NameDateSize

..16-Mar-201612 KiB

.gitignore12-Oct-2015687

.travis/12-Oct-20154 KiB

.travis.yml09-Nov-2015722

acinclude.m409-Dec-201534.3 KiB

appveyor.yml31-Aug-20151.4 KiB

AUTHORS15-Dec-201518.5 KiB

boot.sh06-May-201440

build-aux/14-Dec-20154 KiB

CodingStyle.md23-Feb-201519.3 KiB

configure.ac09-Dec-20156.1 KiB

CONTRIBUTING.md10-Dec-201514.7 KiB

COPYING24-Jun-20151.6 KiB

datapath/11-Dec-20154 KiB

datapath-windows/14-Dec-20154 KiB

debian/09-Dec-20154 KiB

DESIGN.md26-Aug-201546.1 KiB

Documentation/12-Oct-20154 KiB

FAQ.md14-Dec-201588.8 KiB

include/02-Oct-20144 KiB

INSTALL.Debian.md05-Nov-20143.2 KiB

INSTALL.Docker.md16-Nov-20158.6 KiB

INSTALL.DPDK.md09-Nov-201533.7 KiB

INSTALL.Fedora.md05-Nov-20142.9 KiB

INSTALL.KVM.md05-Nov-20142.3 KiB

INSTALL.Libvirt.md05-Nov-20142.2 KiB

INSTALL.md12-Oct-201527.4 KiB

INSTALL.NetBSD.md05-Nov-20141.2 KiB

INSTALL.RHEL.md05-Nov-20146 KiB

INSTALL.SSL.md30-Nov-201512.4 KiB

INSTALL.userspace.md09-Apr-20153 KiB

INSTALL.Windows.md12-Oct-201520.4 KiB

INSTALL.XenServer.md24-Jun-20158.3 KiB

IntegrationGuide.md29-Oct-20147.7 KiB

lib/15-Dec-201512 KiB

m4/15-Dec-20154 KiB

Makefile.am14-Oct-201512.2 KiB

manpages.mk24-Aug-20156.6 KiB

NEWS14-Dec-201541.8 KiB

NOTICE04-Mar-20151.3 KiB

ofproto/11-Dec-20154 KiB

OPENFLOW-1.1+.md17-Jun-201510.5 KiB

ovn/30-Nov-20154 KiB

ovsdb/15-Dec-20154 KiB

PORTING.md05-Nov-201414.2 KiB

python/24-Jun-20154 KiB

README-lisp.md29-Oct-20143.9 KiB

README-native-tunneling.md26-Aug-20153.3 KiB

README.md03-Dec-20144.6 KiB

REPORTING-BUGS.md07-Jan-20151.7 KiB

rhel/30-Nov-20154 KiB

SECURITY.md02-Feb-20156.4 KiB

tests/14-Dec-20154 KiB

third-party/16-Mar-20154 KiB

TODO.md09-Nov-201510.7 KiB

tutorial/16-Nov-20154 KiB

utilities/09-Dec-20154 KiB

Vagrantfile30-Nov-20152 KiB

vswitchd/09-Nov-20154 KiB

vtep/30-Nov-20154 KiB

WHY-OVS.md29-Oct-20145.4 KiB

windows/12-Oct-20154 KiB

xenserver/30-Nov-20154 KiB

README-lisp.md

1Using LISP tunneling
2====================
3
4LISP is a layer 3 tunneling mechanism, meaning that encapsulated packets do
5not carry Ethernet headers, and ARP requests shouldn't be sent over the
6tunnel.  Because of this, there are some additional steps required for setting
7up LISP tunnels in Open vSwitch, until support for L3 tunnels will improve.
8
9This guide assumes tunneling between two VMs connected to OVS bridges on
10different hypervisors reachable over IPv4.  Of course, more than one VM may be
11connected to any of the hypervisors, and a hypervisor may communicate with
12several different hypervisors over the same lisp tunneling interface.  A LISP
13"map-cache" can be implemented using flows, see example at the bottom of this
14file.
15
16There are several scenarios:
17
18  1) the VMs have IP addresses in the same subnet and the hypervisors are also
19     in a single subnet (although one different from the VM's);
20  2) the VMs have IP addresses in the same subnet but the hypervisors are
21     separated by a router;
22  3) the VMs are in different subnets.
23
24In cases 1) and 3) ARP resolution can work as normal: ARP traffic is
25configured not to go through the LISP tunnel.  For case 1) ARP is able to
26reach the other VM, if both OVS instances default to MAC address learning.
27Case 3) requires the hypervisor be configured as the default router for the
28VMs.
29
30In case 2) the VMs expect ARP replies from each other, but this is not
31possible over a layer 3 tunnel.  One solution is to have static MAC address
32entries preconfigured on the VMs (e.g., `arp -f /etc/ethers` on startup on
33Unix based VMs), or have the hypervisor do proxy ARP.  In this scenario, the
34eth0 interfaces need not be added to the br0 bridge in the examples below.
35
36On the receiving side, the packet arrives without the original MAC header.
37The LISP tunneling code attaches a header with harcoded source and destination
38MAC address 02:00:00:00:00:00.  This address has all bits set to 0, except the
39locally administered bit, in order to avoid potential collisions with existing
40allocations.  In order for packets to reach their intended destination, the
41destination MAC address needs to be rewritten.  This can be done using the
42flow table.
43
44See below for an example setup, and the associated flow rules to enable LISP
45tunneling.
46
47               +---+                               +---+
48               |VM1|                               |VM2|
49               +---+                               +---+
50                 |                                   |
51            +--[tap0]--+                       +--[tap0]---+
52            |          |                       |           |
53        [lisp0] OVS1 [eth0]-----------------[eth0] OVS2 [lisp0]
54            |          |                       |           |
55            +----------+                       +-----------+
56
57On each hypervisor, interfaces tap0, eth0, and lisp0 are added to a single
58bridge instance, and become numbered 1, 2, and 3 respectively:
59
60    ovs-vsctl add-br br0
61    ovs-vsctl add-port br0 tap0
62    ovs-vsctl add-port br0 eth0
63    ovs-vsctl add-port br0 lisp0 -- set Interface lisp0 type=lisp options:remote_ip=flow options:key=flow
64
65The last command sets up flow based tunneling on the lisp0 interface.  From
66the LISP point of view, this is like having the Tunnel Router map cache
67implemented as flow rules.
68
69Flows on br0 should be configured as follows:
70
71    priority=3,dl_dst=02:00:00:00:00:00,action=mod_dl_dst:<VMx_MAC>,output:1
72    priority=2,in_port=1,dl_type=0x0806,action=NORMAL
73    priority=1,in_port=1,dl_type=0x0800,vlan_tci=0,nw_src=<EID_prefix>,action=set_field:<OVSx_IP>->tun_dst,output:3
74    priority=0,action=NORMAL
75
76The third rule is like a map cache entry:  the <EID_prefix> specified by the
77nw_src match field is mapped to the RLOC <OVSx_IP>, which is set as the tunnel
78destination for this particular flow.
79
80Optionally, if you want to use Instance ID in a flow, you can add
81"set_tunnel:<IID>" to the action list.
82

README-native-tunneling.md

1Native Tunneling in Open vSwitch userspace
2------------------------------------------
3
4Open vSwitch supports tunneling in userspace. Tunneling is implemented in
5platform independent way.
6
7Setup:
8======
9Setup physical bridges for all physical interfaces. Create integration bridge.
10Add VXLAN port to int-bridge. Assign IP address to physical bridge where
11VXLAN traffic is expected.
12
13Example:
14========
15Connect to VXLAN tunnel endpoint logical ip: 192.168.1.2 and 192.168.1.1.
16
17Configure OVS bridges as follows.
18
191. Lets assume 172.168.1.2/24 network is reachable via eth1 create physical bridge br-eth1
20   assign ip address (172.168.1.1/24) to br-eth1, Add eth1 to br-eth1
212. Check ovs cached routes using appctl command
22   ovs-appctl ovs/route/show
23   Add tunnel route if not present in OVS route table.
24   ovs-appctl ovs/route/add 172.168.1.1/24 br-eth1
253. Add integration bridge int-br and add tunnel port using standard syntax.
26   ovs-vsctl add-port int-br vxlan0 -- set interface vxlan0 type=vxlan  options:remote_ip=172.168.1.2
274. Assign IP address to int-br, So final topology looks like:
28
29                 192.168.1.1/24
30                +--------------+
31                |    int-br    |                                    192.168.1.2/24
32                +--------------+                                   +--------------+
33                |    vxlan0    |                                   |    vxlan0    |
34                +--------------+                                   +--------------+
35                       |                                                  |
36                       |                                                  |
37                       |                                                  |
38                 172.168.1.1/24                                           |
39                +--------------+                                          |
40                |    br-eth1   |                                   172.168.1.2/24
41                +--------------+                                  +---------------+
42                |    eth1      |----------------------------------|      eth1     |
43                +--------------+                                  +---------------+
44
45                Host A with OVS.                                      Remote host.
46
47With this setup, ping to VXLAN target device (192.168.1.2) should work
48There are following commands that shows internal tables:
49
50Tunneling related commands:
51===========================
52Tunnel routing table:
53    To Add route:
54       ovs-appctl ovs/route/add <IP address>/<prefix length> <output-bridge-name> <gw>
55    To see all routes configured:
56       ovs-appctl ovs/route/show
57    To del route:
58       ovs-appctl ovs/route/del <IP address>/<prefix length>
59    To look up and display the route for a destination:
60       ovs-appctl ovs/route/lookup <IP address>
61
62ARP:
63    To see arp cache content:
64       ovs-appctl tnl/arp/show
65    To flush arp cache:
66       ovs-appctl tnl/arp/flush
67
68To check tunnel ports listening in vswitchd:
69     ovs-appctl tnl/ports/show
70
71To set range for VxLan udp source port:
72     To set:
73         ovs-appctl tnl/egress_port_range <num1> <num2>
74     Shows Current range:
75         ovs-appctl tnl/egress_port_range
76
77To check datapath ports:
78     ovs-appctl dpif/show
79
80To check datapath flows:
81     ovs-appctl dpif/dump-flows
82
83Contact
84=======
85bugs@openvswitch.org
86

README.md

1Open vSwitch
2============
3
4Build Status:
5-------------
6
7[![Build Status](https://travis-ci.org/openvswitch/ovs.png)](https://travis-ci.org/openvswitch/ovs)
8
9What is Open vSwitch?
10---------------------
11
12Open vSwitch is a multilayer software switch licensed under the open
13source Apache 2 license.  Our goal is to implement a production
14quality switch platform that supports standard management interfaces
15and opens the forwarding functions to programmatic extension and
16control.
17
18Open vSwitch is well suited to function as a virtual switch in VM
19environments.  In addition to exposing standard control and visibility
20interfaces to the virtual networking layer, it was designed to support
21distribution across multiple physical servers.  Open vSwitch supports
22multiple Linux-based virtualization technologies including
23Xen/XenServer, KVM, and VirtualBox.
24
25The bulk of the code is written in platform-independent C and is
26easily ported to other environments.  The current release of Open
27vSwitch supports the following features:
28
29* Standard 802.1Q VLAN model with trunk and access ports
30* NIC bonding with or without LACP on upstream switch
31* NetFlow, sFlow(R), and mirroring for increased visibility
32* QoS (Quality of Service) configuration, plus policing
33* Geneve, GRE, GRE over IPSEC, VXLAN, and LISP tunneling
34* 802.1ag connectivity fault management
35* OpenFlow 1.0 plus numerous extensions
36* Transactional configuration database with C and Python bindings
37* High-performance forwarding using a Linux kernel module
38
39The included Linux kernel module supports Linux 2.6.32 and up, with
40testing focused on 2.6.32 with Centos and Xen patches.  Open vSwitch
41also has special support for Citrix XenServer and Red Hat Enterprise
42Linux hosts.
43
44Open vSwitch can also operate, at a cost in performance, entirely in
45userspace, without assistance from a kernel module.  This userspace
46implementation should be easier to port than the kernel-based switch.
47It is considered experimental.
48
49What's here?
50------------
51
52The main components of this distribution are:
53
54* ovs-vswitchd, a daemon that implements the switch, along with
55  a companion Linux kernel module for flow-based switching.
56* ovsdb-server, a lightweight database server that ovs-vswitchd
57  queries to obtain its configuration.
58* ovs-dpctl, a tool for configuring the switch kernel module.
59* Scripts and specs for building RPMs for Citrix XenServer and Red
60  Hat Enterprise Linux.  The XenServer RPMs allow Open vSwitch to
61  be installed on a Citrix XenServer host as a drop-in replacement
62  for its switch, with additional functionality.
63* ovs-vsctl, a utility for querying and updating the configuration
64  of ovs-vswitchd.
65* ovs-appctl, a utility that sends commands to running Open
66      vSwitch daemons.
67
68Open vSwitch also provides some tools:
69
70* ovs-ofctl, a utility for querying and controlling OpenFlow
71  switches and controllers.
72* ovs-pki, a utility for creating and managing the public-key
73  infrastructure for OpenFlow switches.
74* ovs-testcontroller, a simple OpenFlow controller that may be useful
75  for testing (though not for production).
76* A patch to tcpdump that enables it to parse OpenFlow messages.
77
78What other documentation is available?
79--------------------------------------
80
81To install Open vSwitch on a regular Linux or FreeBSD host, please
82read [INSTALL.md]. For specifics around installation on a specific
83platform, please see one of these files:
84
85- [INSTALL.Debian.md]
86- [INSTALL.Fedora.md]
87- [INSTALL.RHEL.md]
88- [INSTALL.XenServer.md]
89
90To use Open vSwitch...
91
92- ...with Docker on Linux, read [INSTALL.Docker.md]
93
94- ...with KVM on Linux, read [INSTALL.md], read [INSTALL.KVM.md]
95
96- ...with Libvirt, read [INSTALL.Libvirt.md].
97
98- ...without using a kernel module, read [INSTALL.userspace.md].
99
100For answers to common questions, read [FAQ.md].
101
102To learn how to set up SSL support for Open vSwitch, read [INSTALL.SSL.md].
103
104To learn about some advanced features of the Open vSwitch software
105switch, read the [tutorial/Tutorial.md].
106
107Each Open vSwitch userspace program is accompanied by a manpage.  Many
108of the manpages are customized to your configuration as part of the
109build process, so we recommend building Open vSwitch before reading
110the manpages.
111
112Contact
113-------
114
115bugs@openvswitch.org
116
117[INSTALL.md]:INSTALL.md
118[INSTALL.Debian.md]:INSTALL.Debian.md
119[INSTALL.Docker.md]:INSTALL.Docker.md
120[INSTALL.Fedora.md]:INSTALL.Fedora.md
121[INSTALL.KVM.md]:INSTALL.KVM.md
122[INSTALL.Libvirt.md]:INSTALL.Libvirt.md
123[INSTALL.RHEL.md]:INSTALL.RHEL.md
124[INSTALL.SSL.md]:INSTALL.SSL.md
125[INSTALL.userspace.md]:INSTALL.userspace.md
126[INSTALL.XenServer.md]:INSTALL.XenServer.md
127[FAQ.md]:FAQ.md
128[tutorial/Tutorial.md]:tutorial/Tutorial.md
129