Can an ovs infrastructure be added to a default install of vmbr0?

[nickwalt]

Will the default vmbr0 Linux Bridge need to be replaced by an OVS Bridge to build out an OVS infrastructure on a host?

My understanding is that:
- a vmbr0 is required for uplink through a physical network interface
- Linux and OVS Bridges should not be mixed

There doesn't appear to be much detail on this, and no network blueprints exist for general network design just a few examples in config form.

I assume that OVS becomes the basis of the SDN and if routing is required we can add a dedicated router in the form of FRR?

Proxmox seems to refer to OVS and not to OVN which OVS is a component of. Is OVN not supported?

Cheers

 

[fba]

I assume that OVS becomes the basis of the SDN and if routing is required we can add a dedicated router in the form of FRR?

SDN in Proxmox VE doesn't require OVS at all, see https://pve.proxmox.com/wiki/Software-Defined_Network#pvesdn_tech_and_config_overview
AFAIK, there is no OVN integration available either and eventually still no plan to change that, see https://forum.proxmox.com/threads/integration-with-ovs-ovn.129323/post-764593

 

[nickwalt]

Thanks. I was considering that changing the underlying Linux Bridge to OVS is like changing from Cisco to Arista (both make switches).

Can I simply start adding OVS Bridges to the host and have it punt vlans through the default vmbr0, or do I have to replace vmbr0? Documentation seems to say that Linux Bridges don't interoperate well with OVS traffic and in some places it seems as if a Linux Bridge doesn't support multiple interfaces from multiple vlans so guessing that vmbr0 cannot support a trunk upstream, correct? One Bridge per vlan?

OVS seems to implement more networking standards than Linux Bridges, is that correct?

Cheers

 

[nickwalt]

It makes sense that Proxmox would not implement OVN — it is an SDN technology.

 

[fba]

Can I simply start adding OVS Bridges to the host and have it punt vlans through the default vmbr0, or do I have to replace vmbr0?

These are two separate L2 datapaths. So the OVS bridge(s) need an own physical uplink.

Linux Bridge doesn't support multiple interfaces

Linux bridge supports being a trunk of course, see also https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_vlan for more details

What is your usecase for OVS?

 

[nickwalt]

Developer workstation on Supermicro Epyc ROME platform (32-core, 384GB RAM, fast SSDs all direct-to-cpu. Running Proxmox 9.1 with Gnome DE and a mix of VM and LXC guests, with Incus and ssh2incus running in some VMs and possibly Podman with Devpod in others. Need to build an OOBM network across this infrastructure as well as regular private and LAN facing networks.

OVS is what I want to run and will likely interface with FRR — not a fan of NAT as a default option but know it is popular in the server communities — prefer routing and firewalls.

May explore EVPN BGP but will start with Vlan-Vnet Zones.

OVS in my use case isn't about scale it is about features. Want Bridges to function like full-blown switches so going with OVS.

Also want to use nftables firewall for increased functionality when used with OVS albeit this is still in tech preview.

Do I need to replace the default vmbr0 Linux Bridge? I thought I read somewhere that OVS cannot be bound to physical interfaces so unsure. Prefer to design the network before starting to chop things up. Cheers.

 

[fba]

OVS and Linux bonds/bridges should not be intermixed as explained here: https://pve.proxmox.com/wiki/Open_vSwitch
So of course you can use a physical interface as OVSPort.