OpenStack vs OpenDaylight vs OpenFlow vs OpenvSwitch: What’re Their Relations?

Recently, open source technologies such as OpenvSwitch, OpenDaylight, OpenFlow, and OpenvSwitch have become more and more popular. Though they have been introduced for a while, they still confuse people in some aspects, especially their relations with each other. Here we will cover the topic on OpenStack vs OpenDaylight vs OpenFlow vs OpenvSwitch.

OpenStack vs OpenDaylight vs OpenFlow vs OpenvSwitch: What Are They?

OpenvSwitch

Openvswitch or openvSwitch (OVS) is an open-source OpenFlow switch, which works as a virtual switch in the virtualized environments. It is also used as a multilayer software for interconnecting virtual devices in the same host or between different hosts across networks. OVS can support standard management interfaces and protocols, including NetFlow, sFlow, CLI, IPFIX, RSPAN, LACP, 802.1ag. In addition, it can support transparent distribution across multiple physical servers. This function is similar to the proprietary virtual switch solutions such as the Cisco Nexus 1000V. For more information, please read Open Switch vs Openvswitch: What’s the Difference?

OpenFlow

OpenFlow is a communications protocol standard for SDN. It empowers a network switch or a router to access the forwarding plane over the network. What’s more, it can serve as a specification of the logical structure of the network switch functions. It facilitates remote management of switches from a centralized control plane or controller. Therefore, OpenFlow has gained achievements in hardware and software support since its release. Branded vendors such as Cisco and Juniper have launched network equipment like 10GB Ethernet switch, router, and wireless access point which support OpenFlow.

OpenStack vs OpenDaylight vs OpenFlow vs OpenvSwitch

Figure 1: OpenFlow

OpenDaylight

OpenDaylight (ODL) is an open source project within the Linux Foundation. As an SDN controller, it provisions the network policies as specified and sends that information to the HYpervisor. It allows the users to programmably manage OpenFlow capable Gigabit Ethernet switches. Though ODL owns a large set of features and compatible north bound applications, it has many alternatives such as Floodlight, RYU SDN framework, NOX, etc.

OpenStack

OpenStack is an open source cloud computing platform, which combines several major components to accomplish specific tasks. It can not only use all the above-mentioned technologies to provide the user with more programmatic control over the infrastructure, but also work independently without any of them. OpenStack is convenient and reliable with strong compatibility and adaptability, gaining support from many vendors.

OpenStack vs OpenDaylight vs OpenFlow vs OpenvSwitch: What’re Their Relations?

OpenvSwitch vs OpenDaylight vs OpenFlow

OpenvSwitch, OpenDaylight, and OpenFlow are all used for SDN application. OpenFlow is one of the first SDN standards. OpenvSwitch is an OpenStack SDN component. OpenDaylight is an SDN controller. As to their relations, OpenFlow is a protocol and OpenvSwitch and OpenDaylight are packages or software packages using that protocol. In other words, the protocol used by OpenvSwitch or OpenDaylight is OpenFlow.

OpenvSwitch vs OpenDaylight vs OpenStack

OpenStack covers many aspects like network, virtualization, operation system, and server. When OpenDaylight and OpenvSwitch perform network resource management, OpenStack is often used with them together to allow for end-to-end automation and orchestration. Moreover, OpenStack has hooks within it that allow integration of OVS/ODL and this interaction is achieved via southbound API.

Summary

OpenStack vs OpenDaylight vs OpenFlow vs OpenvSwitch, these four terms are of significance in the networking system. With these technologies, the network performance has become better and it is also more convenient for you to do network management in enterprises and data centers. In fact, open source technologies are still developing. This article may be the first step that helps you know them and there are still lots of things to be explored.

Posted in Enterprise Network | Tagged , , , | Comments Off on OpenStack vs OpenDaylight vs OpenFlow vs OpenvSwitch: What’re Their Relations?

No Switchport Command: How Much Do You Know?

When working with switches, you may meet some interface configuration mode commands such as swtichport mode access, no switchport, etc. Well, do you know what the no switchport command is? Could it be supported by Layer 2 switch or Layer 3 switch? How to use no switchport command? In this article, we will share some insights and help solve the above questions.

What Is a No Switchport Command?

To understand the no switchport command, we’d better get to know Layer 2 switch and Layer 3 switch first. The Layer 2 switch is a network switch that forwards traffic based on layer 2 information of the OSI model. It functions by keeping a table of media access control (MAC) addresses. Moreover, it can assign VLANs to specific switch ports, which in turn are in different Layer 3 subnets. So the communication with other LANs, or VLANs, needs the function of Layer 3. And the Layer 3 switch combines some features of Layer 2 switch and some of the router. That is to say, it can switch packets by checking both IP addresses and MAC addresses.

The no switchport command is provided by the interface on a Layer 3 capable switch. This command can convert a Layer 2 port into a Layer 3 port and makes the port operate like a router interface rather than a switch port. So this port is also called routed port. What’s more, the routed port isn’t joined to any VLANs and do not support VLAN subinterfaces. However, you can apply an IP address directly to the port and more IP configuration options are available after running the no switchport command.

How to Use No Switchport Command?

As mentioned above, the no switchport command is mainly used to configure routed ports. This helps Layer 3 switch reach the default router during the configuration of VLAN. In terms of the configuration of the routed port, you can get into interface configuration mode of a switch and issue the command no switchport. This prohibits Layer 2 capabilities and enables Layer 3. Then you can assign an IP address to the routed port.

no switchport command

Figure 1: An example of a routed port configuration

No Switchport Command on Layer 3 Switch

The no switchport command plays an important role in configuring VLAN on the Layer 3 switch. With the no switchport command, you can get access to the Web Interface. Then, you can simply configure VLAN via the Web Interface. The following is the configuration guide.

  • 1.Connect your computer to the switch.
  • 2.Run the SecureCRT software on the computer, and enter the command #configure terminal to enter the global configure mode.
  • 3.Choose the “http” file, and enable the “http” service.
  • 4.Enter the command #show interface eth-0-1 to check the state of eth-0-1 port on the switch.
  • 5.Enter the command #interface eth-0-1 to enter the eth-0-1 port.
  • 6.Enter the command #no switchport to put the eth-0-1 port in L3 mode to make it the routed port.
  • 7.Assign an IP address to the eth-0-1 port and enter the command #no shutdown to activate the eth-0-1 port.
  • 8.Set the IP address of the computer to make sure it’s in the same network with the eth-0-1 port.
  • 9.Ping the IP address on the computer to check whether there is any mistake in the steps above. (If there were no mistake in the Ping result, you could log in with the username and password of your account to enter the Web Interface.)
  • 10.Add or delete the VLAN in the Service Management.

Summary

This post has explained what the no switchport command is, the steps to configure no switchport command, and how to use it on Layer 3 switch. So have you got all the answers to the questions at the beginning? Well, FS provides various high-quality network switches. Welcome to contact us if you have any needs about it.

Related Article: Layer 2 vs Layer 3 Switch: Which One Do You Need?

Posted in Enterprise Network | Tagged , , | Comments Off on No Switchport Command: How Much Do You Know?

Open Switch vs Openvswitch: What’s the Difference?

Recently, the open source technology has become more and more popular. As the important parts in the open source network, open switch and openvswitch have raised much attention. However, some people may be confused with open switch and openvswitch. This article will give a thorough introduction to them and make a comparison of open switch vs openvswitch.

Open Switch vs Openvswitch: What Are They?

Open Switch

The open switch is the network switch that runs an open network operating system (NOS). Its hardware and software are separate entities and can be changed independently of each other. Therefore, the same hardware can support different operating systems or the same operating system can work on multiple hardware configurations. This means vendors can customize or rebrand the open switches by adding their own software. And there are multiple open source software such as Cumulus Linux and Pica8 Pic, which can be chosen by vendors. FS has teamed up with cumulus networks and introduced several Layer 2 switches and Layer 3 switches powered by Cumulus Linux OS, for instance, N5850-48S6Q 10GbE switch, N8000-32Q 40GbE switch, and N8500-32C 100GbE switch.

Open switch

Figure 1: Open switch

Openvswitch

Openvswitch or open vSwitch (OVS) is an open source multilayer virtual switch issued under the Apache 2.0 license. It usually operates as a software-based network switch or as the control stack for dedicated switching hardware. Designed to enable effective network automation via programmatic extensions, OVS also supports standard management interfaces and protocols, including NetFlow, sFlow, CLI, IPFIX, RSPAN, LACP, 802.1ag. In addition, OVS can support transparent distribution across multiple physical servers. This function is similar to the proprietary virtual switch solutions such as the Cisco Nexus 1000V and the VMware vSphere Distributed Switch (vDS). In short, OVS is used with hypervisors to interconnect virtual machines within a host and virtual machines between different hosts across networks.

open switch vs openvswitch

Figure 2: Openvswitch

Open Switch vs Openvswitch: What’s the Difference?

As mentioned above, open switch and openvswitch both are open source switch. However, they still differ mainly in two aspects.

Firstly, open switch and openvswitch have different external construction.

For open switch, it is a physical switch that you can use wires to connect it with other network devices. What’s more, it has hardware and software. Its open hardware comes with a boot loader called the Open Network Install Environment (ONIE). Based on ONIE, consumers can load operating system software onto the switch.

For openvswitch, it behaves like a physical switch but virtualized. It has no hardware and represents as an entirely software. There is a software stack running on a server of openvswitch. This software stack could provide connections to virtual or logical Ethernet ports. Thus, there is any port on openvswitch and you don’t need to use wires to connect it with other network devices. Well, OVS can also be integrated with hardware and serve as the control plane for switching silicon.

Secondly, programming flow rules work differently in open switch and openvswitch. Essentially, flow rules determine how inbound and outbound traffic should be treated. The open switch uses VLANs to tag traffic. While OVS can dictate how the traffic should be manipulated before it is forwarded to the exit interface.

Summary

After reading this post, you may know the difference between open switch vs openvswitch. Though they both are good solutions to meet the demand for network agility and scalability, the open switch may be more commonly used in the market now. FS provides N-series open network switch with good quality and nice price. If you have any needs, welcome to visit FS.COM.

Related Article: Open Source Switch: How Much Do You Know?

Posted in Ethernet Switches | Tagged , , , | Comments Off on Open Switch vs Openvswitch: What’s the Difference?

Will Bare Metal Switch Be Popular in 100G Data Center?

Nowadays, the requirement for bandwidth and transmission speed in data centers is increasing strikingly. To meet the demand for it, networking industries are moving toward a new direction. Focuses previously changing from 1G, 10G and 40G are now shifting to 100G. Therefore, 100G is the trend of data center. According to a report by Dell’Oro Group, bare metal switch vendors lost share in the 100G data center switching market in 2018 while traditional vendors, such as H3C, Cisco and Huawei, gained. Do you agree with that? Let’s take a look at what the bare metal switch is and whether it will be popular in 100G data center?

Bare Metal Switch Overview

The bare metal switch is a device that allows for the decoupling of hardware and software on the networking stack. It is from original design manufacturers (ODMs) like Alpha Networks or Accton. These companies design and manufacture products for many mainstream switch vendors. However, warranties offered by ODMs are just hardware based and very basic. Therefore, the bare metal switch has no operating system (OS) and no label. Moreover, bare metal switches come with a boot loader called Open Network Install Environment (ONIE). Based on ONIE, consumers can load open source operating system onto the switch.

Why Bare Metal Switch Will Be Popular in 100G Data Center?

Will bare metal switch be popular in 100G data center? The answer is yes. The following is the comparison of bare metal switch and brand-name switch.

Bare Metal Switch vs Brand-name Switch

Features – Bare metal switches have multiple choices of OS, including Cumulus Linux, Big Switch Light, Pica8, etc, and their hardware can be bought from different ODMs directly or banded vendors to suit the 100G data center. While brand-name switches should run on vertically integrated OS and hardware that you have no other choice. Hence, with bare metal switches, more flexibility, and options can be enjoyed.

Performance – The brand-name network switch and bare metal switch share a lot of similar performance when used in 100G data center. While the bare metal switch is simpler because of the automated centralized network device management, unified deployment strategies, and fewer configuration errors. What’s more, unlike the brand-name switch, which only supports the corresponding accessories, the bare metal switches are more compatible and multiple accessories are available.

Cost – Consumers can get hardware directly from the ODMs at a discounted rate compared to similar switches from brand-name networking vendors, because there is no OS installed in it. Moreover, with bare metal switches, the network flexibility and scalability have been greatly increased. This will save much cost for users. And then, with good compatibility, you can choose accessories like transceivers from the third-party, which is much cheaper.

Traditional switch vs bare metal switch

Figure 1: Traditional switch vs bare metal switch

Conclusion

The bare metal switch which enables people to purchase hardware and software independently is gaining popularity in 100G data center. It excels propriety or traditional switches in cost and the flexibility. FS employs bare metal switches and Cumulus Linux providing N-series data center switches, including 10GbE switch, 40GbE switch and 100GbE switch. If you have any needs, welcome to visit FS.COM.

Related Articles:
FS N-Series Switches with Cumulus Linux: What Function Do You Expect?
Cumulus Linux: A Powerful ONOS for Network

Posted in Enterprise Network | Tagged , , , | Comments Off on Will Bare Metal Switch Be Popular in 100G Data Center?

Access Control List Linux:How Much Do You Know?

Traditional Linux networking is satisfied for most situations when employed in network switch, router or other network devices. However, it still has some limitations such as the problem of UNIX file permissions, which affects network security. Luckily, Access Control List (ACL) has been developed, which is designed to make a flexible permission mechanism in Linux. Well, what is ACL and how to use it in Linux?

Access Control List Overview

Access Control List is a list that grants or denies permissions to the data, which tries to access services attached to that network hardware such as Gigabit Ethernet switch or router. There are several types of ACLs such as access ACL and the default ACL. The former is the access control list for a specific file or directory and the later can only be associated with a directory.

ACL provides an additional, more flexible permission mechanism for file systems. To be specific, it ensures security by blocking packets that are destined to sensitive areas in the network. Based on the protocols, it also determines the type of traffic to forward. And it is also able to deny certain users or groups access to the Internet while allowing others. What’s more, ACL can block specified traffic, which greatly helps enhance the performance of your network.

How to Use Access Control List in Linux?

Usually, there are mainly four steps for the Access Control List configuration.

Installing ACL Package

Before using ACLs for a file or directory, you should install the acl package.

1
Configuring ACL

1.Mount the file system consisting of the file or directory with ACL support. Here is the syntax for you to mount a local ext3 file system.

2

2.Use the getfacl utility to show a file’s ACL.

3

When a file does not have an ACL, it shows the same information as ‘ls –l’, although in a different format.

4

3.Use the setfacl utility to add or modify one or more rules in a file’s ACL.

5

If a file has an ACL, ‘ls –l’ will display a plus sign (+) following the permission.

6
Remove ACLs

1.Use the “-x” option without specifying any permissions to remove rules for a user or group.

7

2.Use the “-b” option to remove ACL itself.

access control list
Setting the Default ACLs

Add “d:” before the rule and specify a directory instead of a file name. Then the setting is completed.

What Is Linux ACL Mask and Why Does It Exist?

When setting the default ACL in a directory, some users may be confused to see “default:mask” or just “mask”. Actually, the “mask” is a mask setting, which is used to mask out permissions. Except a file owner or an “other” entry, “mask” is the maximum permission granted by access control entries for users and groups. The “default: mask” on a parent directory is also a mask setting, which is applied to things that are created within it.

Conventionally, people use the traditional Unix applications to run “chmod(…,000)”, which is expected to deny all access to a file. However, it fails unless there is a mask and the old “S_IRWXG” permissions map to it. Although having been upgraded several times, traditional Unix scripts still can’t work perfectly without a mask. In ACLS, the mask is also necessary. Without it, setting the file permissions to a entry such as “000” wouldn’t affect any non-owner user or group entries and other users still have access to the object. What’s more, without a mask, other approaches have defects in granting or denying permissions to the data as well.

mask

Figure 1: “mask” and “default: mask” scenario

Conclusion

From all the above, you may have a general understanding of Access Control List Linux, Linux ACL Mask and how to use ACL in Linux. The use of ACL in the Linux OS is important to the security of network. Recently, FS has teamed up with Cumulus to provide the N-series open networking switch. These switches are suitable for you to configure ACL, including 10GbE switch, 40GbE switch, 100GbE switch, etc. For more information, please read this news: FS.COM Collaborates with Cumulus Networks to Bring Open Networking Directly to Its 100,000+ Customers.

Related Article:
Network OS Comparison: Open Source OS or Proprietary OS

Posted in Data Center | Tagged , , | Comments Off on Access Control List Linux:How Much Do You Know?