Neutron/OFAgent/ComparisonWithOVS
Two neutron agents, openvswitch and ofagent, implement mostly same functionalities in different ways.
- What's same?
- Basic architecture
- the agent runs on each compute/network node.
- it controls an OpenFlow switich on the node.
- Basic architecture
- What's different?
- The following is a summary of the differences.
- note: this list is intended to show differences wrt designs and development directions. some of items (noted as "planned") have not been implemented in neutron master yet.
| openvswitch | ofagent | |
| Advantages | Possibly can achieve better performance using Open vSwitch(OVS) specific advanced features like Nicira Extensions (NX) and patch ports. | More portable to switches other than OVS. Easier to handle asynchronous messages because it's a full featured OpenFlow controller. |
| OpenFlow version | OpenFlow 1.0 + NX | OpenFlow 1.3 without vendor extensions |
| How to compose flows? | ovs-ofctl command line arguments (plain texts) | Use Ryu ofproto library (python objects) |
| How to install flows into a switch? | Invoke ovs-ofctl command | An OpenFlow controller embedded in the agent sends OpenFlow messages to the switch |
| Supported switches | OVS only | OpenFlow 1.3 switches including OVS (planned) |
| Neutron plugin | openvswitch plugin (planned to be deprecated) or ML2 plugin | ML2 plugin |
| Port monitoring | ovsdb monitoring via ovs-vsctl command | OpenFlow port statistics |
| Management Protocol (eg. tunnel port creation) | ovsdb via ovs-vsctl command | use standard protocols like OF-Config where appropriate. otherwise, sub-driver (planned) |
| Device ID | Neutron port ID (UUID) stored in ovsdb | Port name as linuxbridge |
| "internal" VLAN | 802.1q tagged VLAN | OpenFlow metadata |
| Local ARP responder | Install NX flows for each FDB entries. Currently tunnel network types only. | The embedded OpenFlow controller handles packet-ins and sends back ARP responses. Implemented for all network types. |
| Multiple bridges | Considering bridges per functionalities. | Aims to reduce the number of bridges because multiple bridges and patch ports are not supported by every switch implementations. (planned) |
| Security Groups / Firewall driver | use NX. namely tcp_flags NXM, learn action, or future conntrack support (planned) | probably implement only a subset of rules using OpenFlow |
