I had a reader contact me recently with some questions regarding the use ofOpen vSwitch (OVS) on Debian “Jessie” 8.5 and using the OVS integration with the Debian network scripts. For those of you that might be unfamiliar with this functionality, it’s the ability to configure OVS via instructions and directives found in the /etc/network/interfaces
file. As I was helping this reader, I came across a couple potential “gotchas” that I wanted to point out here.
First, I’ll point you to the documentation for the Debian network scripts integration, which is found in this file in the “Debian network scripts integration” section. This documentation provides the complete breakdown of the various commands that can be used in /etc/network/interfaces
to configure OVS.
Based on that documentation, you could create an OVS bridge and add a physical port to that bridge by including the following stanzas in/etc/network/interfaces
:
allow-ovs ovsbr0
iface ovsbr0 inet manual
ovs_type OVSBridge
ovs_ports eth1
allow-ovsbr0 eth1
iface eth1 inet manual
ovs_bridge ovsbr0
ovs_type OVSPort
Now for the gotchas…
The Debian “Jessie” repos include version 2.3.0 of OVS; the latest release in the 2.3.x train is 2.3.3. As it turns out, 2.3.3 includes a couple of fixes that did not make it into 2.3.0, and these fixes address a couple potential issues you might run into when using OVS with the Debian network scripts integration. Specifically:
- You should not include the
auto
keyword in any of your OVS-related stanzas. If you do that, the OVS integration scripts will not function as expected. 2.3.3 includes a fix that forces the integration scripts to work as expected even if the user includes theauto
keyword. - The 2.3.3 release adds
_SYSTEMCTL_SKIP_REDIRECT=yes
to the/etc/init.d/openvswitch-switch
file, which prevents some systemd-related issues that might crop up (see here for the change). This line is not found in the 2.3.0 version of OVS when installed on Debian 8.x. (That being said, I tested both with and without this line, and it worked as expected in both cases.)
The first issue appears to be the more “serious” of the two; in my testing with version 2.3.0 of OVS (straight from the Debian repos), the integration simply didn’t work when the auto
keyword was included. As soon as I removed theauto
keyword, it started working as expected. The addition of the_SYSTEMCTL_SKIP_REDIRECT
line did not seem to be as significant; once theauto
keyword issue was sorted, the presence (or absence) of that line didn’t seem to have any effect on my testing.
So, if you’re having issues making OVS integration with the Debian network scripts work as expected, the first thing I’d check is to ensure that the auto
keyword is not included in any configuration stanzas related to OVS. From there, you may find it helpful to edit /etc/init.d/openvswitch-switch
to include_SYSTEMCTL_SKIP_REDIRECT
, but that seems (at this point) less likely to be the culprit.
For other OVS-related content, have a look at any of my OVS-tagged articles.
UPDATE: Another reader contacted me to say that the_SYSTEMCTL_SKIP_REDIRECT
setting may help in situations where you need to restart OVS (perhaps due to an update or similar). Without this setting, VM interfaces may be disconnected from the bridge. I haven’t tested or verified this, so keep that in mind.