-Post-v2.4.0
+Post-v2.6.0
+---------------------
+ - Fixed regression in table stats maintenance introduced in OVS
+ 2.3.0, wherein the number of OpenFlow table hits and misses was
+ not accurate.
+ - OpenFlow:
+ * OFPT_PACKET_OUT messages are now supported in bundles.
+ * A new "selection_method=dp_hash" type for OpenFlow select group
+ bucket selection that uses the datapath computed 5-tuple hash
+ without making datapath flows match the 5-tuple fields, which
+ is useful for more efficient load balancing, for example. This
+ uses the Netronome extension to OpenFlow 1.5+ that allows
+ control over the OpenFlow select groups selection method. See
+ "selection_method" and related options in ovs-ofctl(8) for
+ details.
+ - ovs-ofctl:
+ * 'bundle' command now supports packet-out messages.
+ * New syntax for 'ovs-ofctl packet-out' command, which uses the
+ same string parser as the 'bundle' command. The old 'packet-out'
+ syntax is deprecated and will be removed in a later OVS
+ release.
+ * New unixctl "ofctl/packet-out" command, which can be used to
+ instruct a flow monitor to issue OpenFlow packet-out messages.
+ - Tunnels:
+ * TLV mappings for protocols such as Geneve are now segregated on
+ a per-OpenFlow bridge basis rather than globally. (The interface
+ has not changed.)
+
+v2.6.0 - xx xxx xxxx
+---------------------
+ - First supported release of OVN. See ovn-architecture(7) for more
+ details.
+ - ovsdb-server:
+ * New "monitor_cond" "monitor_cond_update" and "update2" extensions to
+ RFC 7047.
+ - OpenFlow:
+ * OpenFlow 1.3+ bundles now expire after 10 seconds since the
+ last time the bundle was either opened, modified, or closed.
+ * OpenFlow 1.3 Extension 230, adding OpenFlow Bundles support, is
+ now implemented.
+ * OpenFlow 1.3+ bundles are now supported for group mods as well as
+ flow mods and port mods. Both 'atomic' and 'ordered' bundle
+ flags are supported for group mods as well as flow mods.
+ * Internal OpenFlow rule representation for load and set-field
+ actions is now much more memory efficient. For a complex flow
+ table this can reduce rule memory consumption by 40%.
+ * Bundles are now much more memory efficient than in OVS 2.5.
+ Together with memory efficiency improvements in OpenFlow rule
+ representation, the peak OVS resident memory use during a
+ bundle commit for large complex set of flow mods can be only
+ 25% of that in OVS 2.5 (4x lower).
+ * OpenFlow 1.1+ OFPT_QUEUE_GET_CONFIG_REQUEST now supports OFPP_ANY.
+ * OpenFlow 1.4+ OFPMP_QUEUE_DESC is now supported.
+ * OpenFlow 1.4+ OFPT_TABLE_STATUS is now supported.
+ * New property-based packet-in message format NXT_PACKET_IN2 with support
+ for arbitrary user-provided data and for serializing flow table
+ traversal into a continuation for later resumption.
+ * New extension message NXT_SET_ASYNC_CONFIG2 to allow OpenFlow 1.4-like
+ control over asynchronous messages in earlier versions of OpenFlow.
+ * New OpenFlow extension NXM_NX_MPLS_TTL to provide access to MPLS TTL.
+ * New output option, output(port=N,max_len=M), to allow truncating a
+ packet to size M bytes when outputting to port N.
+ * New command OFPGC_ADD_OR_MOD for OFPT_GROUP_MOD message that adds a
+ new group or modifies an existing groups
+ * The optional OpenFlow packet buffering feature is deprecated in
+ this release, and will be removed in the next OVS release
+ (2.7). After the change OVS always sends the 'buffer_id' as
+ 0xffffffff in packet-in messages and will send an error
+ response if any other value of this field is included in
+ packet-out and flow mod sent by a controller. Controllers are
+ already expected to work properly in cases where the switch can
+ not buffer packets, so this change should not affect existing
+ users.
+ * New OpenFlow extension NXT_CT_FLUSH_ZONE to flush conntrack zones.
+ - Improved OpenFlow version compatibility for actions:
+ * New OpenFlow extension to support the "group" action in OpenFlow 1.0.
+ * OpenFlow 1.0 "enqueue" action now properly translated to OpenFlow 1.1+.
+ * OpenFlow 1.1 "mod_nw_ecn" and OpenFlow 1.1+ "mod_nw_ttl" actions now
+ properly translated to OpenFlow 1.0.
+ - ovs-ofctl:
+ * queue-get-config command now allows a queue ID to be specified.
+ * '--bundle' option can now be used with OpenFlow 1.3 and with group mods.
+ * New "bundle" command allows executing a mixture of flow and group mods
+ as a single atomic transaction.
+ * New option "--color" to produce colorized output for some commands.
+ * New option '--may-create' to use OFPGC_ADD_OR_MOD in mod-group command.
+ - IPFIX:
+ * New "sampling_port" option for "sample" action to allow sampling
+ ingress and egress tunnel metadata with IPFIX.
+ * New ovs-ofctl commands "dump-ipfix-bridge" and "dump-ipfix-flow" to
+ dump bridge IPFIX statistics and flow based IPFIX statistics.
+ * New setting other-config:virtual_obs_id to add an arbitrary string
+ to IPFIX records.
+ - Linux:
+ * OVS Linux datapath now implements Conntrack NAT action with all
+ supported Linux kernels.
+ * Support for truncate action.
+ * New QoS type "linux-noop" that prevents Open vSwitch from trying to
+ manage QoS for a given port (useful when other software manages QoS).
+ - DPDK:
+ * New option "n_rxq" for PMD interfaces.
+ Old 'other_config:n-dpdk-rxqs' is no longer supported.
+ Not supported by vHost interfaces. For them number of rx and tx queues
+ is applied from connected virtio device.
+ * New 'other_config:pmd-rxq-affinity' field for PMD interfaces, that
+ allows to pin port's rx queues to desired cores.
+ * New appctl command 'dpif-netdev/pmd-rxq-show' to check the port/rxq
+ assignment.
+ * Type of log messages from PMD threads changed from INFO to DBG.
+ * QoS functionality with sample egress-policer implementation.
+ * The mechanism for configuring DPDK has changed to use database
+ * Sensible defaults have been introduced for many of the required
+ configuration options
+ * DB entries have been added for many of the DPDK EAL command line
+ arguments. Additional arguments can be passed via the dpdk-extra
+ entry.
+ * Add ingress policing functionality.
+ * PMD threads servicing vHost User ports can now come from the NUMA
+ node that device memory is located on if CONFIG_RTE_LIBRTE_VHOST_NUMA
+ is enabled in DPDK.
+ * Basic connection tracking for the userspace datapath (no ALG,
+ fragmentation or NAT support yet)
+ * Support for DPDK 16.07
+ * Optional support for DPDK pdump enabled.
+ * Jumbo frame support
+ * Remove dpdkvhostcuse port type.
+ * OVS client mode for vHost and vHost reconnect (Requires QEMU 2.7)
+ * 'dpdkvhostuserclient' port type.
+ - Increase number of registers to 16.
+ - ovs-benchmark: This utility has been removed due to lack of use and
+ bitrot.
+ - ovs-appctl:
+ * New "vlog/close" command.
+ - ovs-ctl:
+ * Added the ability to selectively start the forwarding and database
+ functions (ovs-vswitchd and ovsdb-server, respectively).
+ - ovsdb-server:
+ * Remove max number of sessions limit, to enable connection scaling
+ testing.
+ - python:
+ * Added support for Python 3.4+ in addition to existing support
+ for 2.7+.
+ - SELinux:
+ * Introduced SELinux policy package.
+ - Datapath Linux kernel compatibility.
+ * Dropped support for kernel older than 3.10.
+ * Removed VLAN splinters feature.
+ * Datapath supports kernel upto 4.7.
+ - Tunnels:
+ * Flow based tunnel match and action can be used for IPv6 address using
+ tun_ipv6_src, tun_ipv6_dst fields.
+ * Added support for IPv6 tunnels, for details checkout FAQ.
+ * Deprecated support for IPsec tunnels ports.
+ - A wrapper script, 'ovs-tcpdump', to easily port-mirror an OVS port and
+ watch with tcpdump
+ - Introduce --no-self-confinement flag that allows daemons to work with
+ sockets outside their run directory.
+ - ovs-pki: Changed message digest algorithm from SHA-1 to SHA-512 because
+ SHA-1 is no longer secure and some operating systems have started to
+ disable it in OpenSSL.
+ - Add 'mtu_request' column to the Interface table. It can be used to
+ configure the MTU of the ports.
+
+Known issues:
+ - Using openvswitch module in conjunction with upstream Linux tunnels:
+ * When using the openvswitch module distributed with OVS against kernel
+ versions 4.4 to 4.6, the openvswitch module cannot be loaded or used at
+ the same time as "ip_gre".
+ - Conntrack FTP ALGs: When using the openvswitch module distributed with
+ OVS, particular Linux distribution kernels versions may provide diminished
+ functionality. This typically affects active FTP data connections when
+ using "actions=ct(alg=ftp),..." in flow tables. Specifically:
+ * Centos 7.1 kernels (3.10.0-2xx) kernels are unable to correctly set
+ up expectations for FTP data connections in multiple zones,
+ eg "actions=ct(zone=1,alg=ftp),ct(zone=2,alg=ftp),...". Executing the
+ "ct" action for subsequent data connections may fail to determine that
+ the data connection is "related" to an existing connection.
+ * Centos 7.2 kernels (3.10.0-3xx) kernels may not establish FTP ALG state
+ correctly for NATed connections. As a result, flows that perform NAT,
+ eg "actions=ct(nat,ftp=alg,table=1),..." may fail to NAT the packet,
+ and will populate the "ct_state=inv" bit in the flow.
+
+
+v2.5.0 - 26 Feb 2016
---------------------
- Dropped support for Python older than version 2.7. As a consequence,
using Open vSwitch 2.5 or later on XenServer 6.5 or earlier (which
now supported.
* OpenFlow 1.4+ "importance" is now considered for flow eviction.
* OpenFlow 1.4+ OFPTC_EVICTION is now implemented.
+ * OpenFlow 1.4+ OFPTC_VACANCY_EVENTS is now implemented.
* OpenFlow 1.4+ OFPMP_TABLE_DESC is now implemented.
- - Support for matching/generating options as well as the OAM bit with
- Geneve tunnels.
+ * Allow modifying the ICMPv4/ICMPv6 type and code fields.
+ * OpenFlow 1.4+ OFPT_SET_ASYNC_CONFIG and OFPT_GET_ASYNC_CONFIG are
+ now implemented.
+ - ovs-ofctl:
+ * New "out_group" keyword for OpenFlow 1.1+ matching on output group.
+ - Tunnels:
+ * Geneve tunnels can now match and set options and the OAM bit.
+ * The nonstandard GRE64 tunnel extension has been dropped.
- Support Multicast Listener Discovery (MLDv1 and MLDv2).
- Add 'symmetric_l3l4' and 'symmetric_l3l4+udp' hash functions.
- sFlow agent now reports tunnel and MPLS structures.
- - Added OpenFlow 1.4+ OFPT_SET_ASYNC_CONFIG and OFPT_GET_ASYNC_CONFIG
- that allows controllers to have more precise control over OpenFlow1.4
- asynchronous messages.
- New 'check-system-userspace', 'check-kmod' and 'check-kernel' Makefile
targets to run a new system testsuite. These tests can be run inside
a Vagrant box. See INSTALL.md for details
- - Dropped support for GRE64 tunnel.
- Mark --syslog-target argument as deprecated. It will be removed in
the next OVS release.
- Added --user option to all daemons
- Add support for connection tracking through the new "ct" action
- and "ct_state"/"ct_zone" match fields. Only available on Linux kernels
- with the connection tracking module loaded.
-
+ and "ct_state"/"ct_zone"/"ct_mark"/"ct_label" match fields. Only
+ available on Linux kernels with the connection tracking module loaded.
+ - Add experimental version of OVN. OVN, the Open Virtual Network, is a
+ system to support virtual network abstraction. OVN complements the
+ existing capabilities of OVS to add native support for virtual network
+ abstractions, such as virtual L2 and L3 overlays and security groups.
+ - RHEL packaging:
+ * DPDK ports may now be created via network scripts (see README.RHEL).
+ - DPDK:
+ * Requires DPDK 2.2
+ * Added multiqueue support to vhost-user
+ * Note: QEMU 2.5+ required for multiqueue support
v2.4.0 - 20 Aug 2015
---------------------