command.
375 - ovs-ctl:
376 * Added the ability to selectively start the forwarding and database
377 functions (ovs-vswitchd and ovsdb-server, respectively).
378 - ovsdb-server:
379 * Remove max number of sessions limit, to enable connection scaling
380 testing.
381 - python:
382 * Added support for Python 3.4+ in addition to existing support
383 for 2.7+.
384 - SELinux:
385 * Introduced SELinux policy package.
386 - Datapath Linux kernel compatibility.
387 * Dropped support for kernel older than 3.10.
388 * Removed VLAN splinters feature.
389 * Datapath supports kernel upto 4.7.
390 - Tunnels:
391 * Flow based tunnel match and action can be used for IPv6 address using
392 tun_ipv6_src, tun_ipv6_dst fields.
393 * Added support for IPv6 tunnels, for details checkout FAQ.
394 * Deprecated support for IPsec tunnels ports.
395 - A wrapper script, 'ovs-tcpdump', to easily port-mirror an OVS port and
396 watch with tcpdump
397 - Introduce --no-self-confinement flag that allows daemons to work with
398 sockets outside their run directory.
399 - ovs-pki: Changed message digest algorithm from SHA-1 to SHA-512 because
400 SHA-1 is no longer secure and some operating systems have started to
401 disable it in OpenSSL.
402 - Add 'mtu_request' column to the Interface table. It can be used to
403 configure the MTU of the ports.
404
405Known issues:
406 - Using openvswitch module in conjunction with upstream Linux tunnels:
407 * When using the openvswitch module distributed with OVS against kernel
408 versions 4.4 to 4.6, the openvswitch module cannot be loaded or used at
409 the same time as "ip_gre".
410 - Conntrack FTP ALGs: When using the openvswitch module distributed with
411 OVS, particular Linux distribution kernels versions may provide diminished
412 functionality. This typically affects active FTP data connections when
413 using "actions=ct(alg=ftp),..." in flow tables. Specifically:
414 * Centos 7.1 kernels (3.10.0-2xx) kernels are unable to correctly set
415 up expectations for FTP data connections in multiple zones,
416 eg "actions=ct(zone=1,alg=ftp),ct(zone=2,alg=ftp),...". Executing the
417 "ct" action for subsequent data connections may fail to determine that
418 the data connection is "related" to an existing connection.
419 * Centos 7.2 kernels (3.10.0-3xx) kernels may not establish FTP ALG state
420 correctly for NATed connections. As a result, flows that perform NAT,
421 eg "actions=ct(nat,ftp=alg,table=1),..." may fail to NAT the packet,
422 and will populate the "ct_state=inv" bit in the flow.
423
424
425v2.5.0 - 26 Feb 2016
426---------------------
427 - Dropped support for Python older than version 2.7. As a consequence,
428 using Open vSwitch 2.5 or later on XenServer 6.5 or earlier (which
429 have Python 2.4) requires first installing Python 2.7.
430 - OpenFlow:
431 * Group chaining (where one OpenFlow group triggers another) is
432 now supported.
433 * OpenFlow 1.4+ "importance" is now considered for flow eviction.
434 * OpenFlow 1.4+ OFPTC_EVICTION is now implemented.
435 * OpenFlow 1.4+ OFPTC_VACANCY_EVENTS is now implemented.
436 * OpenFlow 1.4+ OFPMP_TABLE_DESC is now implemented.
437 * Allow modifying the ICMPv4/ICMPv6 type and code fields.
438 * OpenFlow 1.4+ OFPT_SET_ASYNC_CONFIG and OFPT_GET_ASYNC_CONFIG are
439 now implemented.
440 - ovs-ofctl:
441 * New "out_group" keyword for OpenFlow 1.1+ matching on output group.
442 - Tunnels:
443 * Geneve tunnels can now match and set options and the OAM bit.
444 * The nonstandard GRE64 tunnel extension has been dropped.
445 - Support Multicast Listener Discovery (MLDv1 and MLDv2).
446 - Add 'symmetric_l3l4' and 'symmetric_l3l4+udp' hash functions.
447 - sFlow agent now reports tunnel and MPLS structures.
448 - New 'check-system-userspace', 'check-kmod' and 'check-kernel' Makefile
449 targets to run a new system testsuite. These tests can be run inside
450 a Vagrant box. See INSTALL.md for details
451 - Mark --syslog-target argument as deprecated. It will be removed in
452 the next OVS release.
453 - Added --user option to all daemons
454 - Add support for connection tracking through the new "ct" action
455 and "ct_state"/"ct_zone"/"ct_mark"/"ct_label" match fields. Only
456 available on Linux kernels with the connection tracking module loaded.
457 - Add experimental version of OVN. OVN, the Open Virtual Network, is a
458 system to support virtual network abstraction. OVN complements the
459 existing capabilities of OVS to add native support for virtual network
460 abstractions, such as virtual L2 and L3 overlays and security groups.
461 - RHEL packaging:
462 * DPDK ports may now be created via network scripts (see README.RHEL).
463 - DPDK:
464 * Requires DPDK 2.2
465 * Added multiqueue support to vhost-user
466 * Note: QEMU 2.5+ required for multiqueue support
467
468v2.4.0 - 20 Aug 2015
469---------------------
470 - Flow table modifications are now atomic, meaning that each packet
471 now sees a coherent version of the OpenFlow pipeline. For
472 example, if a controller removes all flows with a single OpenFlow
473 "flow_mod", no packet sees an intermediate version of the OpenFlow
474 pipeline where only some of the flows have been deleted.
475 - Added support for SFQ, FQ_CoDel and CoDel qdiscs.
476 - Add bash command-line completion support for ovs-vsctl Please check
477 utilities/ovs-command-compgen.INSTALL.md for how to use.
478 - The MAC learning feature now includes per-port fairness to mitigate
479 MAC flooding attacks.
480 - New support for a "conjunctive match" OpenFlow extension, which
481 allows constructing OpenFlow matches of the form "field1 in
482 {a,b,c...} AND field2 in {d,e,f...}" and generalizations. For details,
483 see documentation for the "conjunction" action in ovs-ofctl(8).
484 - Add bash command-line completion support for ovs-appctl/ovs-dpctl/
485 ovs-ofctl/ovsdb-tool commands. Please check
486 utilities/ovs-command-compgen.INSTALL.md for how to use.
487 - The "learn" action supports a new flag "delete_learned" that causes
488 the learned flows to be deleted when the flow with the "learn" action
489 is deleted.
490 - Basic support for the Geneve tunneling protocol. It is not yet
491 possible to generate or match options. This is planned for a future
492 release. The protocol is documented at
493 http://tools.ietf.org/html/draft-gross-geneve-00
494 - The OVS database now reports controller rate limiting statistics.
495 - sflow now exports information about LACP-based bonds, port names, and
496 OpenFlow port numbers, as well as datapath performance counters.
497 - ovs-dpctl functionality is now available for datapaths integrated
498 into ovs-vswitchd, via ovs-appctl. Some existing ovs-appctl
499 commands are now redundant and will be removed in a future
500 release. See ovs-vswitchd(8) for details.
501 - OpenFlow:
502 * OpenFlow 1.4 bundles are now supported for flow mods and port
503 mods. For flow mods, both 'atomic' and 'ordered' bundle flags
504 are trivially supported, as all bundled messages are executed
505 in the order they were added and all flow table modifications
506 are now atomic to the datapath. Port mods may not appear in
507 atomic bundles, as port status modifications are not atomic.
508 * IPv6 flow label and neighbor discovery fields are now modifiable.
509 * OpenFlow 1.5 extended registers are now supported.
510 * The OpenFlow 1.5 actset_output field is now supported.
511 * OpenFlow 1.5 Copy-Field action is now supported.
512 * OpenFlow 1.5 masked Set-Field action is now supported.
513 * OpenFlow 1.3+ table features requests are now supported (read-only).
514 * Nicira extension "move" actions may now be included in action sets.
515 * "resubmit" actions may now be included in action sets. The resubmit
516 is executed last, and only if the action set has no "output" or "group"
517 action.
518 * OpenFlow 1.4+ flow "importance" is now maintained in the flow table.
519 * A new Netronome extension to OpenFlow 1.5+ allows control over the
520 fields hashed for OpenFlow select groups. See "selection_method" and
521 related options in ovs-ofctl(8) for details.
522 - ovs-ofctl has a new '--bundle' option that makes the flow mod commands
523 ('add-flow', 'add-flows', 'mod-flows', 'del-flows', and 'replace-flows')
524 use an OpenFlow 1.4 bundle to operate the modifications as a single
525 atomic transaction. If any of the flow mods in a transaction fail, none
526 of them are executed. All flow mods in a bundle appear to datapath
527 lookups simultaneously.
528 - ovs-ofctl 'add-flow' and 'add-flows' commands now accept arbitrary flow
529 mods as an input by allowing the flow specification to start with an
530 explicit 'add', 'modify', 'modify_strict', 'delete', or 'delete_strict'
531 keyword. A missing keyword is treated as 'add', so this is fully
532 backwards compatible. With the new '--bundle' option all the flow mods
533 are executed as a single atomic transaction using an OpenFlow 1.4 bundle.
534 - ovs-pki: Changed message digest algorithm from MD5 to SHA-1 because
535 MD5 is no longer secure and some operating systems have started to disable
536 it in OpenSSL.
537 - ovsdb-server: New OVSDB protocol extension allows inequality tests on
538 "optional scalar" columns. See ovsdb-server(1) for details.
539 - ovs-vsctl now permits immutable columns in a new row to be modified in
540 the same transaction that creates the row.
541 - test-controller has been renamed ovs-testcontroller at request of users
542 who find it useful for testing basic OpenFlow setups. It is still not
543 a necessary or desirable part of most Open vSwitch deployments.
544 - Support for travis-ci.org based continuous integration builds has been
545 added. Build failures are reported to build@openvswitch.org. See INSTALL.md
546 file for additional details.
547 - Support for the Rapid Spanning Tree Protocol (IEEE 802.1D-2004).
548 The implementation has been tested successfully against the Ixia Automated
549 Network Validation Library (ANVL).
550 - Stats are no longer updated on fake bond interface.
551 - Keep active bond slave selection across OVS restart.
552 - A simple wrapper script, 'ovs-docker', to integrate OVS with Docker
553 containers. If and when there is a native integration of Open vSwitch
554 with Docker, the wrapper script will be retired.
555 - Added support for DPDK Tunneling. VXLAN, GRE, and Geneve are supported
556 protocols. This is generic tunneling mechanism for userspace datapath.
557 - Support for multicast snooping (IGMPv1, IGMPv2 and IGMPv3)
558 - Support for Linux kernels up to 4.0.x
559 - The documentation now use the term 'destination' to mean one of syslog,
560 console or file for vlog logging instead of the previously used term
561 'facility'.
562 - Support for VXLAN Group Policy extension
563 - Initial support for the IETF Auto-Attach SPBM draft standard. This
564 contains rudimentary support for the LLDP protocol as needed for
565 Auto-Attach.
566 - The default OpenFlow and OVSDB ports are now the IANA-assigned
567 numbers. OpenFlow is 6653 and OVSDB is 6640.
568 - Support for DPDK vHost.
569 - Support for outer UDP checksums in Geneve and VXLAN.
570 - The kernel vports with dependencies are no longer part of the overall
571 openvswitch.ko but built and loaded automatically as individual kernel
572 modules (vport-*.ko).
573 - Support for STT tunneling.
574 - ovs-sim: New developer tool for simulating multiple OVS instances.
575 See ovs-sim(1) for more information.
576 - Support to configure method (--syslog-method argument) that determines
577 how daemons will talk with syslog.
578 - Support for "ovs-appctl vlog/list-pattern" command that lets to query
579 logging message format for each destination.
580
581
582v2.3.0 - 14 Aug 2014
583---------------------
584 - OpenFlow 1.1, 1.2, and 1.3 are now enabled by default in
585 ovs-vswitchd.
586 - Linux kernel datapath now has an exact match cache optimizing the
587 flow matching process.
588 - Datapath flows now have partially wildcarded tranport port field
589 matches. This reduces userspace upcalls, but increases the
590 number of different masks in the datapath. The kernel datapath
591 exact match cache removes the overhead of matching the incoming
592 packets with the larger number of masks, but when paired with an
593 older kernel module, some workloads may perform worse with the
594 new userspace.
595 - Compatibility with autoconf 2.63 (previously >=2.64)
596
597v2.2.0 - Internal Release
598---------------------
599 - Internal ports are no longer brought up by default, because it
600 should be an administrator task to bring up devices as they are
601 configured properly.
602 - ovs-vsctl now reports when ovs-vswitchd fails to create a new port or
603 bridge.
604 - Port creation and configuration errors are now stored in a new error
605 column of the Interface table and included in 'ovs-vsctl show'.
606 - The "ovsdbmonitor" graphical tool has been removed, because it was
607 poorly maintained and not widely used.
608 - New "check-ryu" Makefile target for running Ryu tests for OpenFlow
609 controllers against Open vSwitch. See INSTALL.md for details.
610 - Added IPFIX support for SCTP flows and templates for ICMPv4/v6 flows.
611 - Upon the receipt of a SIGHUP signal, ovs-vswitchd no longer reopens its
612 log file (it will terminate instead). Please use 'ovs-appctl vlog/reopen'
613 instead.
614 - Support for Linux kernels up to 3.14. From Kernel 3.12 onwards OVS uses
615 tunnel API for GRE and VXLAN.
616 - Added DPDK support.
617 - Added support for custom vlog patterns in Python
618
619
620v2.1.0 - 19 Mar 2014
621---------------------
622 - Address prefix tracking support for flow tables. New columns
623 "prefixes" in OVS-DB table "Flow_Table" controls which packet
624 header fields are used for address prefix tracking. Prefix
625 tracking allows the classifier to skip rules with longer than
626 necessary prefixes, resulting in better wildcarding for datapath
627 flows. Default configuration is to not use any fields for prefix
628 tracking. However, if any flow tables contain both exact matches
629 and masked matches for IP address fields, OVS performance may be
630 increased by using this feature.
631 * As of now, the fields for which prefix lookup can be enabled
632 are: 'tun_id', 'tun_src', 'tun_dst', 'nw_src', 'nw_dst' (or
633 aliases 'ip_src' and 'ip_dst'), 'ipv6_src', and 'ipv6_dst'.
634 (Using this feature for 'tun_id' would only make sense if the
635 tunnel IDs have prefix structure similar to IP addresses.)
636 * There is a maximum number of fields that can be enabled for any
637 one flow table. Currently this limit is 3.
638 * Examples:
639 $ ovs-vsctl set Bridge br0 flow_tables:0=@N1 -- \
640 --id=@N1 create Flow_Table name=table0
641 $ ovs-vsctl set Bridge br0 flow_tables:1=@N1 -- \
642 --id=@N1 create Flow_Table name=table1
643 $ ovs-vsctl set Flow_Table table0 prefixes=ip_dst,ip_src
644 $ ovs-vsctl set Flow_Table table1 prefixes=[]
645 - TCP flags matching: OVS now supports matching of TCP flags. This
646 has an adverse performance impact when using OVS userspace 1.10
647 or older (no megaflows support) together with the new OVS kernel
648 module. It is recommended that the kernel and userspace modules
649 both are upgraded at the same time.
650 - The default OpenFlow and OVSDB ports will change to
651 IANA-assigned numbers in a future release. Consider updating
652 your installations to specify port numbers instead of using the
653 defaults.
654 - OpenFlow:
655 * The OpenFlow 1.1+ "Write-Actions" instruction is now supported.
656 * OVS limits the OpenFlow port numbers it assigns to port 32767 and
657 below, leaving port numbers above that range free for assignment
658 by the controller.
659 * ovs-vswitchd now honors changes to the "ofport_request" column
660 in the Interface table by changing the port's OpenFlow port
661 number.
662 * The Open vSwitch software switch now supports OpenFlow groups.
663 - ovs-vswitchd.conf.db.5 man page will contain graphviz/dot
664 diagram only if graphviz package was installed at the build time.
665 - Support for Linux kernels up to 3.11
666 - ovs-dpctl:
667 The "show" command also displays mega flow mask stats.
668 - ovs-ofctl:
669 * New command "ofp-parse-pcap" to dump OpenFlow from PCAP files.
670 - ovs-controller has been renamed test-controller. It is no longer
671 packaged or installed by default, because too many users assumed
672 incorrectly that ovs-controller was a necessary or desirable part
673 of an Open vSwitch deployment.
674 - Added vlog option to export to a UDP syslog sink.
675 - ovsdb-client:
676 * The "monitor" command can now monitor all tables in a database,
677 instead of being limited to a single table.
678 - The flow-eviction-threshold has been replaced by the flow-limit which is a
679 hard limit on the number of flows in the datapath. It defaults to 200,000
680 flows. OVS automatically adjusts this number depending on network
681 conditions.
682 - Added IPv6 support for active and passive socket communications.
683
684
685v2.0.0 - 15 Oct 2013
686---------------------
687 - The ovs-vswitchd process is no longer single-threaded. Multiple
688 threads are now used to handle flow set up and asynchronous
689 logging.
690 - OpenFlow:
691 * Experimental support for OpenFlow 1.1 (in addition to 1.2 and
692 1.3, which had experimental support in 1.10).
693 * Experimental protocol support for OpenFlow 1.1+ groups. This
694 does not yet include an implementation in the Open vSwitch
695 software switch.
696 * Experimental protocol support for OpenFlow 1.2+ meters. This
697 does not yet include an implementation in the Open vSwitch
698 software switch.
699 * New support for matching outer source and destination IP address
700 of tunneled packets, for tunnel ports configured with the newly
701 added "remote_ip=flow" and "local_ip=flow" options.
702 * Support for matching on metadata 'pkt_mark' for interacting with
703 other system components. On Linux this corresponds to the skb
704 mark.
705 * Support matching, rewriting SCTP ports
706 - The Interface table in the database has a new "ifindex" column to
707 report the interface's OS-assigned ifindex.
708 - New "check-oftest" Makefile target for running OFTest against Open
709 vSwitch. See README-OFTest for details.
710 - The flow eviction threshold has been moved to the Open_vSwitch table.
711 - Database names are now mandatory when specifying ovsdb-server options
712 through database paths (e.g. Private key option with the database name
713 should look like "--private-key=db:Open_vSwitch,SSL,private_key").
714 - Added ovs-dev.py, a utility script helpful for Open vSwitch developers.
715 - Support for Linux kernels up to 3.10
716 - ovs-ofctl:
717 * New "ofp-parse" for printing OpenFlow messages read from a file.
718 * New commands for OpenFlow 1.1+ groups.
719 - Added configurable flow caching support to IPFIX exporter.
720 - Dropped support for Linux pre-2.6.32.
721 - Log file timestamps and ovsdb commit timestamps are now reported
722 with millisecond resolution. (Previous versions only reported
723 whole seconds.)
724
725
726v1.11.0 - 28 Aug 2013
727---------------------
728 - Support for megaflows, which allows wildcarding in the kernel (and
729 any dpif implementation that supports wildcards). Depending on
730 the flow table and switch configuration, flow set up rates are
731 close to the Linux bridge.
732 - The "tutorial" directory contains a new tutorial for some advanced
733 Open vSwitch features.
734 - Stable bond mode has been removed.
735 - The autopath action has been removed.
736 - New support for the data encapsulation format of the LISP tunnel
737 protocol (RFC 6830). An external control plane or manual flow
738 setup is required for EID-to-RLOC mapping.
739 - OpenFlow:
740 * The "dec_mpls_ttl" and "set_mpls_ttl" actions from OpenFlow
741 1.1 and later are now implemented.
742 * New "stack" extension for use in actions, to push and pop from
743 NXM fields.
744 * The "load" and "set_field" actions can now modify the "in_port". (This
745 allows one to enable output to a flow's input port by setting the
746 in_port to some unused value, such as OFPP_NONE.)
747 - ovs-dpctl:
748 * New debugging commands "add-flow", "mod-flow", "del-flow".
749 * "dump-flows" now has a -m option to increase output verbosity.
750 - In dpif-based bridges, cache action translations, which can improve
751 flow set up performance by 80% with a complicated flow table.
752 - New syslog format, prefixed with "ovs|", to be easier to filter.
753 - RHEL: Removes the default firewall rule that allowed GRE traffic to
754 pass through. Any users that relied on this automatic firewall hole
755 will have to manually configure it. The ovs-ctl(8) manpage documents
756 the "enable-protocol" command that can be used as an alternative.
757 - New CFM demand mode which uses data traffic to indicate interface
758 liveness.
759
760v1.10.0 - 01 May 2013
761---------------------
762 - Bridge compatibility support has been removed. Any uses that
763 rely on ovs-brcompatd will have to stick with Open vSwitch 1.9.x
764 or adapt to native Open vSwitch support (e.g. use ovs-vsctl instead
765 of brctl).
766 - The maximum size of the MAC learning table is now configurable.
767 - With the Linux datapath, packets for new flows are now queued
768 separately on a per-port basis, so it should no longer be
769 possible for a large number of new flows arriving on one port to
770 prevent new flows from being processed on other ports.
771 - ovs-vsctl:
772 * Previously ovs-vsctl would retry connecting to the database forever,
773 causing it to hang if ovsdb-server was not running. Now, ovs-vsctl
774 only tries once by default (use --retry to try forever). This change
775 means that you may want to remove uses of --timeout to avoid hangs
776 in ovs-vsctl calls.
777 * Many "ovs-vsctl" database commands now accept an --if-exists option.
778 Please refer to the ovs-vsctl manpage for details.
779 - OpenFlow:
780 - Experimental support for newer versions of OpenFlow. See
781 the "What versions of OpenFlow does Open vSwitch support?"
782 question in the FAQ for more details.
783 - The OpenFlow "dp_desc" may now be configured by setting the
784 value of other-config:dp-desc in the Bridge table.
785 - It is possible to request the OpenFlow port number with the
786 "ofport_request" column in the Interface table.
787 - The NXM flow_removed message now reports the OpenFlow table ID
788 from which the flow was removed.
789 - Tunneling:
790 - New support for the VXLAN tunnel protocol (see the IETF draft here:
791 http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-03).
792 - Tunneling requires the version of the kernel module paired with
793 Open vSwitch 1.9.0 or later.
794 - Inheritance of the Don't Fragment bit in IP tunnels (df_inherit)
795 is no longer supported.
796 - Path MTU discovery is no longer supported.
797 - CAPWAP tunneling support removed.
798 - Tunnels with multicast destination ports are no longer supported.
799 - ovs-dpctl:
800 - The "dump-flows" and "del-flows" no longer require an argument
801 if only one datapath exists.
802 - ovs-appctl:
803 - New "vlog/disable-rate-limit" and "vlog/enable-rate-limit"
804 commands available allow control over logging rate limits.
805 - New "dpif/dump-dps", "dpif/show", and "dpif/dump-flows" command
806 that mimic the equivalent ovs-dpctl commands.
807 - The ofproto library is now responsible for assigning OpenFlow port
808 numbers. An ofproto implementation should assign them when
809 port_construct() is called.
810 - All dpif-based bridges of a particular type share a common
811 datapath called "ovs-<type>", e.g. "ovs-system". The ovs-dpctl
812 commands will now return information on that shared datapath. To
813 get the equivalent bridge-specific information, use the new
814 "ovs-appctl dpif/*" commands.
815 - Backward-incompatible changes:
816 - Earlier Open vSwitch versions treated ANY as a wildcard in flow
817 syntax. OpenFlow 1.1 adds a port named ANY, which introduces a
818 conflict. ANY was rarely used in flow syntax, so we chose to
819 retire that meaning of ANY in favor of the OpenFlow 1.1 meaning.
820 - Patch ports no longer require kernel support, so they now work
821 with FreeBSD and the kernel module built into Linux 3.3 and later.
822 - New "sample" action.
823
824
825v1.9.0 - 26 Feb 2013
826------------------------
827 - Datapath:
828 - Support for ipv6 set action.
829 - SKB mark matching and setting.
830 - support for Linux kernels up to 3.8
831 - FreeBSD is now a supported platform, thanks to code contributions from
832 Gaetano Catalli, Ed Maste, and Giuseppe Lettieri.
833 - ovs-bugtool: New --ovs option to report only OVS related information.
834 - New %t and %T log escapes to identify the subprogram within a
835 cooperating group of processes or threads that emitted a log message.
836 The default log patterns now include this information.
837 - OpenFlow:
838 - Allow bitwise masking for SHA and THA fields in ARP, SLL and TLL
839 fields in IPv6 neighbor discovery messages, and IPv6 flow label.
840 - Adds support for writing to the metadata field for a flow.
841 - Tunneling:
842 - The tunneling code no longer assumes input and output keys are
843 symmetric. If they are not, PMTUD needs to be disabled for
844 tunneling to work. Note this only applies to flow-based keys.
845 - New support for a nonstandard form of GRE that supports a 64-bit key.
846 - Tunnel Path MTU Discovery default value was set to 'disabled'.
847 This feature is deprecated and will be removed soon.
848 - Tunnel header caching removed.
849 - ovs-ofctl:
850 - Commands and actions that accept port numbers now also accept keywords
851 that represent those ports (such as LOCAL, NONE, and ALL). This is
852 also the recommended way to specify these ports, for compatibility
853 with OpenFlow 1.1 and later (which use the OpenFlow 1.0 numbers
854 for these ports for different purposes).
855 - ovs-dpctl:
856 - Support requesting the port number with the "port_no" option in
857 the "add-if" command.
858 - ovs-pki: The "online PKI" features have been removed, along with
859 the ovs-pki-cgi program that facilitated it, because of some
860 alarmist insecurity claims. We do not believe that these claims
861 are true, but because we do not know of any users for this
862 feature it seems better on balance to remove it. (The ovs-pki-cgi
863 program was not included in distribution packaging.)
864 - ovsdb-server now enforces the immutability of immutable columns. This
865 was not enforced in earlier versions due to an oversight.
866 - The following features are now deprecated. They will be removed no
867 earlier than February 2013. Please email dev@openvswitch.org with
868 concerns.
869 - Bridge compatibility.
870 - Stable bond mode.
871 - The autopath action.
872 - Interface type "null".
873 - Numeric values for reserved ports (see "ovs-ofctl" note above).
874 - Tunnel Path MTU Discovery.
875 - CAPWAP tunnel support.
876 - The data in the RARP packets can now be matched in the same way as the
877 data in ARP packets.
878
879
880v1.8.0 - 26 Feb 2013
881------------------------
882 *** Internal only release ***
883 - New FAQ. Please send updates and additions!
884 - Authors of controllers, please read the new section titled "Action
885 Reproduction" in DESIGN, which describes an Open vSwitch change in
886 behavior in corner cases that may affect some controllers.
887 - ovs-l3ping:
888 - A new test utility that can create L3 tunnel between two Open
889 vSwitches and detect connectivity issues.
890 - ovs-ofctl:
891 - New --sort and --rsort options for "dump-flows" command.
892 - "mod-port" command can now control all OpenFlow config flags.
893 - OpenFlow:
894 - Allow general bitwise masking for IPv4 and IPv6 addresses in
895 IPv4, IPv6, and ARP packets. (Previously, only CIDR masks
896 were allowed.)
897 - Allow support for arbitrary Ethernet masks. (Previously, only
898 the multicast bit in the destination address could be individually
899 masked.)
900 - New field OXM_OF_METADATA, to align with OpenFlow 1.1.
901 - The OFPST_QUEUE request now reports an error if a specified port or
902 queue does not exist, or for requests for a specific queue on all
903 ports, if the specified queue does not exist on any port. (Previous
904 versions generally reported an empty set of results.)
905 - New "flow monitor" feature to allow controllers to be notified of
906 flow table changes as they happen.
907 - Additional protocols are not mirrored and dropped when forward-bpdu is
908 false. For a full list, see the ovs-vswitchd.conf.db man page.
909 - Open vSwitch now sends RARP packets in situations where it previously
910 sent a custom protocol, making it consistent with behavior of QEMU and
911 VMware.
912 - All Open vSwitch programs and log files now show timestamps in UTC,
913 instead the local timezone, by default.
914
915
916v1.7.0 - 30 Jul 2012
917------------------------
918 - kernel modules are renamed. openvswitch_mod.ko is now
919 openvswitch.ko and brcompat_mod.ko is now brcompat.ko.
920 - Increased the number of NXM registers to 8.
921 - Added ability to configure DSCP setting for manager and controller
922 connections. By default, these connections have a DSCP value of
923 Internetwork Control (0xc0).
924 - Added the granular link health statistics, 'cfm_health', to an
925 interface.
926 - OpenFlow:
927 - Added support to mask nd_target for ICMPv6 neighbor discovery flows.
928 - Added support for OpenFlow 1.3 port description (OFPMP_PORT_DESC)
929 multipart messages.
930 - ovs-ofctl:
931 - Added the "dump-ports-desc" command to retrieve port
932 information using the new port description multipart messages.
933 - ovs-test:
934 - Added support for spawning ovs-test server from the client.
935 - Now ovs-test is able to automatically create test bridges and ports.
936 - "ovs-dpctl dump-flows" now prints observed TCP flags in TCP flows.
937 - Tripled flow setup performance.
938 - The "coverage/log" command previously available through ovs-appctl
939 has been replaced by "coverage/show". The new command replies with
940 coverage counter values, instead of logging them.
941
942
943v1.6.1 - 25 Jun 2012
944------------------------
945 - Allow OFPP_CONTROLLER as the in_port for packet-out messages.
946
947
948v1.6.0 - 24 Feb 2012
949------------------------
950 *** Internal only release ***
951 - bonding
952 - LACP bonds no longer fall back to balance-slb when negotiations fail.
953 Instead they drop traffic.
954 - The default bond_mode changed from SLB to active-backup, to protect
955 unsuspecting users from the significant risks of SLB bonds (which are
956 documented in vswitchd/INTERNALS).
957 - Load balancing can be disabled by setting the bond-rebalance-interval
958 to zero.
959 - OpenFlow:
960 - Added support for bitwise matching on TCP and UDP ports.
961 See ovs-ofctl(8) for more information.
962 - NXM flow dumps now include times elapsed toward idle and hard
963 timeouts.
964 - Added an OpenFlow extension NXT_SET_ASYNC_CONFIG that allows
965 controllers more precise control over which OpenFlow messages they
966 receive asynchronously.
967 - New "fin_timeout" action.
968 - Added "fin_timeout" support to "learn" action.
969 - New Nicira action NXAST_CONTROLLER that offers additional features
970 over output to OFPP_CONTROLLER.
971 - When QoS settings for an interface do not configure a default queue
972 (queue 0), Open vSwitch now uses a default configuration for that
973 queue, instead of dropping all packets as in previous versions.
974 - Logging:
975 - Logging to console and file will have UTC timestamp as a default for
976 all the daemons. An example of the default format is
977 2012-01-27T16:35:17Z. ovs-appctl can be used to change the default
978 format as before.
979 - The syntax of commands and options to set log levels was simplified,
980 to make it easier to remember.
981 - New support for limiting the number of flows in an OpenFlow flow
982 table, with configurable policy for evicting flows upon
983 overflow. See the Flow_Table table in ovs-vswitch.conf.db(5)
984 for more information.
985 - New "enable-async-messages" column in the Controller table. If set to
986 false, OpenFlow connections to the controller will initially have all
987 asynchronous messages disabled, overriding normal OpenFlow behavior.
988 - ofproto-provider interface:
989 - "struct rule" has a new member "used" that ofproto implementations
990 should maintain by updating with ofproto_rule_update_used().
991 - ovsdb-client:
992 - The new option --timestamp causes the "monitor" command to print
993 a timestamp with every update.
994 - CFM module CCM broadcasts can now be tagged with an 802.1p priority.
995
996
997v1.5.0 - 01 Jun 2012
998------------------------
999 - OpenFlow:
1000 - Added support for querying, modifying, and deleting flows
1001 based on flow cookie when using NXM.
1002 - Added new NXM_PACKET_IN format.
1003 - Added new NXAST_DEC_TTL action.
1004 - ovs-ofctl:
1005 - Added daemonization support to the monitor and snoop commands.
1006 - ovs-vsctl:
1007 - The "find" command supports new set relational operators
1008 {=}, {!=}, {<}, {>}, {<=}, and {>=}.
1009 - ovsdb-tool now uses the typical database and schema installation
1010 directories as defaults.
1011 - The default MAC learning timeout has been increased from 60 seconds
1012 to 300 seconds. The MAC learning timeout is now configurable.
1013
1014
1015v1.4.0 - 30 Jan 2012
1016------------------------
1017 - Compatible with Open vSwitch kernel module included in Linux 3.3.
1018 - New "VLAN splinters" feature to work around buggy device drivers
1019 in old Linux versions. (This feature is deprecated. When
1020 broken device drivers are no longer in widespread use, we will
1021 delete this feature.) See ovs-vswitchd.conf.db(5) for more
1022 information.
1023 - OpenFlow:
1024 - Added ability to match on IPv6 flow label through NXM.
1025 - Added ability to match on ECN bits in IPv4 and IPv6 through NXM.
1026 - Added ability to match on TTL in IPv4 and IPv6 through NXM.
1027 - Added ability to modify ECN bits in IPv4.
1028 - Added ability to modify TTL in IPv4.
1029 - ovs-vswitchd:
1030 - Don't require the "normal" action to use mirrors. Traffic will
1031 now be properly mirrored for any flows, regardless of their
1032 actions.
1033 - Track packet and byte statistics sent on mirrors.
1034 - The sFlow implementation can now usually infer the correct agent
1035 device instead of having to be told explicitly.
1036 - ovs-appctl:
1037 - New "fdb/flush" command to flush bridge's MAC learning table.
1038 - ovs-test:
1039 - A new distributed testing tool that allows one to diagnose performance
1040 and connectivity issues. This tool currently is not included in RH or
1041 Xen packages.
1042 - RHEL packaging now supports integration with Red Hat network scripts.
1043 - bonding:
1044 - Post 1.4.*, OVS will be changing the default bond mode from balance-slb
1045 to active-backup. SLB bonds carry significant risks with them
1046 (documented vswitchd/INTERNALS) which we want to prevent unsuspecting
1047 users from running into. Users are advised to update any scripts or
1048 configuration which may be negatively impacted by explicitly setting
1049 the bond mode which they want to use.
1050
1051
1052v1.3.0 - 09 Dec 2011
1053------------------------
1054 - OpenFlow:
1055 - Added an OpenFlow extension which allows the "output" action to accept
1056 NXM fields.
1057 - Added an OpenFlow extension for flexible learning.
1058 - Bumped number of NXM registers from four to five.
1059 - ovs-appctl:
1060 - New "version" command to determine version of running daemon.
1061 - If no argument is provided for "cfm/show", displays detailed
1062 information about all interfaces with CFM enabled.
1063 - If no argument is provided for "lacp/show", displays detailed
1064 information about all ports with LACP enabled.
1065 - ovs-dpctl:
1066 - New "set-if" command to modify a datapath port's configuration.
1067 - ovs-vswitchd:
1068 - The software switch now supports 255 OpenFlow tables, instead
1069 of just one. By default, only table 0 is consulted, but the
1070 new NXAST_RESUBMIT_TABLE action can look up in additional
1071 tables. Tables 128 and above are reserved for use by the
1072 switch itself; please use only tables 0 through 127.
1073 - Add support for 802.1D spanning tree (STP).
1074 - Fragment handling extensions:
1075 - New OFPC_FRAG_NX_MATCH fragment handling mode, in which L4
1076 fields are made available for matching in fragments with
1077 offset 0.
1078 - New NXM_NX_IP_FRAG match field for matching IP fragments (usable
1079 via "ip_frag" in ovs-ofctl).
1080 - New ovs-ofctl "get-frags" and "set-frags" commands to get and set
1081 fragment handling policy.
1082 - CAPWAP tunneling now supports an extension to transport a 64-bit key.
1083 By default it remains compatible with the old version and other
1084 standards-based implementations.
1085 - Flow setups are now processed in a round-robin manner across ports
1086 to prevent any single client from monopolizing the CPU and conducting
1087 a denial of service attack.
1088 - Added support for native VLAN tagging. A new "vlan_mode"
1089 parameter can be set for "port". Possible values: "access",
1090 "trunk", "native-tagged" and "native-untagged".
1091 - test-openflowd has been removed. Please use ovs-vswitchd instead.
1092
1093v1.2.0 - 03 Aug 2011
1094------------------------
1095 - New "ofproto" abstraction layer to ease porting to hardware
1096 switching ASICs.
1097 - Packaging for Red Hat Enterprise Linux 5.6 and 6.0.
1098 - Datapath support for Linux kernels up to 3.0.
1099 - OpenFlow:
1100 - New "bundle" and "bundle_load" action extensions.
1101 - Database:
1102 - Implement table unique constraints.
1103 - Support cooperative locking between callers.
1104 - ovs-dpctl:
1105 - New "-s" option for "show" command prints packet and byte
1106 counters for each port.
1107 - ovs-ofctl:
1108 - New "--readd" option for "replace-flows".
1109 - ovs-vsctl:
1110 - New "show" command to print an overview of configuration.
1111 - New "comment" command to add remark that explains intentions.
1112 - ovs-brcompatd has been rewritten to fix long-standing bugs.
1113 - ovs-openflowd has been renamed test-openflowd and moved into the
1114 tests directory. Its presence confused too many users. Please
1115 use ovs-vswitchd instead.
1116 - New ovs-benchmark utility to test flow setup performance.
1117 - A new log level "off" has been added. Configuring a log facility
1118 "off" prevents any messages from being logged to it. Previously,
1119 "emer" was effectively "off" because no messages were ever logged at
1120 level "emer". Now, errors that cause a process to exit are logged
1121 at "emer" level.
1122 - "configure" option --with-l26 has been renamed --with-linux, and
1123 --with-l26-source has been renamed --with-linux-source. The old
1124 names will be removed after the next release, so please update
1125 your scripts.
1126 - The "-2.6" suffix has been dropped from the datapath/linux-2.6 and
1127 datapath/linux-2.6/compat-2.6 directories.
1128 - Feature removals:
1129 - Dropped support for "tun_id_from_cookie" OpenFlow extension.
1130 Please use the extensible match extensions instead.
1131 - Removed the Maintenance_Point and Monitor tables in an effort
1132 to simplify 802.1ag configuration.
1133 - Performance and scalability improvements
1134 - Bug fixes
1135
1136v1.1.0 - 05 Apr 2011
1137------------------------
1138 - Ability to define policies over IPv6
1139 - LACP
1140 - 802.1ag CCM
1141 - Support for extensible match extensions to OpenFlow
1142 - QoS:
1143 - Support for HFSC qdisc.
1144 - Queue used by in-band control can now be configured.
1145 - Kernel:
1146 - Kernel<->userspace interface has been reworked and should be
1147 close to a stable ABI now.
1148 - "Port group" concept has been dropped.
1149 - GRE over IPSEC tunnels
1150 - Bonding:
1151 - New active backup bonding mode.
1152 - New L4 hashing support when LACP is enabled.
1153 - Source MAC hash now includes VLAN field also.
1154 - miimon support.
1155 - Greatly improved handling of large flow tables
1156 - ovs-dpctl:
1157 - "show" command now prints full vport configuration.
1158 - "dump-groups" command removed since kernel support for
1159 port groups was dropped.
1160 - ovs-vsctl:
1161 - New commands for working with the new Managers table.
1162 - "list" command enhanced with new formatting options and --columns
1163 option.
1164 - "get" command now accepts new --id option.
1165 - New "find" command.
1166 - ovs-ofctl:
1167 - New "queue-stats" command for printing queue stats.
1168 - New commands "replace-flows" and "diff-flows".
1169 - Commands to add and remove flows can now read from files.
1170 - New --flow-format option to enable or disable NXM.
1171 - New --more option to increase OpenFlow message verbosity.
1172 - Removed "tun-cookie" command, which is no longer useful.
1173 - ovs-controller enhancements for testing various features.
1174 - New ovs-vlan-test command for testing for Linux kernel driver VLAN
1175 bugs. New ovs-vlan-bug-workaround command for enabling and
1176 disabling a workaround for these driver bugs.
1177 - OpenFlow support:
1178 - "Resubmit" actions now update flow statistics.
1179 - New "register" extension for use in matching and actions, via NXM.
1180 - New "multipath" experimental action extension.
1181 - New support for matching multicast Ethernet frames, via NXM.
1182 - New extension for OpenFlow vendor error codes.
1183 - New extension to set the QoS output queue without actually
1184 sending to an output port.
1185 - Open vSwitch now reports a single flow table, instead of
1186 separate hash and wildcard tables. This better models the
1187 current implementation.
1188 - New experimental "note" action.
1189 - New "ofproto/trace" ovs-appctl command and associated utilities
1190 to ease debugging complex flow tables.
1191 - Database:
1192 - Schema documentation now includes an entity-relationship diagram.
1193 - The database is now garbage collected. In most tables,
1194 unreferenced rows will be deleted automatically.
1195 - Many tables now include statistics updated periodically by
1196 ovs-vswitchd or ovsdb-server.
1197 - Every table now has an "external-ids" column for use by OVS
1198 integrators.
1199 - There is no default controller anymore. Each bridge must have its
1200 controller individually specified.
1201 - The "fail-mode" is now a property of a Bridge instead of a Controller.
1202 - New versioning and checksum features.
1203 - New Managers table and manager_options column in Open_vSwitch table
1204 for specifying managers. The old "managers" column in the
1205 Open_vSwitch table has been removed.
1206 - Many "name" columns are now immutable.
1207 - Feature removals:
1208 - Dropped support for XenServer pre-5.6.100.
1209 - Dropped support for Linux pre-2.6.18.
1210 - Dropped controller discovery support.
1211 - Dropped "ovs-ofctl status" and the OpenFlow extension that it used.
1212 Statistics reporting in the database is a rough equivalent.
1213 - Dropped the "corekeeper" package (now separate, at
1214 http://openvswitch.org/cgi-bin/gitweb.cgi?p=corekeeper).
1215 - Performance and scalability improvements
1216 - Bug fixes
1217
1218v1.1.0pre2 - 13 Sep 2010
1219------------------------
1220 - Bug fixes
1221
1222v1.1.0pre1 - 31 Aug 2010
1223------------------------
1224 - OpenFlow 1.0 slicing (QoS) functionality
1225 - Python bindings for configuration database (no write support)
1226 - Performance and scalability improvements
1227 - Bug fixes
1228
1229v1.0.1 - 31 May 2010
1230--------------------
1231 - New "patch" interface type
1232 - Bug fixes
1233
1234v1.0.0 - 15 May 2010
1235--------------------
1236 - Configuration database with remote management
1237 - OpenFlow 1.0
1238 - GRE tunneling
1239 - Support for XenServer 5.5 and 5.6
1240 - Performance and scalability improvements
1241 - Bug fixes
1242
1243v0.99.2 - 18 Feb 2010
1244---------------------
1245 - Bug fixes
1246
1247v0.99.1 - 25 Jan 2010
1248---------------------
1249 - Add support for sFlow(R)
1250 - Make headers compatible with C++
1251 - Bug fixes
1252
1253v0.99.0 - 14 Jan 2010
1254---------------------
1255 - User-space forwarding engine
1256 - Bug fixes
1257
1258v0.90.7 - 29 Nov 2009
1259---------------------
1260 - Add support for NetFlow active timeouts
1261 - Bug fixes
1262
1263v0.90.6 - 6 Oct 2009
1264--------------------
1265 - Bug fixes
1266
1267v0.90.5 - 21 Sep 2009
1268---------------------
1269 - Generalize in-band control to more diverse network setups
1270 - Bug fixes
openvswitch mirror