1 Major Features
- 1.1 Release Deliverables
- 1.2 Experimental Deliverables
2 Target Environment
- 2.1 For Execution
- 2.2 For Development
3 Known Issues and Limitations
- 3.1 ODL OVSDB L3
- 3.2 Security Groups with Conntrack
- 3.3 Service Function Chaining
- 3.4 Known Bugs
4 Changes Since Previous Releases

Major Features

Beryllium marked the fourth release of the OVSDB NetVirt project. The release delivers increased code and testing coverage and improved network virtualization integration with OpenStack.

Release Deliverables

Code quality, stability and usability
Remove deprecated AD-SAL APIs
Netvirt updates for flow optimizations and config migration
ODL SFC and OPNFV SFC integration, application pipeline coexistence
Increased Neutron parity by adding Security Groups and Metadata support
Enhanced L3 DVR functionality
Hardware VTEP southbound support
Open_vSwitch southbound support for QoS and Queue
Clustering/HA/Persistence support
DPDK enhancements to the Southbound and NetVirt to support DPDK

Experimental Deliverables

Experimental support is added for the following features:

Clustering using the OpenFlow plugin-li plugin. The feature is odl-ovsdb-openstack-clusteraware.
Network Virtualization DLUX user interface. The feature is the odl-ovsdb-ui.

Target Environment

For Execution

Same as the usual JRE requirements for OpenDaylight

For Development

Same as the usual JDK and Maven requirements for OpenDaylight

Known Issues and Limitations

OpenStack SFC integration requires a workaround when used with the current NSH OVS implementation as described in VTEP Workaround for OpenStack Instantiated VMs.
The DLUX integration is considered an experimental feature. The feature works well but has not been extensively tested.
Full ODL OVSDB L3 functionality requires a minimum OVS version of 2.3.2. The version is required for ARP responder flows in table 20.
Stateful Security Groups support using conntrack requires a minimum OVS version of 2.5. Stateless Security Groups without conntrack is supported from OVS 2.3.2 and later.

ODL OVSDB L3

The L3 functionality is disabled by default. To enable the L3 functionality add ovsdb.l3.fwd.enabled=yes to the etc/custom.properties file.

Security Groups with Conntrack

Conntrack functionality is disabled by default. To enable the conntrack support add <conntrack-enabled>true</conntrack-enabled> to the etc/opendaylight/karaf/netvirt-impl-default-config.xml file.

Service Function Chaining

Some configuration is required due to application co-existence for the OpenFlow programming. The SFC project programs flow for the SFC overlay and NetVirt programs flow for the tenant overlay. Coexistence is achieved by each application owning a unique set of tables and providing a simple handoff between the tables.

First, configure NetVirt to use table 1 as it's starting table:

^{http://localhost:8181/restconf/config/netvirt-providers-config:netvirt-providers-config

{
"netvirt-providers-config": {
"table-offset": 1
}
}}

Next, configure SFC to start at table 150 and configure the table handoff. The configuration starts SFC at table 150 and sets the handoff to table 11 which is the NetVirt SFC classification table.

^{http://localhost:8181/restconf/config/sfc-of-renderer:sfc-of-renderer-config

{
"sfc-of-renderer-config": {
"sfc-of-app-egress-table-offset": 11,
"sfc-of-table-offset": 150
}
}}

Known Bugs

Bug 5351 - Security group connection tracking flows are not getting inserted in OVS https://bugs.opendaylight.org/show_bug.cgi?id=5351 The solution was tested against OVS 2.4.9 and pre-release patches. There has been a change in the connection tracking state bit values in the official OVS 2.5 release. The workaround is to use the OVS 2.4.9 with pre-release patches or to use a later ODL build with the current fix: https://git.opendaylight.org/gerrit/#/c/34655/.

Changes Since Previous Releases

New APIs for supporting SFC integration and using NetVirt as the classifier:

^{http://localhost:8181/restconf/config/netvirt-providers-config:netvirt-providers-config

{
"netvirt-providers-config": {
"table-offset": 1
}
}

http://localhost:8181/restconf/config/ietf-access-control-list:access-lists
{
"access-lists": {
"acl": [
{
"acl-name": "http-acl",
"access-list-entries": {
"ace": [
{
"rule-name": "http-rule",
"matches": {
"destination-port-range": {
"lower-port": "80",
"upper-port": "80"
},
"source-port-range": {
"lower-port": "0",
"upper-port": "0"
},
"protocol": "6"
},
"actions": {
"netvirt-sfc-acl:sfc-name": "SFCNETVIRT"
}
}
]
}
}
]
}
}}

Bugs Fixed in this Release

^{4924 Fixed IPs of dhcp_port are not updated when a new subnet is added to the network.
5278 Service Unavailable exception when associating a Neutron router with a tenant subnet.
5331 unable to read topology after recovering a failed controller in cluster
5040 LLDP Spoofing attack warning when using Openstack with ODL Cluster (both features)
4569 Ownership changed consistently without down any node
5038 Instances are not reachable in Openstack when ODL used as cluster (using OFPlugin He design)
5062 Creating Bridge in Cluster Mode returns 500 and throws exception in karaf log
5018 No Flow Entries are installed to br-int while trying the NetVirt Cluster (clusteraware)
3974 br-int is not getting created with lithium 0.3.0 snapshot
4277 Deleted Network flow entries retained in br-int,if network associated and disassociated from virutalrouter interface
4888 Ovsdb Southbound Clustering Inconsistent output for sudo ovs-vsctl list bridge br-int
4916 In OVSDB Single node clustering 2 switches registered with same manager there are two "OWNER" found in southbound, and with this two "OWNER" replication also happens
5134 Address exceptions when SG remote_group_id has both IPv4 and IPv6 addresses
5172 lldp: SchemaVersionMismatchException: The schema version used to access the table/column (7.8.0) does not match the required version (from 7.11.2 to 0.0.0)
4811 topic/netvirt-clustering branch: the Openstack Integration failing due to OpenFlowPlugin failures
5110 Pinging router on different network does not work
4892 Not getting Arp flows if there is no Router
5187 Remote security group insertion fails when port is not found in cache
5169 Retrieval of Bridge and Port fails from Operational Store in csit test
4904 Singleton Cluster is not happened
5149 Enhancement: Support LLDP on ovsdb interface
5161 In OVSDB 3 node cluster northbound remote ip address validation missing in configuration data store
4373 Released Floating IP (on compute node1 vm) is not reaching to external network, if reuse the floating IP to another VM ( VM hosted on compute node2
4374 On Release of Floating IP doesn’t detached port on openstack external network
4280 VM Floating IP Address unable to reach the External GW when L3 routing enabled.
5107 Flow tables mentioned in goto_table actions are not created
4132 Unable to ping gateway when using L3 DVR - Lithium
5131 Hard-coded base url in Ovsdb UI
5147 Wrong logging level for ConfigProperties not found with defaults
4794 IllegalArgumentException in operational delete: unable to connect ovs to plugin
4844 GatewayMacResolverService continues to try to resolve gateway after nodes have disconnected.
4769 Security group : default ip flows fails to delete intermittently
4643 Remote Security Group - Terminating an instance fails to remove the corresponding rules
4874 distributed arp in old l3 for ovsdb is not installing rules when it should
3052 race condition between northbound and southbound events
2173 Remaining OF 1.3 rules after full neutron resources removal
3097 Do not delete interfaces in PortHandler
5056 Beryllium RC0: Data did not pass validation
5065 Data did not pass validation
5066 ConflictingModificationAppliedException: Node was created by other transaction.
5069 ARP request from public gateway not answered
5007 Reenable SG IT
5039 External Interface errors in karaf log when using Openstack with ODL Cluster (odl-ovsdb-openstack)
4311 null pointer exceptions in ovsdb routemgr
4971 SG needs to be independent from which L3 stack is used in ovsdb netvirt
5013 SG exception when running openstack tempest: org.opendaylight.ovsdb.utils.mdsal.openflow.MatchUtils.createICMPv4Match(MatchUtils.java:223)[283:org.opendaylight.ovsdb.openstack.net-virt-providers:1.1.4.SNAPSHOT]
4205 VM delete doesnot removed all related flows(i.e specific to VMs)
4997 Fix for ConnectionInfo parsing in showMdsal tool
4908 cannot create a bridge using northbound REST api with clustering.
4927 Rules added by MacResolverServices in br-ex are not removed if no arp responses make it back to br-ex
4913 flow rules for security group aren't populated on port creation
4912 NeutronL3Adapter: missing/reordered enabled check
4911 IllegalArgumentException in RoutingService.programRouterInterface
4881 org.opendaylight.ovsdb.openstack.netvirt.AbstractEventTest failure
4737 ovsdb can create vxlan port in OVS,but cant't delete it
4736 missing null pointer check of getFixedIPs()
4429 Sending non-canonical IPv4 prefix resulted in table 60 rules not getting added
4472 IllegalArgumentException in programIpRewriteExclusion
4416 Unreliable ERROR message as Unable to resolve Externalgateway Mac address,while unstacking one of compute node on openstack
4348 NoClassDefFoundError and ODL doesn't allowed to create network from openstack
4346 Restack/new compute node VM doesn’t communicated north-south traffic
4282 NPEs and inability to provision SFF in SFC project via GBP between SR1 and current stable lithium
4339 northbound depends on obsolete commons.northbound and sal
1519 SouthboundHandler: isUpdateOfInterest is too inclusive
4228 Externalgateway Mac address keeps on try to resolve,after cleared the GW on Openstack externalNetwork
1802 Karaf : InventoryListener Event replay code missing in Library on plugin bundle start
4067 LbaaS OF flows are not getting installed in the switch
2732 When large JSON responses are received by the switch in response to ODL queries, ODL's OVSDB interface becomes unusable.
2923 Need to define OVSDB Clustering/Data Persistence Behavior
2660 Network shared attribute should be allowed
905 ovsdbConfigService.getRows() returns mutable maps
913 Can't delete QOS from java api
1972 Flows failed to get programmed in a very random fashion
2132 Bad openflow rules removal when VM is deleted
2125 ODL shouldn't set the controller to every brige
2024 ovsdb throws exception, fails to try to program flows if ovs is running already at controller startup
1750 Add the missing apply-actions on outbound NAT table
1696 Ingress ACL table is dropping the LLDP traffic
1662 Typed Schema based Special handling is missing
1642 Northbound API fails to insert/delete rows if the parentTable/parentColumn json data is missing on the POST message
1357 Wrong status code sent if Node does not exist
4331 arp responder periodic timer should refresh node picked for packet-out
4920 MAC address for gateway can not be resolved, because external bridge is not connected to controller.
4029 org.opendaylight.ovsdb.openstack.netvirt.impl.NeutronL3Adapter.handleNeutronPortEvent(NeutronL3Adapter.java:251)[271:org.opendaylight.ovsdb.openstack.net-virt:1.2.0.SNAPSHOT]
4579 Periodic ARP resolver is missing calls to NeutronL3Adapter::updateExternalRouterMac()
4265 NPE while programming Port Security ACL
4752 distributed arp in old l3 for ovsdb should not install rules for arp unless tenant network exists in the compute node
1844 Callback from neutron's router interface events should be handled via neutron port events
4611 NPE at org.opendaylight.ovsdb.openstack.netvirt.providers.openflow13.services.IngressAclService.programPortSecurityGroup(IngressAclService.java:88)
4642 IP ingress rule is not seen after a VM is spawned with the default Security Group
4756 southbound fails to delete OvsdbNode from config and operational
4776 ovsdb netvirt needs to handle cases when network/subnet contains no tentant id
4733 NPE in SouthboundImpl
4735 NPE in SouthboundImpl
4734 NPE in GatewayMacResolverService
4718 NPE in NeutronSubnetChangeListener.java
4711 Compile errors when building openstack.net-virt
4704 compile error of missing symbol of getSubnets
4546 Southbound plugin throws java.lang.IllegalStateException while shutting down and loops forever
4463 IlligalArgumentException when deleting router port
4144 Periodic ARP resolver should use unicast MAC destination address whenever possible; instead of broadcast
3378 ovsdb netvirt needs help in getting mac for a given ip in br-ex
3989 Posting multiple OVSDB nodes with different node-id but same connection-info does not clean operational MD-SAL
4208 Unstack and restack existing same compute unable to communicate the existing network VM's
4014 pipeline flows not programmed on manually added br-int
3962 Event dispatcher found no handler for NorthboundEvent
4347 br-ex doesn’t listing any OF flows on compute node instance
4229 Stale OF entries retained in br-int flow table on openstack-controller side,when VM resides on unstacked compute node
3796 Config datastore empty on reconnect to ovsdb-node
4206 Network delete doesnot removed the Vxlan tunnel entries on ovs switch
4135 pipeline flows not programmed because controller address is not set on OVSDB node
4045 exception when ipv6 addressed port is received
4160 null pointer exception in SecurityServicesImpl.getDHCPServerPort()
4163 null pointer exception in NeutronL3Adapter.getExternalNetworkSubnet()
3545 Updates to termination point configuration for existing termination points broken
3909 SSLv3 should be disabled for ovsdb server}

Migration from Previous Releases

Migration from previous releases has not been tested.

Compatibility with Previous Releases

Yes, compatible with previous releases.

Deprecated, End of Life, and/or Retired Features/APIs

The OVSDB Plugin compatibility layer and related ADSAL dependencies were deprecated in Lithium and removed in Beryllium.

OpenDaylight

OVSDB:Beryllium Release Notes

Contents