In addition to numerous bug fixes, the 20.09.0 release of OVN contains a mix of new features and performance improvements.
- Allow the lb_force_snat_ip and dnat_force_snat_ip options to take an IPv4 and IPv6 address pair. This may be needed for dual stack setups.
- DHCP now understands DHCPDECLINE
- External IP based NAT. This allows for a set of IPs to be used for SNAT instead of always SNATting to a single external IP address. It also allows for a range of IPs to be matched for DNATting.
- VXLAN support has been added for general-purpose tunneling. Previously VXLAN could only be used for ramp switches. Please see documentation for details about limitations VXLAN introduces as compared to GENEVE and STT.
- Avoid using conntrack in certain scenarios. Conntrack is known to introduce latency. The following scenarios have been optimized to not use conntrack:
- When sending packets from a logical switch to logical router when a load balancer is used.
- When sending packets through a logical switch with a load balancer when the destination IP is not the load balancer VIP.
- Avoid nb_cfg notification flooding. This significantly lowers the amount of time it takes for a northbound change to sync to all hypervisors.
- Probes for unix sockets are now disabled by default. This prevents unnecessary connection checks between processes on the same system.
- The set of OpenFlow flows sent to OVS is now incrementally processed.
- Parsed expressions are now cached in ovn-controller, meaning less CPU time is spent re-parsing expressions.
- The number of flows created for stateful ACLs has been reduced by a factor of 2 for allow-related ACLs and a factor of 3 for drop/reject ACLs.