OpenStack Liberty Design Summit has ended
Back To Schedule
Thursday, May 21 • 9:50am - 10:30am
Taking Security Groups To Ludicrous Speed with Open vSwitch

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Open vSwitch (OVS) has long been a critical component of the Neutron's reference implementation, offering reliable and flexible virtual switching for cloud environments. 

Being an early adopter of the OVS technology, Neutron's reference implementation made some compromises to stay within the early, stable featureset OVS exposed.  In particular, Security Groups (SG) have been so far implemented by leveraging hybrid Linux Bridging and IPTables, which come at a significant performance overhead.  However, thanks to recent developments and ongoing improvements within the OVS community, we are now able to implement feature-complete security groups directly within OVS.

In this talk we will summarize the existing Security Groups implementation in Neutron and compare its performance with the Open vSwitch-only approach. We hope this analysis will form the foundation of future improvements to the Neutron Open vSwitch reference design.

avatar for Thomas Graf

Thomas Graf

Kernel and OVS Developer, Noiro Networks (Cisco)
Thomas Graf has been a Linux kernel developer for 10 years, working on a variety of networking subsystems. His current focus is on network virtualization and SDN. He contributes to various open source projects, such as the Linux kernel and Open vSwitch. Thomas is currently at Noiro... Read More →
avatar for Ivar Lazzaro

Ivar Lazzaro

Software Engineer
I am a software engineer driven by genuine passion and curiosity for computer science. I have mostly been focusing on building fast and scalable distributed systems, in particular for network centric environments. Dived into Openstack as part of my Master thesis, my interest in it... Read More →
avatar for Justin Pettit

Justin Pettit

OVS Core Developer
Justin Pettit is a lead developer on the Open vSwitch project. He was a founding employee at Nicira and is currently working at VMware. He was a co-creator of OpenFlow, working on both the specification and reference implementation. In addition to working on Open vSwitch, he is involved... Read More →

Thursday May 21, 2015 9:50am - 10:30am
Room 118/119/120

Attendees (0)