The Open vSwitch agent manages connectivity among virtual switches and supports interaction via virtual ports with other network components such as namespaces to provide network isolation, and Linux Bridges to support security groups. Integration Bridge in compute node supports interfaces to virtual machines. The Open vSwitch agent creates the following OVS bridge interfaces as per configuration options.
The Integration Bridge is usually named br-int
and each instance is plugged into the it via a veth port. This carries traffic to and from the instance (VM) via a Linux Bridge.
Figure 3: OVS on a compute node
Open vSwitch (OVS) cannot connect with iptables to implement security groups. Linux Bridge is used between each instance (VM) and the OVS Integration Bridge br-int
to implements security groups. Linux Bridge the traffic between the veth peer port and tap interface which connects to the instance.
The br-int
adds a VLAN ID tag to the packet header...