View analytic

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Monday, November 7


Registration and Continental Breakfast
Monday November 7, 2016 8:00am - 8:45am
Level 2 Foyer


Monday November 7, 2016 8:45am - 9:00am


Keynote- Nick McKeown, Stanford University


Nick McKeown (PhD/MS UC Berkeley ’95/’92; B.E Univ. of Leeds, ’86) is | Faculty Director of the Open Networking Research Center. From 1986-1989 | he worked for Hewlett-Packard Labs in Bristol, England. In 1995, he | helped architect Cisco's GSR 12000 router. Nick was co-founder... Read More →

Monday November 7, 2016 9:00am - 9:30am


An Update on OVS and OVN-Justin Pettit, VMware
This talk will provide a high-level overview of the project which will help those new to OVS and OVN understand the talks that follow.  It will also provide an update on highlights of the past year and some of the exciting projects under development.  Some of the topics covered will include:
  • The introduction of stateful services
  • The first release of OVN
  • Improvements to the various datapaths
  • The move to the Linux Foundation
  • Looking into a more flexible datapath
  • Improving the scalability and security of OVN

avatar for Justin Pettit

Justin Pettit

Justin Pettit is a software developer at VMware. Justin joined VMware through the acquisition of Nicira, at which he was a founding employee. He was one of the original authors of the OpenFlow Standard, working on both the specification and reference implementation. He is one of... Read More →

Monday November 7, 2016 9:30am - 9:50am


The Power of Compounding Caches in the OVS Pipeline Ben Pfaff, VMware

Most software switches use a "code-driven" pipeline that processes packets through stages which are each implemented as independent pieces of code.  Open vSwitch, on the other hand, has pioneered what might be called a "table-driven" pipeline.  This talk will elaborate on this distinction and explain the pros and cons of each approach in terms of program structure and performance.


Monday November 7, 2016 9:50am - 10:10am


Morning Break
Monday November 7, 2016 10:10am - 10:30am
Level 2 Foyer


BPF: Next Generation of Programmable Datapath- Thomas Graf, Cisco Systems
This session covers lessons learned while exploring BPF to provide a programmable datapath based on BPF and discusses options for OVS to leverage the technology.


Thomas Graf

Software Engineer, Cisco Systems
Contributor to OVS, Linux kernel and various other open source projects.

Monday November 7, 2016 10:30am - 10:55am


Using eBPF to Accelerate OVS Datapath- Nic Viljoen, Netronome
The advent of eBPF in the form of cls_bpf or XDP allows increased performance through the use of a super fast path at the base of the
kernel stack (cls_bpf) or even below the kernel stack (XDP). eBPF is being investigated currently as a way to improve core OVS functionality. However this talk will look to extend OVS through the use of a flow cache based on eBPF maps that will focus on exact matching of previously identified flows. The talk will outline the architecture of the proposed eBPF based system and how the architectures would differ if using cls_bpf or XDP. Finally we will outline an offload model which should be simple and transparent for this type of flow cache, which could be tied in to also include the data path itself.

avatar for Nic Viljoen

Nic Viljoen

Software Engineering, Netronome
Nic works on upstream solutions using SmartNICs, focusing on the interaction between SmartNICs and the Linux kernel using the upstream BPF JIT for the Netronome NFP processor.

Monday November 7, 2016 10:55am - 11:20am


Offloading OVS Flow Processing Using eBPF- William Tu, VMware
This work presents the design and implementation of an OVS prototype using eBPF, called OVS-eBPF. The OVS-eBPF aims to replace the kernel datapath of the current OVS implementation, and offloads the flow parsing, matching, and action execution in an eBPF program residing in Linux kernel. As a result, OVS-eBPF removes the dependency of OVS userspace code from the OVS kernel module. In addition, OVS-eBPF takes advantages of XDP (eXpress Data Path), a new fast path recently added to the kernel, and offloads certain part of the OVS datapath logic into the driver level. The preliminary performance evaluation will be presented.

avatar for WilliamTu (Cheng-Chun)

WilliamTu (Cheng-Chun)

William Tu (Cheng-Chun) is a senior MTS working in VMware OVS team. He is currently designing and implementing the eBPF datapath for the Open vSwitch.

Monday November 7, 2016 11:20am - 11:45am


Monday November 7, 2016 11:45am - 12:45pm


Coupling the Flexibility of OVN with the Efficiency of IOVisor: Architecture and Demo- Fulvio Risso and Matteo Bertrone, Politecnico di Torino, Italy
The Open Virtual Network (OVN) project aims at providing a high-level abstraction to virtualized networking services and currently relies mostly on the widely used Open vSwich (OVS) software to implement the data plane. A recent project at Politecnico di Torino (Italy) (https://github.com/netgroup-polito/iovisor-ovn) argues that OVS may be a limiting factor in a scenario where high-level services (routers, NATs, firewalls, load balancers, etc.) are considered. Consequently, it proposes to extend the current OVN backend with the IOVisor technology, hence creating a new data plane that is semantically equivalent to the original OVS-based one, albeit based on IOVisor. The main advantages of this approach are the following:
(i) IOVisor is highly programmable and it can efficiently implement all the services that are required by OVN (and OpenStack), hence overcoming the current limitations when processing packets based on OpenFlow 1.x primitives;
(ii) IOVisor is flexible enough to support services that go beyond the classical network primitives currently deployed in virtualized networks, hence potentially being used in other contexts as well (e.g., storage);
(iii) IOVisor is natively available in the most recent Linux kernels, hence reducing the amount of software that has to be installed/upgraded in order to implement this solution;
(iv) IOVisor can be integrated with the Express Data Path technology (XDP), currently under the development within the Linux community, to accelerate network I/O in virtualized services.

This talk will provide a brief overview of the IOVisor-OVN project, its overall architecture, and future directions. It will be followed by a demo showing a vanilla OpenStack Mitaka that can handle basic networking functions (e.g., LANs) through our experimental IOVisor-OVN software, without any modification in the OpenStack code base except than the necessity of turning on the OVN Neutron mechanism driver.


Matteo Bertrone

Project architect and developer, M.Sc. student @ POLITO, Politecnico di Torino, Italy
Matteo Bertrone (born in 1992) is currently M.Sc. student at the Department of Control and Computer Engineering of Politecnico di Torino, Italy, where is expected to graduate next December. He obtained the B.Sc. in Computer Engineering in 2014 with the same University, with the highest... Read More →

Fulvio Risso

Project leader, Associate Professor @ POLITO, Politecnico di Torino, Italy
Dr. Fulvio Risso (born in 1971) is Associate Professor at the Department of Control and Computer Engineering of Politecnico di Torino, Italy. He received the M.Sc. degree in Computer Engineering in 1995 and the Ph.D. in Computer and System Engineering from Politecnico di Torino in... Read More →

Monday November 7, 2016 12:45pm - 1:10pm


Scaling the OVN Control Plane in OVS 2.6.0- Ryan Moats and Liran Schour, IBM
This talk describes our experiences with scaling the OVN control plane. We present three separate technologies introduced in 2.6.0 - conditional monitoring (allowing clients to monitor database changes selectively), incremental processing (when N flows change at the chassis, only do O(N) calculations), and using mutate operations on the NB wire. Each technology includes performance data and findings. Lastly, we will present data showing the current "hot points" that needs addressing for OVN to continue to scale.

avatar for Ryan Moats

Ryan Moats

Senior Software Engineer, IBM
Ryan has over twenty-five years of experience in networking and twenty years in Opensource and holds a Master Degree in Electrical Engineering from the University of Kansas
avatar for Liran Schour

Liran Schour

Virtualization research, IBM
Network virtualization researcher for the last 10 years at IBM.

Monday November 7, 2016 1:10pm - 1:35pm


Wepoq-OVN, an L4 Gateway for Extended Endpoints- Gabe Beged-Dov, Prismod System, LLC
OVN includes multiple ways for external layer 2 and layer 3 workloads or endpoints to communicate with native Logical Switch Ports (LSP) on an OVN Logical Switch (LS). In this talk, I will describe a simple gateway design which enables external endpoints to efficiently connect to LS using their L4 address and appear to be native OVN LSP.

Some of the potential benefits of Wepoq-OVN include:

* ease of some dev and test scenarios by mapping L4 apps directly to LSP.
* higher port density on OVN transit node since netdev are not local.
* lighter weight endpoint creation in constrained or sandboxed environments, no need for --cap-add=NET_ADMIN to add ports.

Wepoq-OVN usage will be demonstrated in both the ovs-sandbox (dummy datapaths) and just-ovn-nodes (real datapaths) environments.


Gabe Beged-Dov

Consultant, Prismod Systems, LLC
Gabe Beged-Dov has been involved in internet software and architecture for several decades. His recent focus is on next generation networking and near real-time communications.

Monday November 7, 2016 1:35pm - 2:00pm


Service Function Chaining and OVN- Louise Fourie and Farhad Sunavala, Huawei; John McDowall, Palo Alto Networks; and and Flavio Fernandes, IBM

The ability to dynamically to create and modify service chains of multiple virtual network functions is a critical component enabling the deployment of network function virtualization.


This presentation will show how service function chaining may be added to OVN and how it may be integrated with OpenStack networking service function chaining. It will cover the details of extensions to the OVN schema, the OVN logical flow model, nb-ctl commands. The OVN driver for Neutron networking-sfc will also be described.

While OVN SFC is CMS agnostic, the combination of the OVN and OpenStack SFC will enable the delivery of advanced service chaining use cases with a standard Openstack interface and implementation.

We will provide a short demo to show our initial implementation of SFC in OVN, and go over the future work items in this area. We are very much interested in fostering participation and feedback from folks who use SFC.

avatar for Flavio Fernandes

Flavio Fernandes

Senior Software Network Developer, IBM
Flavio is a senior software network developer at IBM cloud. Lately, he has been deeply involved with Open Virtual Network for the Open vSwitch project. Prior to IBM, Flavio also worked with SDN technologies at Red Hat and Plexxi. At Red Hat, he was a core contributor to the OpenDaylight... Read More →
avatar for Louis Fourie

Louis Fourie

Senior Staff Engineer, Huawei
Louis Fourie is currently a senior staff engineer working on network virtualization, cloud services, and SDN technologies at Huawei Technology USA. Louis is an active contributor to the service chaining work in several organizations including OpenStack, ONF, ETSI NFV, IETF, and O... Read More →
avatar for John McDowall

John McDowall

SDN and Virtualization Architect, Palo Alto Networks
John McDowall is SDN/Virtualization Architect at Palo Alto Networks where he is working on the dynamic insertion of security policy into virtual environments and clouds. Previously he was at Cisco where he developed the programmable network architecture that played a key role in Cisco’s... Read More →

Farhad Sunavala

Principal Engineer, Huawei
Farhad is currently a principal architect/engineer working on Network Virtualization, Cloud service, and SDN technologies at Huawei Technology USA. He has led several wireless projects in Huawei including virtual EPC, service function chaining in Gi LAN, etc. Prior to Huawei, he worked... Read More →

Monday November 7, 2016 2:00pm - 2:25pm


Afternoon Break
Monday November 7, 2016 2:30pm - 2:50pm
Level 2 Foyer


OVS Hardware Offload Discussion Panel- Moderator, Joe Stringer, VMware and Panelists- Ethan Jackson, UC Berkeley; Rony Efraim, Mellanox; Nick Viljoen, Netronome.com; John Fastabend, Intel

A variety of proposals have been floated around the idea of accelerating the OVS datapath using hardware. This session intends to take a deeper look at partial offload (offloading the OVS classifier) and full offload (via flow-based classifier+actions offload, or via eBPF). The discussion will involve targeted use cases, hardware capabilities, determining when it's possible (and worthwhile) to push work down to hardware, software fallback mechanisms, and any other relevant topics.


Ethan Jackson

Ethan Jackson is a PhD student at Berkeley and a major contributor to Open vSwitch.
avatar for Nic Viljoen

Nic Viljoen

Software Engineering, Netronome
Nic works on upstream solutions using SmartNICs, focusing on the interaction between SmartNICs and the Linux kernel using the upstream BPF JIT for the Netronome NFP processor.

Monday November 7, 2016 2:50pm - 3:30pm


Skydive, a Real-Time Network Analyzer- Sylvain Baubeau, Red Hat
In this presentation we will introduce Skydive which is an open source network analyzer for SDN network infrastructure. We will explain how Skydive can help to visualize, troubleshoot and monitor OVS based network topologies. We will describe how it can be used with OpenStack but also in a container based environment. We will provide some features and design key points.


Sylvain Baubeau

Principal Software Engineer, Red Hat

Monday November 7, 2016 3:30pm - 3:55pm


OvS-DPDK Usability Improvements for Real-World Applications- Aaron Conole, Red Hat, Robin Giller and Bhanuprakash Bodireddy, Intel
The DPDK datapath in OvS significantly boosts OvS' data plane performance, making OvS-DPDK an attractive vSwitch option in an NFV infrastructure (NFV-I) for Telco work-loads. While crucially important for NFV deployments, the improved performance is only half the story. For success in NFV, the DPDK-accelerated virtual switch requires straight forward installation and configuration through standard tools, ease of use, and seamless integration with OpenStack to provide functionality important to the end user in a real-world deployment scenario. VMWare, Red Hat, and Intel have made great strides in recent versions of DPDK-accelerated Open vSwitch with an effort toward meeting these usability requirements.

In this paper, we describe the usability improvements made in DPDK and OvS code bases. The work covered includes debug tools, command line options, and documentation needed to enable the integrated solution. An example system setup demonstrates the ease of both deployment and debugging of a DPDK-accelerated OvS in an OpenStack managed NFV environment, showcasing the features and performance achievable.


Bhanuprakash Bodireddy

Software engineer, Intel Corporation
Bhanuprakash is a software engineer at Intel Corporation focusing on virtual switching solutions. Before joining Intel he has been involved in building Telecom solutions for Asian mobile operators and had significant contributions towards fastpath optimization in vEPC. He also worked... Read More →
avatar for Aaron Conole

Aaron Conole

Red Hat

Robin Giller

Program Manager, Intel Corporation
Robin is a program manager in Intel's Network Platforms Group, with specific focus on virtual switching, networking and NFV

Monday November 7, 2016 3:55pm - 4:20pm


Evolving Stateful Firewalling: OVS+iptables, OVS+Conntrack, and Conntrack Acceleration- John Hurley, Netronome
The evolution of virtual switches means that security groups can now be supported directly on the switch rather than across attached Linux bridges, and may be managed by higher level tools such OVN. The latest Open vSwitch release (2.5) handles this by interfacing to the Linux kernel connection tracking (Conntrack) module, improving the performance and granularity of security group implementations. This presentation describes Conntrack within Open vSwitch and investigates techniques for further improving performance. It concludes by exploring the performance and CPU utilization benefits achievable by offloading connection tracking operations to Smart NICs.


John Hurley

Lead Software Engineer, Red Hat
John has been working with Netronome for 4 years looking at the acceleration of SDN and virtual switching using multiple generations of Netronome’s Flow Processors and Intelligent Server Adapters. Prior to this he has been involved in academic research into network analytic and... Read More →

Monday November 7, 2016 4:20pm - 4:45pm


Closing Session
Monday November 7, 2016 4:45pm - 5:00pm
Tuesday, November 8


Registration and Continental Breakfast
Tuesday November 8, 2016 8:00am - 8:45am
Level 2 Foyer


PISCES: A P4-Enabled Open vSwitch- Muhammad Shahbaz, Princeton University and Cian Ferriter, Intel
Hypervisors use software switches to steer packets to and from virtual machines (VMs). These switches frequently need upgrading and customization---to support new protocol headers or encapsulations for tunneling and overlays, to improve measurement and debugging features, and even to add middlebox-like functions. Software switches are typically based on a large body of code, including kernel code, and changing the switch is a formidable undertaking requiring domain mastery of network protocol design and developing, testing, and maintaining a large, complex codebase. Changing how a software switch forwards packets should not require intimate knowledge of its implementation. Instead, it should be possible to specify how packets are processed and forwarded in a high-level domain-specific language (DSL) such as P4, and compiled to run on a software switch. We present PISCES, a software switch derived from Open vSwitch (OVS) DPDK-based implementation, a hard-wired hypervisor switch, whose behavior is customized using P4. PISCES is not hard-wired to specific protocols; this independence makes it easy to add new features. We also show how the compiler can analyze the high-level specification to optimize forwarding performance. Our evaluation shows that PISCES performs comparably to native OVS's DPDK-based implementation and that PISCES programs are about 40 times shorter than equivalent changes to OVS source code.


Cian Ferriter

Software Engineer, Intel
Cian Ferriter is a Software Engineer at Intel, Ireland. His current work focuses on adding support for P4 in OVS. Specifically, he is working on building a programmable micro-flow cache, configured via P4.
avatar for Muhammad Shahbaz

Muhammad Shahbaz

Graduate Student, Princeton University
Muhammad Shahbaz is a third year Ph.D. student in the Department of Computer Science at Princeton University. His research focuses on the application of software-defined networking (SDN) in campus, enterprise and wide-area networks, network measurement and testing, and language abstractions... Read More →

Tuesday November 8, 2016 8:45am - 9:10am


IP Forwarding with OVS- Romain Lenglet, Oracle Public Cloud
Tips and tricks to implement IP packet forwarding using OVS.

avatar for Romain Lenglet

Romain Lenglet

Tech Lead, Oracle Public Cloud
Worked on several network virtualization systems since 2010.

Tuesday November 8, 2016 9:10am - 9:35am


OVS for Containers with Weave Net- Martynas Pumputis, Weaveworks
Open vSwitch provides a rich set of techniques for building custom networks. In this talk we show how Weave Net leverages OVS to implement an L2 overlay network for a multi-host communication among containers.

First, we present a motivation for basing the implementation on OVS. Next, we demonstrate a distributed control plane of Weave Net, including means to control in-kernel components of OVS. Finally, we describe problems encountered while integrating Weave Net with OVS.

avatar for Martynas Pumputis

Martynas Pumputis

Software Engineer, Weaveworks
Martynas works as a Software Engineer at Weaveworks. He is a recent graduate of ETH Zurich, who spends the majority of his time programming systems. When he is not hacking, most likely you can find him climbing the rock.

Tuesday November 8, 2016 9:35am - 10:00am


Morning Break
Tuesday November 8, 2016 10:05am - 10:25am
Level 2 Foyer


DPDK vHost User Improvements and Their Benefit to the DPDK Datapath in OVS- Ciara Loftus, Intel
DPDK libraries accelerate packet processing in Open vSwitch for both physical and virtual interfaces. vHost User is the defacto standard virtual interface accelerated by DPDK that provides a high bandwidth path to VMs and VNFs for NFV use cases. This presentation will describe the many new vHost User features that are available in DPDK today and that OVS leverages in order to provide a feature-rich accelerated virtual interface for NFV.
After a brief introduction to the vHost User standard, the most recent developments in the standard will be described. Several new features have been integrated into OVS in the last year, including vHost User NUMA-Awareness, vHost User client-mode and vHost User reconnect. An overview of each of these features will be presented, along with the associated performance improvements from both the typical throughput perspective as well as the functional perspective.
To conclude, some of the future improvements will be discussed, including the vHost PMD and the virtio-user concept. Finally some discussion on general performance enhancements that are in development which aim for DPDK vHost User to reach the maximum achievable performance with the existing vHost User standard.


Ciara Loftus

Network Software Engineer, Intel
Developer currently working for Intel based in Shannon, Ireland. 2 years' experience developing patches for the OVS community amongst other open source projects. Implemented OVS support for vHost Cuse & vHost User ports, vHost User NUMA Awareness, vHost User client-mode & reconnect... Read More →

Tuesday November 8, 2016 10:25am - 10:50am


Hierarchical Flow Classification Enhancements for OVS MegaFlow Cache- Sameh Gobriel and Charlie Tai, Intel
OVS MegaFlow Cache classifier uses Tuple Space Search to implement flow classifications with wildcard matches. The flow table is divided into a series of hash tables called sub-tables, each of which represents a unique wildcard mask, and is searched sequentially during lookup until a match is found. Tuple Space based implementation outperforms others (e.g. Trie based implementation) for lookup performance especially when the flow insert/update rate is high which is the case for OVS. However, the sequential search of sub-tables may become a bottleneck as the number of sub-tables (i.e., number of unique wildcard masks) increases. In this presentation we will describe a new hierarchical lookup scheme that improves the lookup performance by avoiding the sequential search of sub-tables. Given a flow id, the first-level lookup will determine with very high-probability which sub-table this flow-id belongs to, followed by a single second-level lookup of the specified sub-table to determine a match or not. Using this two-level hierarchical lookup we improve the lookup performance of MegaFlow Cache by about 2X-3X.


Sameh Gobriel

Research Scientist, Intel

Charlie Tai

Director, Networking Platforms Lab, Intel

Tuesday November 8, 2016 10:50am - 11:15am


OvS-DPDK Keep Alive + Monitoring Frameworks (Collected, Snap)- Maryam Tahhan and Bhanuprakash Bodireddy, Intel
Providing carrier grade Service Assurance is critical and an essential ingredient in the network transformation to a software defined and virtualized network (NFV). Medium-/large-scale cloud environments account for between hundreds and hundreds of thousands of infrastructure systems. It is vital to proactively and predicatively protect service availability and performance by monitoring the systems for malfunctions that could lead to users’ application service disruption.

OvS-DPDK provides a compelling solution to Cloud service providers deploying NFV in their infrastructure. Monitoring the health and performance of virtual switch is essential in service assurance solution and can be handled by keep-Alive mechanism. DPDK Keep Alive (KA) is a feature that acts as a heartbeat/watchdog for DPDK packet processing cores, to detect application thread failure. The purpose is to ensure the failure of the core does not result in a fault that is not detectable by a management entity. The KA feature in DPDK supports the exposure of the core state of DPDK processing cores to external monitoring applications such as collectd/ Snap. Collectd is a system statistics daemon and Snap is an open telemetry framework. Both expose platform metrics and events to higher level fault management applications that promptly react to these faults in order to facilitate more resilient and performant telco/NFV clouds.

This talk will provide an overview of the Keep Alive feature for OVS as well as an overview of how that feature is exposed through collectd and Snap to fault management applications.


Bhanuprakash Bodireddy

Software engineer, Intel Corporation
Bhanuprakash is a software engineer at Intel Corporation focusing on virtual switching solutions. Before joining Intel he has been involved in building Telecom solutions for Asian mobile operators and had significant contributions towards fastpath optimization in vEPC. He also worked... Read More →
avatar for Maryam Tahhan

Maryam Tahhan

Network Software Engineer, Intel Corporation
Maryam Tahhan is a Network Software Engineer at Intel Corporation. Her focus has been on virtual switching, virtual switch performance and enabling service assurance features in DPDK. She leads 2 open source projects in OPNFV: VSPERF (vSwitch Performance Characterization) and SFQM... Read More →

Tuesday November 8, 2016 11:15am - 11:40am


Tuesday November 8, 2016 11:45am - 12:45pm


Quilt- Ethan Jackson, Student
Recent industry trends indicate a shift toward programmatic management of distributed infrastructure. While the benefits of infrastructure APIs are widely understood, decidedly less attention has been paid to the design of such APIs. The de facto standard approach – a RESTful inter- face paired with a YAML representation – leads to unnecessary complexity for both container orchestrator implementations and distributed application developers.

We argue that a better API for programmatic infrastructure is a general-purpose programming language. Such a language allows specification of distributed applications with strong primitives for abstraction, composition, and sharing, all while allowing deployment engines to remain ignorant of high level constructs.

We present Quilt, an open source project that demonstrates these principles with two components: first Quilt.js, a JavaScript framework tailored to distributed application specification and second the Quilt Reference Implementation which deploys Quilt.js specifications across multiple cloud providers.


(1) The quilt reference implementation relies heavily on OVN following a use case that's quite a different than what you'd see in something like OpenStack. I think 2 minutes on our use case, success, and problems with OVN may be interesting.

(2) Quilt layers a very high level interface for interacting with networks (much more abstract than traditional network virtualization) *above* OVN. This in and of itself may be interesting to the OVS community -- the upstream API is critically important, though not as emphasized as the dataplane. Quilt presents a new way to think about it.


Ethan Jackson

Ethan Jackson is a PhD student at Berkeley and a major contributor to Open vSwitch.

Tuesday November 8, 2016 12:45pm - 12:50pm


User Friendly vNetworks- Nishanth Devarajan, Student
OVN with OVS provide versatile networking functions, but unfortunately the user friendliness of OVN reduces drastically with the complexity of a use case. This would be a hinderance to OVN adoption assuming that its versatility is to increase in the future, given the current state of flux in the networking area.

Flaws - pertaining to situations where user friendliness is compromised - that were discerned, will be listed and briefly explained. Specifically use cases where such flaws tend to severely compromise on user friendliness will be demonstrated. For example, consider ovn-sbctl lflow-list. For a simple use case, the command produces a long list of hard-to-read flow rules within the terminal window. A simple inbuilt piping feature, listing the output of the command in a temporary output text file is an effective way of improving on user friendliness.

The session will end on the importance and need of user friendliness going forward, with the rise of programmable data planes and network programming.

avatar for Nishanth Devarajan

Nishanth Devarajan

B.Tech final year CS student, Indian Institute of Technology, Roorkee

Tuesday November 8, 2016 12:50pm - 12:55pm


FAASt Keyless Entry to Docker Multi-Host Networking with OVN and Wepoq- Gabe Beged-Dov
Function As A Service (FAAS) is a hot topic in the cloud tech space
these days as is Docker Multi host networking so why not combine them
and see what happens! The main focus is on the multi-host networking
but the FAAS topic may also be of interest to OVN enthusiasts.

This talk demonstrates how you can use OVN and a few small extensions
from Wepoq-OVN (see separate talk) to achieve a simple FAAS demo of a
Q&A game. It does not use docker or docker-ovn to implement multi-host
networking and instead relies on vanilla OVN to maintain cluster


Gabe Beged-Dov

Gabe Beged-Dov has been involved in internet software and architecture for several decades. His recent focus is on next generation networking and near real-time communications.

Tuesday November 8, 2016 12:55pm - 1:00pm


Open vSwitch 2.6 and OVN on Solaris- Lokanath Das, Oracle
This lightning talk will provide key insights into porting OVS 2.6 & OVN on additional platforms such as Oracle Solaris. This talk will also discuss how to leverage the existing dpif netlink code for smoother migration.


Lokanath Das

"Lokanath Das is a Principal Software Engineer in the Solaris Networking Group at Oracle. His current efforts include Open vSwitch support on Solaris and SDN applications development using the OpenDaylight platform. | "

Tuesday November 8, 2016 1:00pm - 1:05pm


P4-Enabled NICs - Acceleration of OVS- Petr Kastovski, Netcope Technologies
P4 provides a way to describe custom packet processing chain that involves header parsing, field matching, decision making and assembling modified packets. The language is target independent and can be mapped to CPUs, FPGAs, NPUs. While originally intended for use in (possibly virtual) network switches, P4 may also find applications when integrated into servers’ network interface cards. In this talk we will propose several use cases utilizing P4-programmable NIC to accelerate/offload packet processing in concert with the network and applications, such as traffic steering to CPU cores, filtering, en/decapsulation for VNF chaining. Regarding implementation, we will provide results of our ongoing R&D efforts towards fully P4-programmable FPGA-based 100 GE NIC. Making full use of FPGA’s structural reconfigurability and massive parallelism, we were able to achieve throughput of 100 Gbps for most packet lengths. Through the talk we would like to initiate a discussion that would bridge the gap between OVS experts and NIC designers and programmers with the goal to accelerate OVS using P4-enabled fully programmable NICs.

avatar for Petr Kastovsky

Petr Kastovsky

CEO, Netcope Technologies
Petr, as a former Linux kernel device driver programmer and a digital hardware designer, has a profound understanding of Netcope's products functioning. The key products that he helped to launch to the market are the world's first 100GE network card for PCI Express interface and P4... Read More →

Tuesday November 8, 2016 1:05pm - 1:10pm


Optimizing Communications-Grade TCP Workloads in an OvS-Based NFV Deployment- Mark Kavanagh, Intel
When service providers evaluate virtualization of their network infrastructure, one of the key areas of focus is TCP performance, a critical primitive for many of their end-to-end network services.

This talk describes an approach for optimizing throughput of TCP-based workloads in an Open vSwitch with DPDK (OvS-DPDK) setup. Our method involves implementing support for DPDK’s TCP Segmentation Offload (TSO) feature within OvS-DPDK as the primary performance booster. We additionally describe a tuned software configuration that, in concert with DPDK’s TSO and vHost multi-queue features, has demonstrated optimal performance for TCP workloads. Finally, we outline how to implement an OvS-based virtualized TCP workload test server, and three key test scenarios that reflect real-world workloads.

In an analysis of the test results, we found that our accelerated virtualized broadband speed test server could process external requests with an average throughput of 9.35Gbps over a 10Gbps network connection. In addition, the same virtualized server was able to process internal workloads with an average throughput of 40Gbps. These figures constitute performance gains of 2.4x and 10x, respectively over baseline figures. Consequently, we conclude that the TCP performance optimizations we implemented result in an optimal NFVI capable of handling communications-grade Network Functions Virtualization (NFV) TCP workloads in a real-world deployment. This was all made possible with the close collaboration between Intel and one of its flagship customers.


Mark Kavanagh

Network Software Engineer, Intel Corporation
Mark Kavanagh is a network software engineer with Intel. His work is primarily focused on accelerated software switching solutions in user space running on Intel® architecture. His contributions to Open vSwitch with DPDK include incremental DPDK version enablement, Jumbo Frame support... Read More →

Tuesday November 8, 2016 1:10pm - 1:35pm


NUMA-Aware Open vSwitch w/ DPDK for High-Performance NFV Platform- Kazuki Hyoudou, Fujitsu
The number of Virtual Machines (VMs) which can be executed in a box is one of the most important characteristics for the NFV platform.
Most easy way to increase VMs in a box is to use multi-socket server employing Non-Uniform Memory Access (NUMA) architecture.
It, however, needs to overcome the well-known issue of the significant performance decrease caused by resource placements in the memory of NUMA nodes.

In the current implementation of Open vSwitch netdev-DPDK, the structure for DPDK ports are allocated only on the memory of NUMA node to which NIC is connected.
Thus, if the VM with virtio-net is running on a NUMA node different from the node to which NIC is connected, its throughput decreases significantly.

We propose a NUMA-aware Open vSwitch w/ DPDK for High-Performance NFV Platform. In our proposal, the NIC directly accesses to the memory of NUMA node on which
VM is running by using its DMA. This significantly reduces the performance decrease caused by the resource replacement mentioned above.

We will present our trial implementation for NUMA-aware Open vSwitch w/ DPDK and preliminary evaluation results.


Kazuki Hyoudou

Researcher, Fujitsu
Kazuki Hyoudou received his Ph.D in Engineering from the University of Electro-communications, Tokyo, Japan in 2005. He joined Fujitsu Laboratories Ltd., Kawasaki, Japan in 2008. He is currently engaged in research on network virtualization, NFV acceleration and offloading as a R... Read More →

Tuesday November 8, 2016 1:35pm - 2:00pm


OvS-DPDK Performance Optimizations to Meet Telco Needs- Jan Scheurich, Ericsson AB and Mark Gray, Intel
The DPDK datapath has significantly boosted the OvS data plane performance and made OvS an attractive vSwitch option in data centers where metrics like throughput, latency and jitter are key. A typical example would be an NFV infrastructure (NFV-I) for Telco work-loads, in particular user-plane applications such as virtual Packet or Enterprise Gateway. Certain IT clouds have similarly high requirements on networking performance.

At the same time there is a strong trend to replace simple, early DC networking solutions (L2 only, VLANs for tenant separation on the underlay) by fully SDN-controlled virtual networking using overlay technologies like VXLAN, GRE or Geneve and providing advanced services like L3-VPN, NAT, FW or load balancing.

OvS should be able to sustain its performance also with complex SDN pipelines, tunneling, and traffic generated by a large number of end-users. We benchmarked the performance of OvS 2.5 in a typical L3-VPN configuration using VXLAN tunnels against other DPDK vSwitches and found that OvS was underperforming in some important use cases.

In this talk we will explain the bottlenecks that Ericsson and Intel have jointly identified as main reasons for these performance gaps and describe what we are doing together to remedy them. Some key improvements have already been up-streamed to OvS 2.6 giving an 50-80% performance boost. Others are still work in progress. We are confident that with those OvS-DPDK will provide top vSwitch performance over a wide range of Telco NFV use cases.

One important learning from our collaboration is the benefit of bringing together different expertise and ideas and working closely together to achieve a common goal.


Mark D. Gray

SW Engineer, Intel
Mark is a software engineer at Intel working on server networking technologies with a focus on virtual switching. Mark is a contributor to Open vSwitch and was the maintainer of the OVDK project.
avatar for Jan Scheurich

Jan Scheurich

Senior Specialist Cloud and SDN, Ericsson
Jan has been working with Ericsson for most of his professional career with various networking products, such as Mobile Soft-switch and Packet Core. Since 2011 Jan is part of Ericsson's System and Technology organization working with Software-defined Networking in general and in the... Read More →

Tuesday November 8, 2016 2:00pm - 2:25pm


Afternoon Break
Tuesday November 8, 2016 2:30pm - 2:50pm
Level 2 Foyer


Faucet - Open Source SDN Control Plane for Production Networks- Shivaram Mysore, TrustStix Inc/ONF
Faucet is a SDN Controller that enables a Openflow switch to be a drop in replacement for L2/L3 switch with extra SDN based functionality. Written in Python, under Apache 2 License, it is developed as an application for Ryu SDN Controller.

Faucet and its applications are primarily targeted towards Enterprise & Campus segments and operated by regular Linux sysadmins with no special requirements for SDN controller ninja skills. Installation should take no more than 30 minutes with ability to upgrade controller in

avatar for Shivaram Mysore

Shivaram Mysore

Founder, Service Fractal Inc
Serial entrepreneur with significant contribution to 26~ revenue generating products. Founded and grew businesses with a total estimated value of $25+ Million. Managed budgets up to $7 Million. Proven results oriented business leader with strong interpersonal and communication skills... Read More →

Tuesday November 8, 2016 2:50pm - 3:15pm


Deploying a Stateful and Fault Tolerant Virtual Gateway Using Open vSwitch in a Sotware Defined WAN- Sabyasachi Sengupta, Alcatel-Lucent
With growing deployment of virtual switches as gateways in a Software Defined WAN (SDWAN) enabled branch, there is ever growing need to improve reliability by making it fault tolerant and highly availabile. One of the popular means of achieving high availability is provisioning redundant gateways that operates as an active-passive pair. In production of enterprise networks of large corporations such as branches of banks, where connectivity between cloud data centers and the branch is critical, a fault tolerant network needs to guarantee minimal traffic loss and maximal state replication of the "authoritative" gateway at the "secondary" gateway in steady state. Modern day virtual networking switches are known to offer additional services such as DHCP server, NAT/PAT support etc. If these states are saved persistently in the authoritative gateway, such state need to be synced continuously to the secondary as seamlessly as the heartbeat exchange of the two gateways. Open vSwitch is often used at the heart of such a Virtual Network in SDWAN and supports various heartbeat exchange mechanisms such as Bidirectional Forwarding Detection (BFD, RFC5880) that detects faults in the forwarding path between two forwarding engines. This paper illustrates an extension to RFC5880 for implementing a notion of mastership role to each access link that is managed by the virtual switch. When one of the links (ports) fail at the authoritative gateway and BFD link fail detection occurs, the secondary gateway automatically takes over the ownership of passing traffic thereby assuming temporary mastership until link is restored. With a stateful synchronization of all the state of the primary gateway, the secondary not only reads the peer state and continues to operate seamlessly with same state as primary, but also performs all the networking services just as the original authoritative gateway would have done. While building networks of scale in a Software Defined Networking paradigm, the mastership configuration can be applied on the gateway through an openflow controller, which can relay the config that is provisioned at openstack director UI.


Sabyasachi Sengupta

Principal SW Engineer, Alcatel-Lucent
Software Engineer

Tuesday November 8, 2016 3:15pm - 3:40pm


SR-IOV and OVS on Solaris- Venu Iyer, Oracle and Ramkrishna Vepa, Oracle
This session will discuss the status of OVS on Solaris. We will also discuss the requirements and potential approach for OVS offload (including partial) on PF and SR-IOV VFs on Solaris. The talk will highlight the benefits and challenges of OVS offloads on SR-IOV.


Venu Iyer

Senior Principal Software Engineer, Oracle Inc.
16+ years of experience designing and developing features, including OVS, VXLAN, Driver interface, DCB, EVB, QoS etc., in the Oracle Solaris networking stack. Presently, leading SDN related projects in Oracle Solaris.

Ramkrishna Vepa

Senior Principal Software Engineer, Oracle Inc.
20+ years of networking and system software development experience. Ram is a Senior Principal Software Engineer at Oracle Corporation working in the Solaris Networking group since 2013. Prior to joining Oracle he worked at Intel Corporation, Neterion, 3Com Corporation and Advanced... Read More →

Tuesday November 8, 2016 3:40pm - 4:05pm


OVS on Microsoft Hyper-V- Nithin Raju and Sairam Venugopal, VMware, Alin Serdean and Alin Balutoiu, Cloudbase Solutions Srl

This talk will highlight the roadmap and features supported by OVS on Hyper-V. We will showcase support for Stateful firewall and containers with a brief demo. This is a collaborated effort between VMware, Inc. and Cloudbase Solutions Srl. 

- Stateful Firewall Support
- Support for GRE and Geneve tunneling
- Multiple NICs support
- Packet recirculation
- Bug fixes and unit tests

avatar for Nithin Raju

Nithin Raju

Manager, VMware
Open vSwitch for Hyper-V.

Sairam Venugopal

OVS on Windows

Tuesday November 8, 2016 4:05pm - 4:30pm


Closing Session
Tuesday November 8, 2016 4:30pm - 4:45pm