Ovs

---------------------
- Support for megaflows, which allows wildcarding in the kernel (and
any dpif implementation that supports wildcards). Depending on
the flow table and switch configuration, flow set up rates are
close to the Linux bridge.
- The "tutorial" directory contains a new tutorial for some advanced
Open vSwitch features.
- Stable bond mode has been removed.
- The autopath action has been removed.
- New support for the data encapsulation format of the LISP tunnel
protocol (RFC 6830). An external control plane or manual flow
setup is required for EID-to-RLOC mapping.
- OpenFlow:
* The "dec_mpls_ttl" and "set_mpls_ttl" actions from OpenFlow
1.1 and later are now implemented.
* New "stack" extension for use in actions, to push and pop from
NXM fields.
* The "load" and "set_field" actions can now modify the "in_port". (This
allows one to enable output to a flow's input port by setting the
in_port to some unused value, such as OFPP_NONE.)
- ovs-dpctl:
* New debugging commands "add-flow", "mod-flow", "del-flow".
* "dump-flows" now has a -m option to increase output verbosity.
- In dpif-based bridges, cache action translations, which can improve
flow set up performance by 80% with a complicated flow table.
- New syslog format, prefixed with "ovs|", to be easier to filter.
- RHEL: Removes the default firewall rule that allowed GRE traffic to
pass through. Any users that relied on this automatic firewall hole
will have to manually configure it. The ovs-ctl(8) manpage documents
the "enable-protocol" command that can be used as an alternative.
- New CFM demand mode which uses data traffic to indicate interface
liveness.

---------------------
- Bridge compatibility support has been removed. Any uses that
rely on ovs-brcompatd will have to stick with Open vSwitch 1.9.x
or adapt to native Open vSwitch support (e.g. use ovs-vsctl instead
of brctl).
- The maximum size of the MAC learning table is now configurable.
- With the Linux datapath, packets for new flows are now queued
separately on a per-port basis, so it should no longer be
possible for a large number of new flows arriving on one port to
prevent new flows from being processed on other ports.
- ovs-vsctl:
* Previously ovs-vsctl would retry connecting to the database forever,
causing it to hang if ovsdb-server was not running. Now, ovs-vsctl
only tries once by default (use --retry to try forever). This change
means that you may want to remove uses of --timeout to avoid hangs
in ovs-vsctl calls.
* Many "ovs-vsctl" database commands now accept an --if-exists option.
Please refer to the ovs-vsctl manpage for details.
- OpenFlow:
- Experimental support for newer versions of OpenFlow. See
the "What versions of OpenFlow does Open vSwitch support?"
question in the FAQ for more details.
- The OpenFlow "dp_desc" may now be configured by setting the
value of other-config:dp-desc in the Bridge table.
- It is possible to request the OpenFlow port number with the
"ofport_request" column in the Interface table.
- The NXM flow_removed message now reports the OpenFlow table ID
from which the flow was removed.
- Tunneling:
- New support for the VXLAN tunnel protocol (see the IETF draft here:
http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-03).
- Tunneling requires the version of the kernel module paired with
Open vSwitch 1.9.0 or later.
- Inheritance of the Don't Fragment bit in IP tunnels (df_inherit)
is no longer supported.
- Path MTU discovery is no longer supported.
- CAPWAP tunneling support removed.
- Tunnels with multicast destination ports are no longer supported.
- ovs-dpctl:
- The "dump-flows" and "del-flows" no longer require an argument
if only one datapath exists.
- ovs-appctl:
- New "vlog/disable-rate-limit" and "vlog/enable-rate-limit"
commands available allow control over logging rate limits.
- New "dpif/dump-dps", "dpif/show", and "dpif/dump-flows" command
that mimic the equivalent ovs-dpctl commands.
- The ofproto library is now responsible for assigning OpenFlow port
numbers. An ofproto implementation should assign them when
port_construct() is called.
- All dpif-based bridges of a particular type share a common
datapath called "ovs-<type>", e.g. "ovs-system". The ovs-dpctl
commands will now return information on that shared datapath. To
get the equivalent bridge-specific information, use the new
"ovs-appctl dpif/*" commands.
- Backward-incompatible changes:
- Earlier Open vSwitch versions treated ANY as a wildcard in flow
syntax. OpenFlow 1.1 adds a port named ANY, which introduces a
conflict. ANY was rarely used in flow syntax, so we chose to
retire that meaning of ANY in favor of the OpenFlow 1.1 meaning.
- Patch ports no longer require kernel support, so they now work
with FreeBSD and the kernel module built into Linux 3.3 and later.
- New "sample" action.

------------------------
- Datapath:
- Support for ipv6 set action.
- SKB mark matching and setting.
- support for Linux kernels up to 3.8
- FreeBSD is now a supported platform, thanks to code contributions from
Gaetano Catalli, Ed Maste, and Giuseppe Lettieri.
- ovs-bugtool: New --ovs option to report only OVS related information.
- New %t and %T log escapes to identify the subprogram within a
cooperating group of processes or threads that emitted a log message.
The default log patterns now include this information.
- OpenFlow:
- Allow bitwise masking for SHA and THA fields in ARP, SLL and TLL
fields in IPv6 neighbor discovery messages, and IPv6 flow label.
- Adds support for writing to the metadata field for a flow.
- Tunneling:
- The tunneling code no longer assumes input and output keys are
symmetric. If they are not, PMTUD needs to be disabled for
tunneling to work. Note this only applies to flow-based keys.
- New support for a nonstandard form of GRE that supports a 64-bit key.
- Tunnel Path MTU Discovery default value was set to 'disabled'.
This feature is deprecated and will be removed soon.
- Tunnel header caching removed.
- ovs-ofctl:
- Commands and actions that accept port numbers now also accept keywords
that represent those ports (such as LOCAL, NONE, and ALL). This is
also the recommended way to specify these ports, for compatibility
with OpenFlow 1.1 and later (which use the OpenFlow 1.0 numbers
for these ports for different purposes).
- ovs-dpctl:
- Support requesting the port number with the "port_no" option in
the "add-if" command.
- ovs-pki: The "online PKI" features have been removed, along with
the ovs-pki-cgi program that facilitated it, because of some
alarmist insecurity claims. We do not believe that these claims
are true, but because we do not know of any users for this
feature it seems better on balance to remove it. (The ovs-pki-cgi
program was not included in distribution packaging.)
- ovsdb-server now enforces the immutability of immutable columns. This
was not enforced in earlier versions due to an oversight.
- The following features are now deprecated. They will be removed no
earlier than February 2013. Please email devopenvswitch.org with
concerns.
- Bridge compatibility.
- Stable bond mode.
- The autopath action.
- Interface type "null".
- Numeric values for reserved ports (see "ovs-ofctl" note above).
- Tunnel Path MTU Discovery.
- CAPWAP tunnel support.
- The data in the RARP packets can now be matched in the same way as the
data in ARP packets.

------------------------
*** Internal only release ***
- New FAQ. Please send updates and additions!
- Authors of controllers, please read the new section titled "Action
Reproduction" in DESIGN, which describes an Open vSwitch change in
behavior in corner cases that may affect some controllers.
- ovs-l3ping:
- A new test utility that can create L3 tunnel between two Open
vSwitches and detect connectivity issues.
- ovs-ofctl:
- New --sort and --rsort options for "dump-flows" command.
- "mod-port" command can now control all OpenFlow config flags.
- OpenFlow:
- Allow general bitwise masking for IPv4 and IPv6 addresses in
IPv4, IPv6, and ARP packets. (Previously, only CIDR masks
were allowed.)
- Allow support for arbitrary Ethernet masks. (Previously, only
the multicast bit in the destination address could be individually
masked.)
- New field OXM_OF_METADATA, to align with OpenFlow 1.1.
- The OFPST_QUEUE request now reports an error if a specified port or
queue does not exist, or for requests for a specific queue on all
ports, if the specified queue does not exist on any port. (Previous
versions generally reported an empty set of results.)
- New "flow monitor" feature to allow controllers to be notified of
flow table changes as they happen.
- Additional protocols are not mirrored and dropped when forward-bpdu is
false. For a full list, see the ovs-vswitchd.conf.db man page.
- Open vSwitch now sends RARP packets in situations where it previously
sent a custom protocol, making it consistent with behavior of QEMU and
VMware.
- All Open vSwitch programs and log files now show timestamps in UTC,
instead the local timezone, by default.

------------------------
- kernel modules are renamed. openvswitch_mod.ko is now
openvswitch.ko and brcompat_mod.ko is now brcompat.ko.
- Increased the number of NXM registers to 8.
- Added ability to configure DSCP setting for manager and controller
connections. By default, these connections have a DSCP value of
Internetwork Control (0xc0).
- Added the granular link health statistics, 'cfm_health', to an
interface.
- OpenFlow:
- Added support to mask nd_target for ICMPv6 neighbor discovery flows.
- Added support for OpenFlow 1.3 port description (OFPMP_PORT_DESC)
multipart messages.
- ovs-ofctl:
- Added the "dump-ports-desc" command to retrieve port
information using the new port description multipart messages.
- ovs-test:
- Added support for spawning ovs-test server from the client.
- Now ovs-test is able to automatically create test bridges and ports.
- "ovs-dpctl dump-flows" now prints observed TCP flags in TCP flows.
- Tripled flow setup performance.
- The "coverage/log" command previously available through ovs-appctl
has been replaced by "coverage/show". The new command replies with
coverage counter values, instead of logging them.

------------------------
- Allow OFPP_CONTROLLER as the in_port for packet-out messages.