Under conditions of loss of performance, Open vSwitch can run entirely in user space, without kernel modules help. This article explains how to install the Open vSwitch work in this mode.
This version should manually using Open vSwitch configureand makecompiled. The Open vSwitch Debian packages, although this feature is also supported, but not tested recently, when using Open vSwitch all of this functionality is not recommended by the Debian package installation.
Warning :
Open the vSwitch without DPDK support user-space mode is considered to be realized in nature, it has not been thoroughly tested.
Compiling and Installing
The step of compiling a document and its installation and configuration requirements Open vSwitch generalthe same as described. Here you can configure omitted, compile and install the kernel module and associated requirements.
On Linux, the user requires further space switch core TUN / TAP driver is available, either built into the core, or may be loaded as modules. If you are unsure, check the name /sys/class/misc/tundirectory. If not, try using modprobe tunthe load module.
tun device must also exist in the following directory /dev/net/tun. If not, use the command mkdir /dev/netto create a /dev/netdirectory (if necessary), then use the command mknod/dev/net/tun c 10 200to create /dev/net/tunthe device node.
On FreeBSD and NetBSD, users also require space switch core tap (4) driver is available, either built into the kernel, or loaded as modules.
Use ovs-vswitchd user space data path
For use in user space mode ovs-vswitchd, creating a bridge, parameters configuration database datapath_type=netdev, for example:
$ ovs-vsctl add-br br0
$ ovs-vsctl set bridge br0 datapath_type=netdev
$ ovs-vsctl add-port br0 eth0
$ ovs-vsctl add-port br0 eth1
$ ovs-vsctl add-port br0 eth2
ovs-vswitchd TAP creates a local interface device as a bridge, the bridge with the same name, and the internal configuration of each interface name.
ovs-vswitchd will create a TAP device as the bridge’s local interface, named the same as the bridge, as well as for each configured internal interface.
Currently, on FreeBSD, did not achieve the desired control function within a support band. In order to avoid related errors, you can disable in-band support with the following command:
$ ovs-vsctl set bridge br0 other_config:disable-in-band=true
Firewall rules
On Linux, spatial data path when the user uses the physical interface, received data packets on the interface will still be passed to the kernel TCP / IP stack. This can lead to accidents and wrong behavior. You can use the iptablescommand to avoid this behavior, it is used to discard the received packet. For example, discarding the received packets eth0:
$ iptables -A INPUT -i eth0 -j DROP
$ iptables -A FORWARD -i eth0 -j DROP
Other settings
On NetBSD, depending on your network topology and application, the following configuration may be helpful. See sysctl (7). :
$ sysctl -w net.inet.ip.checkinterface=1