The Open vSwitch mechanism driver supports a range of traditional and overlay networking technologies, and has support for the following types of drivers:

• Local
• Flat
• VLAN
• VXLAN
• GRE

Within OpenStack Networking, Open vSwitch operates as a software switch that uses virtual network bridges and flow rules to forward packets between hosts. Although it is capable of supporting many technologies and protocols, only a subset of Open vSwitch features are leveraged by OpenStack Networking.

The following are three main components of Open vSwitch:

• Kernel module: The openvswitch kernel module is the equivalent of ASICs on a hardware switch. It is the data plane of the switch where all packet processing takes place.
• vSwitch daemon: The ovs-vswitchd daemon is a Linux process that runs in user space on every physical host and dictates how the kernel module will be programmed.
• Database server: An OpenStack/Open vSwitch implementation uses a local database on every physical host called the Open vSwitch Database Server (OVSDB), which maintains the configuration of the virtual switches.

A high-level architecture diagram of the preceding components can be seen here:

The Neutron Open vSwitch agent, neutron-openvswitch-agent, is a service that's configured on hosts using the Open vSwitch mechanism driver and is responsible for managing the implementation of networks and related interfaces. The agent connects tap interfaces to Open vSwitch or Linux bridges, depending on the firewall configuration, and programs flows using utilities such as ovs-vsctl and ovs-ofctl based on data provided by the neutron-server service.

In an Open vSwitch-based network implementation, there are five distinct types of virtual networking devices, as follows:

• Tap devices
• Linux bridges
• Virtual ethernet cables
• OVS bridges
• OVS patch ports

Tap devices and Linux bridges were described briefly in the previous section, and their use in an Open vSwitch-based network remains the same. Virtual Ethernet (veth) cables are virtual interfaces that mimic network patch cables. An Ethernet frame sent to one end of a veth cable is received by the other end, just like a real network patch cable. Neutron makes use of veth cables when making connections between network namespaces and Linux bridges, as well as when connecting Linux bridges to Open vSwitch switches.

Neutron connects interfaces used by DHCP or router namespaces and instances to OVS bridge ports. The ports themselves can be configured much like a physical switch port. Open vSwitch maintains information about connected devices, including MAC addresses and interface statistics.

Open vSwitch has a built-in port type that mimics the behavior of a Linux veth cable, but is optimized for use with OVS bridges. When connecting two Open vSwitch bridges, a port on each switch is reserved as a patch port. Patch ports are configured with a peer name that corresponds to the patch port on the other switch. Graphically, it looks something like this:

In the preceding diagram, two OVS bridges are cross-connected via a patch port on each switch. Open vSwitch patch ports are used to connect Open vSwitch bridges to each other, while Linux veth interfaces are used to connect Open vSwitch bridges to Linux bridges, or Linux bridges to other Linux bridges.