-Post-v2.6.0
+Post-v2.7.0
+---------------------
+ - ovs-ofctl can now accept and display port names in place of numbers. By
+ default it always accepts names and in interactive use it displays them;
+ use --names or --no-names to override. See ovs-ofctl(8) for details.
+ - Tunnels:
+ * Added support to set packet mark for tunnel endpoint using
+ `egress_pkt_mark` OVSDB option.
+ * When using Linux kernel datapath tunnels may be created using rtnetlink.
+ This will allow us to take advantage of new tunnel features without
+ having to make changes to the vport modules.
+ - EMC insertion probability is reduced to 1% and is configurable via
+ the new 'other_config:emc-insert-inv-prob' option.
+ - DPDK:
+ * DPDK log messages redirected to OVS logging subsystem.
+ Log level can be changed in a usual OVS way using
+ 'ovs-appctl vlog' commands for 'dpdk' module. Lower bound
+ still can be configured via extra arguments for DPDK EAL.
+ - IPFIX now provides additional counters:
+ * Total counters since metering process startup.
+ * Per-flow TCP flag counters.
+ - New support for multiple VLANs (802.1ad or "QinQ"), including a new
+ "dot1q-tunnel" port VLAN mode.
+ - In ovn-vsctl and vtep-ctl, record UUIDs in commands may now be
+ abbreviated to 4 hex digits.
+ - Userspace Datapath:
+ * Added NAT support for userspace datapath.
+ - OVN:
+ * New built-in DNS support.
+ * IPAM for IPv4 can now exclude user-defined addresses from assignment.
+ * IPAM can now assign IPv6 addresses.
+ * Make the DHCPv4 router setting optional.
+ * Gratuitous ARP for NAT addresses on a distributed logical router.
+ * Allow ovn-controller SSL configuration to be obtained from vswitchd
+ database.
+ * ovn-trace now has basic support for tracing distributed firewalls.
+ * In ovn-nbctl and ovn-sbctl, record UUIDs in commands may now be
+ abbreviated to 4 hex digits.
+ * "ovn-sbctl lflow-list" can now print OpenFlow flows that correspond
+ to logical flows.
+ * Now uses OVSDB RBAC support to reduce impact of compromised hypervisors.
+ - OVSDB:
+ * New support for role-based access control (see ovsdb-server(1)).
+ - Add the command 'ovs-appctl stp/show' (see ovs-vswitchd(8)).
+ - OpenFlow:
+ * All features required by OpenFlow 1.4 are now implemented, so
+ ovs-vswitchd now enables OpenFlow 1.4 by default (in addition to
+ OpenFlow 1.0 to 1.3).
+ * Increased support for OpenFlow 1.6 (draft).
+ * Bundles now support hashing by just nw_src or nw_dst.
+ * The "learn" action now supports a "limit" option (see ovs-ofctl(8)).
+ * The port status bit OFPPS_LIVE now reflects link aliveness.
+ * OpenFlow 1.5 packet-out is now supported.
+ - Fedora Packaging:
+ * OVN services are no longer restarted automatically after upgrade.
+ - Add --cleanup option to command 'ovs-appctl exit' (see ovs-vswitchd(8)).
+ - L3 tunneling:
+ * Add "layer3" options for tunnel ports that support non-Ethernet (L3)
+ payload (GRE, VXLAN-GPE).
+ * New vxlan tunnel extension "gpe" to support VXLAN-GPE tunnels.
+ * Transparently pop and push Ethernet headers at transmit/reception
+ of packets to/from L3 tunnels.
+ - The BFD detection multiplier is now user-configurable.
+
+v2.7.0 - 21 Feb 2017
---------------------
- Utilities and daemons that support SSL now allow protocols and
ciphers to be configured with --ssl-protocols and --ssl-ciphers.
* DSCP marking is now supported, via the new northbound QoS table.
* IPAM now supports fixed MAC addresses.
* Support for source IP address based routing.
- * ovn-trace can now trace put_dhcp_opts and put_dhcp_optsv6 actions.
+ * ovn-trace:
+ - New --ovs option to also print OpenFlow flows.
+ - put_dhcp_opts and put_dhcp_optsv6 actions may now be traced.
* Support for managing SSL and remote connection configuration in
- northbound database.
+ northbound and southbound databases.
+ * TCP connections to northbound and southbound databases are no
+ longer enabled by default and must be explicitly configured.
+ See documentation for ovn-sbctl/ovn-nbctl "set-connection"
+ command or the ovn-ctl "--db-sb-create-insecure-remote" and
+ "--db-nb-create-insecure-remote" command-line options for
+ information regarding remote connection configuration.
+ * New appctl "inject-pkt" command in ovn-controller that allows
+ packets to be injected into the connected OVS instance.
+ * Distributed logical routers may now be connected directly to
+ logical switches with localnet ports, by specifying a
+ "redirect-chassis" on the distributed gateway port of the
+ logical router. NAT rules may be specified directly on the
+ distributed logical router, and are handled either centrally on
+ the "redirect-chassis", or in many cases are handled locally on
+ the hypervisor where the corresponding logical port resides.
+ Gratuitous ARP for NAT addresses on a distributed logical
+ router is not yet supported, but will be added in a future
+ version.
- Fixed regression in table stats maintenance introduced in OVS
2.3.0, wherein the number of OpenFlow table hits and misses was
not accurate.
"selection_method" and related options in ovs-ofctl(8) for
details.
* The "sample" action now supports "ingress" and "egress" options.
+ * The "ct" action now supports the TFTP ALG where support is available.
+ * New actions "clone" and "ct_clear".
+ * The "meter" action is now supported in the userspace datapath.
- ovs-ofctl:
* 'bundle' command now supports packet-out messages.
* New syntax for 'ovs-ofctl packet-out' command, which uses the
* New option 'n_rxq_desc' and 'n_txq_desc' fields for DPDK interfaces
which set the number of rx and tx descriptors to use for the given port.
* Support for DPDK v16.11.
+ * Support for rx checksum offload. Refer DPDK HOWTO for details.
+ * Port Hotplug is now supported.
+ * DPDK physical ports can now have arbitrary names. The PCI address of
+ the device must be set using the 'dpdk-devargs' option. Compatibility
+ with the old dpdk<portid> naming scheme is broken, and as such a
+ device will not be available for use until a valid dpdk-devargs is
+ specified.
+ * Virtual DPDK Poll Mode Driver (vdev PMD) support.
+ * Removed experimental tag.
- Fedora packaging:
* A package upgrade does not automatically restart OVS service.
- ovs-vswitchd/ovs-vsctl:
* Ports now have a "protected" flag. Protected ports can not forward
frames to other protected ports. Unprotected ports can receive and
forward frames to protected and other unprotected ports.
+ - ovs-vsctl, ovn-nbctl, ovn-sbctl, vtep-ctl:
+ * Database commands now accept integer ranges, e.g. "set port
+ eth0 trunks=1-10" to enable trunking VLANs 1 to 10.
v2.6.0 - 27 Sep 2016
---------------------