Ben PfaffPeople are still doing research on #openvswitch and this impresses me so much.
The call for talks for the Open vSwitch and OVN 2025 Fall Conference is now open! ovscon.site #openvswitch #ovs
HabrКак переехать на OVN и не сломаться: пошаговый гайд
Привет, Хабр! На связи вновь Кирилл Савин, архитектор SDN в Облаке Рег.ру. Недавно мы с командой взвесили все риски и приняли волевое решение — переехать на OVN. В процессе думали над архитектурой, решали возникающие вопросы и набивали шишки. Я решил поделиться нашим опытом и подходами. В первой статье рассказали, как устроен OVN изнутри, рассмотрели особенности архитектуры. Теперь готовы перейти к практике! Во второй части опишу ручной подход для миграции облака с сетевым даунтаймом для перестроения сети, но без миграции, собственно, виртуальных машин. Для «переезда» я осознанно выбрал ручной подход — объясню, почему и что из этого получилось. Внутри — по шагам рассказываю о переезде и делюсь полезными конфигурациями, которые делают это возможным.
https://habr.com/ru/companies/runity/articles/924270/
#ovn #облако #миграция #openvswitch #neutron #control_plane #network #openflow #vm #облачные_технологии
OVN под капотом: как построить сеть в OpenStack
Привет, Хабр! На связи Кирилл Савин, я — архитектор SDN в Облаке Рег.ру. Недавно мы с командой начали большой переезд OpenStack облака на OVN, который идет и сейчас. Это непростое путешествие, в котором мы пробовали разные решения, извлекали уроки из ошибок и продолжали двигаться вперед. Так появилась идея рассказать о рабочих кейсах и идеях, которые мы почерпнули. Мыслей на этот счет получилось много, поэтому решил сделать серию статей об инструментах для сетевой виртуализации. В первой начнем с обзора OVN: об архитектуре, преимуществах и недостатках. Будет полезно тем, кто в контексте OpenStack работает с сетевой виртуализацией и уже «трогал» OVN.
https://habr.com/ru/companies/runity/articles/922172/
#ovn #ovs #openstack #сетевая_инфраструктура #виртуализация #openvswitch #облако #облачные_технологии #сети #архитектура_системы
AreskulHow many of you are using #OpenvSwitch ?
Very practical cli to provide external network connectivity to virtual machines, instead of wrestling with tun/tap devices and bridges! 😲
#linux #network #programming #ipv6
https://www.openvswitch.org/
On Monday, the NSDI 2025 Program Committee presented the #nsdi25 Test of Time Award, given for an NSDI paper accepted at least 10 years ago, to the authors of the 2015 NSDI paper "The Design and Implementation of #openvswitch." Ben Pfaff and Ethan Jackson were present to accept the award on behalf of the 12 coauthors of the paper. Each of them gave brief remarks attributing the success of Open vSwitch, in academia and industry, to its large and vibrant community of contributors.
🇨🇦 CowMan 🇪🇺 🇺🇦 🇲🇽Hmm. I am not sure I follow what is happening here.
Somewhere along the way, either #Unifi or #OpenvSwitch / #Proxmox seems to be jacking packet sizes. Or maybe it is #Apple.
When roaming to a specific Unifi AP, devices - almost or perhaps exclusively Apple devices - associate, but fail to pass traffic, and for a moment degraded service ripples out to other devices.
Jumbo frames, usually a problem source, fixes it. How unusual. I highly doubt Wifi devices are pushing huge frames.
Adam Williamson 
today:
* stared at mind-numbing #openvswitch and #networkmanager documentation for several hours, finally figured out how to port #fedora #openqa networking setup off the old network-scripts bits, tested and deployed it to stg then prod: https://pagure.io/fedora-infra/ansible/c/690a5eb951b88c9f94f5bf03bf115b9566c3b87e?branch=main , https://pagure.io/fedora-infra/ansible/c/762b23ef7dc922182d3656df91a9a2604b7c9798?branch=main , https://pagure.io/fedora-infra/ansible/c/4743c3fdce1fa0bd145254c471f93d028ba8cb31?branch=main
* updated some of the worker hosts, fixed one where a "persistent" network interface name had changed, sigh
* started ripping PDC support out of fedfind
* stared at mind-numbing #openvswitch and #networkmanager documentation for several hours, finally figured out how to port #fedora #openqa networking setup off the old network-scripts bits, tested and deployed it to stg then prod: https://pagure.io/fedora-infra/ansible/c/690a5eb951b88c9f94f5bf03bf115b9566c3b87e?branch=main , https://pagure.io/fedora-infra/ansible/c/762b23ef7dc922182d3656df91a9a2604b7c9798?branch=main , https://pagure.io/fedora-infra/ansible/c/4743c3fdce1fa0bd145254c471f93d028ba8cb31?branch=main
* updated some of the worker hosts, fixed one where a "persistent" network interface name had changed, sigh
* started ripping PDC support out of fedfind
Electronic EelControlling the switch is done with the kernel switchdev driver and the devlink and tc tools. Basic rules like VLAN-tagging are supported of course, but you can also do more complex things like L3 routing and routing based on TCP port numbers. So you could for example take one IPv4 and divide it among several VMs based on port numbers.
tc and devlink are the more barebones interface to this. In their manual they suggest to use Open vSwitch to manage this. What it does is quite clever: it implements a quite capable software switch with the OpenFlow rule language, a management process and it's own small database backend. Packets are sent to this software switch first and (slowly) switched in software according to the rules you set.
When this first packet is forwarded, the management process also calculates the minimal rules that were necessary to forward this packet and subsequent similar ones. Then it creates a tc rule to offload this to hardware, so the following packets are switched purely in hardware. This ensures that only the rules that are actually used right now are configured on the switch ASIC, reducing bloat on the ASIC and improving switching speed.
Downside is that Open vSwitch and OpenFlow introduce an extra layer and complexity that has to be managed and understood. There seems to be a Ansible collection to manage Open vSwitch, but I didn't see
an easy way to use it to manage complex OpenFlow rules. But maybe I missed it because I just had a short look at it.