A survey of open networking standards, part 2: Open vSwitch
April 30, 2015
The first open networking standard I looked at was OpenDaylight, the open SDN controller project. In this posting, I'll dig into Open vSwitch, the vir...
The first open networking standard I looked at was OpenDaylight, the open SDN controller project. In this posting, I’ll dig into Open vSwitch, the virtual switch initiative under the Apache 2.0 license.
Open vSwitch: open virtual switching
Virtual switching isn’t a new concept. VMware pioneered server virtualization, which allowed virtual switches to replace physical ones, meaning that a software stack running on a server that hosts VMs can run switching functionality that connects to virtual or logical Ethernet ports. The major difference between virtual switches such as Open vSwitch (OVS) and legacy virtual L2 bridges such as those included in Linux is that they are designed to handle highly dynamic cloud environments where network state (both configured and real time) may need to move between hosts using vSwitch instances.
While there are proprietary virtual switch solutions such as the Cisco Nexus 1000V and the VMware vSphere Distributed Switch (vDS), Open vSwitch is both the most prominent open-source alternative and an increasingly important fixture of other open-source networking projects. OVS works on Linux hypervisors such as Xen and KVM, is the default in Xen Cloud Platform and XenServer 6.0, and is integrated into OpenStack, which we’ll look at in a subsequent part of this series. The kernel datapath module is also now included directly in Linux.
Designed to enable network control via OpenFlow and management via the Open vSwitch Database protocol, OVS functions as a soft switch and is also able to offload dataplane processing to switching silicon on network interface controllers (NICs) or external hardware switches. Just a few of its important features include:
· Support for tunneling protocols such as VXLAN and IPsec
· OpenFlow compatibility, including numerous extensions for virtualization
· Traffic policing for each VM interface.
· Use of the Link Aggregation Control Protocol (LACP) for link aggregation
· Compatibility with IPv6
The design of Open vSwitch
Open vSwitch is comprised primarily of a number of control plane components that live in the user space, plus the kernel module, which handles the actual data plane functions.
· Ovs-vswitchd: The most important component is Ovs-vswitchd, which runs the switch. It talks directly with the OVS kernel module via the netlink protocol. If an outbound packet handled by the kernel doesn’t have a cache entry determining how it should be forwarded, the kernel messages the Ovs-vswitchd, which does a look up in the database to find a flow table entry that matches the packet in question. The forwarding instructions are messaged back to the kernel, which establishes a cache entry. Ovs-vswitchd can also communicate with OpenFlow controllers.
· Ovs-dbserver: This server supports the management plane functionality to Ovs-vswitchd, storing all configuration changes typically using OVS’ OVSDB schema. It provides the JSON-RPC-based OVSDB protocol to external OVS clients that are used to configure the switch.
Unlike the Cisco Nexus 1000V or VMware’s solution, OVS does not have a native SDN controller. It is designed instead to work with third-party controllers and cloud orchestrators, so OpenDaylight or the OpenStack Neutron OpenFlow and OVSDB plugins could be used.
Open vSwitch and SDN
OVS has been instrumental in the progress of SDN innovation, since it is both open and high performance.
“Open vSwitch is the most popular network back-end for OpenStack deployments and widely accepted as the de facto standard OpenFlow implementation,” explained OVS contributors Justin Pettit, Ben Pfaff, and Ethan Jackson in a post for Network Heresy. “For Open vSwitch to be successful, it not only must be highly programmable and general, it must also be blazingly fast. For the past several years, our development efforts have focused on precisely this tension – building a software switch that does not compromise on either generality or speed.”
OVS performance has dramatically improved over the past several releases. For example, features such as kernel cache megaflow support (based on field wildcarding) that allow the kernel to send fewer exceptions to ovs-vswitchd, and classifier improvements in ovs-vswitchd such as Priority Sorting, Staged Lookup, and Prefix Tracking, dramatically reduce the number of megaflows pushed into the kernel from millions to dozens. OVS 2.0 also made ovs-vswitchd a multithreaded process, and enabled better separation of real-time and management-plane tasks.
The takeaway: Open vSwitch is a prominent open-source project for Linux-based virtual switches. An alternative to Cisco and VMware solutions, it is a primary innovation platform and the recognized standard open switch for use with OpenFlow. Key features include its utilization of the OpenFlow control plane, its highly flexible OVSDB protocol for the management plane, its ability to offload dataplane handling to hardware, and its high-performance design and advancement over time.