1NM-OPENVSWITCH(7) OpenVSwitch support overview NM-OPENVSWITCH(7)
2
3
4
6 nm-openvswitch - overview of NetworkManager OpenVSwitch support
7
9 NetworkManager includes basic OpenVSwitch support, good enough to be
10 capable of setting up simple OpenVSwitch configurations. It is not
11 extensive and does not expose all functionality of OpenVSwitch
12 provides. For large or complicated deployments users are advised to use
13 native tools shipped with OpenVSwitch. This document seeks to provide
14 overview of functionality currently provided by NetworkManager, its
15 capabilities and limitations.
16
17 First and foremost: NetworkManager applies the configuration by
18 modifying the OVSDB directly. Its configuration model follows the OVSDB
19 database model closely and it does not provide the level of abstraction
20 ovs-vsctl provides.
21
22 In practical terms it means the following:
23
24 · NetworkManager only ever talks to a single OVSDB instance via an
25 UNIX domain socket.
26
27 · The configuration is made up of Bridges, Ports and Interfaces.
28 Interfaces are always enslaved to Ports, and Ports are always
29 enslaved to Bridges.
30
31 · NetworkManager only creates Bridges, Ports and Interfaces you ask
32 it to. Unlike ovs-vsctl, it doesn't create the local interface nor
33 its port automatically.
34
35 · You can't enslave Interface directly to a Bridge. You always need a
36 Port, even if it has just one interface.
37
38 · There are no VLANs. The VLAN tagging is enabled by setting a
39 ovs-port.tag property on a Port.
40
41 · There are no bonds either. The bonding is enabled by enslaving
42 multiple Interfaces to a Port and configured by setting properties
43 on a port.
44
45
46 Bridges
47 Bridges are represented by connections of ovs-bridge type. Due to the
48 limitations of OVSDB, "empty" Bridges (with no Ports) can't exist.
49 NetworkManager inserts the records for Bridges into OVSDB when a Port
50 is enslaved.
51
52 Ports
53 Ports are represented by connections of ovs-port type. Due to the
54 limitations of OVSDB, "empty" Ports (with no Interfaces) can't exist.
55 Ports can also be configured to do VLAN tagging or Bonding.
56 NetworkManager inserts the records for Ports into OVSDB when an
57 Interface is enslaved. Ports must be enslaved to a Bridge.
58
59 Interfaces
60 Interfaces are represented by a connections enslaved to a Port. The
61 system interfaces (that have a corresponding Linux link) have a
62 respective connection.type of the link (e.g. "wired", "bond", "dummy",
63 etc.). Other interfaces ("internal" or "patch" interfaces) are of
64 ovs-interface type. The OVSDB entries are inserted upon enslavement to
65 a Port.
66
68 Example 1. Creating a Bridge with a single internal Interface
69
70 $ nmcli conn add type ovs-bridge conn.interface bridge0
71 Connection 'ovs-bridge-bridge0' (d10fc64d-1d48-4394-a1b8-e1aea72f27d5) successfully added.
72 $ nmcli conn add type ovs-port conn.interface port0 conn.master bridge0
73 Connection 'ovs-port-port0' (5ae22bae-bba4-4815-9ade-7e635633e1f0) successfully added.
74 $ nmcli conn add type ovs-interface conn.interface iface0 conn.master port0 \
75 ipv4.method manual ipv4.address 192.0.2.1/24
76 Connection 'ovs-interface-iface0' (3640d2a1-a2fd-4718-92f1-cffadb5b6cdc) successfully added.
77
78 As said above, you need to create a Port even for a single interface.
79 Also, before you add the Interface, the Bridge and Port devices appear
80 active, but are not configured in OVSDB yet. You can inspect the
81 results with ovs-vsctl show.
82
83 Example 2. Adding a Linux interface to a Bridge
84
85 $ nmcli conn add type ovs-port conn.interface port1 conn.master bridge0
86 Connection 'ovs-port-port1' (67d041eb-8e7b-4458-afee-a1d07c9c4552) successfully added.
87 $ nmcli conn add type ethernet conn.interface eth0 conn.master port1
88 Connection 'ovs-slave-eth0' (d459c45c-cf78-4c1c-b4b7-505e71379624) successfully added.
89
90 Again, you need a port.
91
92 Example 3. Creating a VLAN
93
94 $ nmcli conn add type ovs-port conn.interface port2 conn.master bridge0 ovs-port.tag 120
95 Connection 'ovs-port-port2' (3994c093-4ef7-4549-a4fd-627b831c3cb8) successfully added.
96 $ nmcli conn add type ethernet conn.interface eth1 conn.master port2
97 Connection 'ovs-slave-eth1' (099be06e-71ad-484d-8d5a-fcadc5f207f5) successfully added.
98
99 It's just a port with a tag.
100
101 Example 4. Creating a Bond
102
103 $ nmcli conn add type ovs-port conn.interface bond0 conn.master bridge0
104 Connection 'ovs-port-bond0' (d154ebf9-e999-4e1b-a084-a3de53d25d8a) successfully added.
105 $ nmcli conn add type ethernet conn.interface eth2 conn.master bond0
106 Connection 'ovs-slave-eth2' (475ac1bf-30b2-4534-a877-27f33f58b082) successfully added.
107 $ nmcli conn add type ethernet conn.interface eth3 conn.master bond0
108 Connection 'ovs-slave-eth3' (8dedeecb-ed12-482b-b77a-24a4fb835136) successfully added.
109
110 It's just a Port with multiple interfaces. See nm-settings manual for
111 Bonding options you can use with "nmcli c add" or "nmcli c modify". You
112 could even set a VLAN tag on the same Port to do VLAN tagging and
113 bonding at the same time.
114
116 · Not all OpenVSwitch capabilities are supported.
117
118 · OpenVSwitch devices don't expose many useful properties on D-Bus.
119
120 Probably many more.
121
123 RFC 7047: The Open vSwitch Database Management Protocol[1], ovs-
124 vsctl(8), ovs-vswitchd.conf.db(5), nm-settings(5), nmcli(1)
125
127 1. RFC 7047: The Open vSwitch Database Management Protocol
128 https://www.rfc-editor.org/rfc/rfc7047.txt
129
130
131
132NetworkManager 1.12.0 NM-OPENVSWITCH(7)