Below are the features that Intel are planning to submit for the OVS 2.9 

I've also created a google spreadsheet so that people can contribute their own 
planned features. This can be found at:

If people can complete this doc and send an email to the dev mailing list then 
we can formalize the features and commit them to a doc in the OVS repo.

It would be good if others are also willing to share their plans so that we can 
build up a complete picture of what's planned for the OVS 2.9 release and make 
sure there's no duplication.

Keepalive: Keepalive feature is aimed at achieving Fastpath Service Assurance  
in OVS-DPDK deployments. It adds support for monitoring the packet processing 
threads by dispatching heartbeats at regular intervals and the status is 
updated periodically in OVSDB. In case of heartbeat misses the failure is 
detected and reported to higher level fault management systems/frameworks. The 
status can be monitored from OpenStack Ceilometer service.

vHost PMD: The vHost PMD brings vHost User ports under control of DPDK's 
librte_ether library and in doing so DPDK's librte_vhost library will no longer 
be directly referenced in OVS. Potential benefits include shared code among 
port types in netdev-dpdk and smoother upgrades between DPDK versions in OVS.

Multi-segment Mbuf: Support for jumbo frames was added to netdev-dpdk in 
v2.6.0. In that implementation, a jumbo frame is stored within a single-segment 
mbuf. That mode will remain the default, but an option will now be added to 
allow a jumbo frame to be stored within a multi-segment mbuf. This reduces the 
requirement for large, contiguous blocks of memory, and may be useful in 
deployments with limited memory.

Conn Track: Analyze and improve Connection Tracker performance:
The Connection Tracker is a feature to manage stateful connections and 
implement security Firewalls.
This allows a better protection against attacks and helps in load balancing. 
The counterpart is a significant impact on the overall performance. This work 
is aimed at analyzing possible bottlenecks - also considering the latest 
protocol implementations - to improve the Connection Tracker performance.

IPSEC: This feature looks to introduce IPsec into OVS with DPDK. IPsec would 
function in transport mode and would be used in conjunction with existing 
encapsulation methods (initially VxLAN) to create a new interface type 
'vxlanipsec'. The DPDK cryptodev framework will be used to  handle 
cipher/digest operations as part of the encap/decap actions in accordance with 
a security association. The cryptodev devices supported would be limited to 
virtual crypto devices such as the  AESN-MB vdev. As such cipher and digest 
algorithms supported would be limited to the capabilities of the vdev. In terms 
of Security Association generation for IPsec policies, the feature will allow a 
user to specify security associations via command line options for the 

Zero copy: Support for enabling DPDK's 'dequeue zero copy' feature on vHost 
User ports which removes the costly memcpy operation from guest to host when 
enabled. Detailed information in the DPDK documentation:

DPDK 17.05.2 and 17.11 support: DPDK 17.05.2 is the latest stable release of 
DPDK, and includes numerous bug-fixes and stability updates.
DPDK 17.11 will be the next DPDK Long Term Support (LTS) release (TBD). It will 
also include numerous new features, such as Generic Segmentation Offload (GSO) 
and vHost PMD.

Upcall performance: The first packet in every flow that is handled by OVS is an 
upcall to the exception path. This is a performance bottleneck for some use 
cases. Analysis and improvements to the performance of this code path will be 

Service Assurance : Virtual switching reporting of flow telemetry via IPFix.

Extended NIC Stats: Expose low level driver statistics registers to the user 
through the Extended NIC statistics API in DPDK for physical interfaces.

NAT extended counters (sflow): Monitoring NAT flow telemetry via sFlow.

dev mailing list

Reply via email to