Backends

MOSK offers various networking backends. Selecting the appropriate backend option for the Networking service is essential for building a robust and efficient cloud networking infrastructure. Whether you choose Open vSwitch (OVS), Open Virtual Network (OVN), or Tungsten Fabric, understanding their features, capabilities, and suitability for your specific use case is crucial for achieving optimal performance and scalability in your OpenStack environment.

Refer to Networking backend configuration for the configuration details.

Capability matrix

Capability

Tungsten Fabric

Open vSwitch (OVS)

Open Virtual Network (OVN)

Logical routers

Static routes

SNAT

Floating IPs

External IPs on VMs

Per-tenant floating networks and SNAT pools

IPv6

Bare Metal as a Service (Ironic)

DNS as a Service

Designate and Tungsten Fabric vDNS

Designate

Designate

Firewalling

Security groups and application policies

OVS firewall

OVS firewall

Load balancing

Tungsten Fabric built in HAProxy, OpenStack Octavia/Amphora

OpenStack Octavia/Amphora

OpenStack Octavia/Amphora, Octavia/OVN native load balancer

BGP VPNs

TechPreview

VPN as a Service (IPsec)

TechPreview

TechPreview

Data plane acceleration

SR-IOV/DPDPK

SR-IOV/DPDK

SR-IOV/DPDK

QoS

Network equipment management

Netconf/OVSDB

Neutron ML2 plugins/networking-generic-switch

Neutron ML2 plugins/networking-generic-switch

East-West traffic encryption

Open vSwitch

Open vSwitch is a production-quality, multilayer virtual switch licensed under the open source Apache 2.0 license. It is designed to enable massive network automation through programmatic extension, while supporting standard management interfaces and protocols.

Open vSwitch is suitable for general-purpose networking requirements in OpenStack deployments. It provides flexibility and scalability for various network topologies.

Key characteristics of Open vSwitch:

  • Depends on RabbitMQ and RPC communication

  • Uses keepalived to set up HA routers

  • Uses namespace and Veth routing to provide its capabilities

  • Locates metadata in router or DHCP namespaces

  • Centralizes the DHCP service, which is running in a separate namespace

See also

OpenStack official documentation: Difference between OVS and OVN

Open Virtual Network

Available since MOSK 25.1 as GA (Caracal) Available since MOSK 24.2 as TechPreview (Antelope)

Open Virtual Network is a solution for Open vSwitch that provides native virtual networking support for Open vSwitch environments. It provides enhanced scalability and performance compared to traditional Open vSwitch deployments.

Key characteristics of Open Virtual Network:

  • Uses the OVSDB protocol for commmunication

  • Is distributed by design

  • Handles all traffic with OpenFlow

  • Runs metadata on all nodes

  • Provides DHCP through local Open vSwitch instances

Caution

There are numerous limitations related to VLAN/Flat tenant networks in Open Virtual Network with distributed floating IPs for bare metal SR-IOV and Octavia VIP ports. For more information about Open Virtual Network limitations, see relevant upstream documentation.

OpenStack official documentation

Tungsten Fabric

Tungsten Fabric is an open-source SDN based on Juniper Contrail. Its design allows for simplified creation and management of virtual networks in cloud environments. Tungsten Fabric supports advanced networking scenarious, such as BGP integration and scalability.

Key characteristics of Tungsten Fabric:

  • Uses well scalable protocols to set up tunnels, such as BGP/MPLS

  • Provides out-of-the-box BGPaaS/Service chaining capabilities

See also

Tungsten Fabric official documentation: Key features