about the ovs plugin & ovs setup for the tunnel network type

Asked by nrupal jani on 2013-06-06

Hi there,

I am little new to the openstack networking project, previously known as quantum

Anyway I have few simple questions regarding the way ovs gets configured the way it is in the current form in kvm!!

Here it goes,

- As I understand, OVS setups two datapaths instances br-int & br-tun & uses patch port to connect them. Additionally it uses local vlans in the br-int for the vm-vm traffic!!
o I understand the reason behind the current setup but I am not sure why it needs to be like it?
 can’t the same features can be supported with single instance like br-int & fllows are setup correctly to get things right including quantum security groups?

I know there must be some technical reasons behind all these but I just want get some history & also want to know whether anyone is planning to enhance it in future?



Question information

English Edit question
neutron Edit question
No assignee Edit question
Last query:
Last reply:
Gary Kotton (garyk) said : #1

If the VM device is attached directly to the switch then the traffic will not go through the seciruty groups. This is why there is the Hybrid VIF driver. The VM connection to the bridge is as follows:
With the OVS plugin there is not external controller that builds the flows. This is addressed by a number of other plugins, for example, nicira, bigswitch, ryu etc.

nrupal jani (nrupal-jani) said : #2

thx Gary for reply.

So, with other plugins u mentioned the ovs gets setup differently? in other words vms are connected directly to ovs instead of Linux bridge? And the quantum security groups are implemented as part of the ovs as a flows using the ext. controller?

the main reason I asked this question because I thought the controllers u mentioned also use ovs & ovs configured with controller should be able to work even w/o controller.



Can you help with this problem?

Provide an answer of your own, or ask nrupal jani for more information if necessary.

To post a message you must log in.