When working with KVM, traditional Linux bridges offer a simple and effective way to provide networking to virtual machines (VMs). However, for advanced network configurations, performance optimizations, and Software-Defined Networking (SDN) integration, Open vSwitch (OVS) stands out as a powerful alternative.

In this section of the book, we will explore the concepts, installation, configurations, and how to potentially adopt Open vSwitch as a replacement to Linux bridges. We will see how to create OVS ports and bridges, VLANs configuration, creating bonded interfaces, and how to integrate OVS with libvirt for seamless VM networking.

What is Open vSwitch?

Open vSwitch (OVS) is a multilayer virtual switch designed to enable network automation through programmatic extensions, while supporting standard management interfaces and protocols (e.g., LACP, NetFlow, sFlow, SPAN, RSPAN, 802.1ag). OVS is particularly suited for large-scale virtualized environments where performance, scalability, and advanced networking are necessary.

Key benefits of Open vSwitch:

• High-performance switching in kernel space.
• OpenFlow support for SDN-based control.
• QoS and traffic shaping capabilities
• Bonding and failover support
• Multiple tunneling protocols (GRE, VXLAN, STT, and Geneve, with IPsec support)
• Forwarding layer abstraction to ease porting to new software and hardware platforms
• Per VM interface traffic policing
• STP (IEEE 802.1D-1998) and RSTP (IEEE 802.1D-2004)
• Standard 802.1Q VLAN model with trunking
• LACP (IEEE 802.1AX-2008)
• Visibility into inter-VM communication via NetFlow, sFlow(R), IPFIX, SPAN, RSPAN, and GRE-tunneled mirrors
• Multicast snooping

Installation of Open vSwitch

Let’s look at how to install Open vSwitch

1 – Install Open vSwitch on Debian / Debian

Update OS packages list:

sudo apt update && sudo apt install openvswitch-switch

Configure the service to be started automatically on system boot.

sudo systemctl enable --now openvswitch-switch.service

Check the status of OVS services:

systemctl status ovsdb-server.service ovs-vswitchd.service

2 – Install on Rocky Linux / AlmaLinux

Try search for openvswitch package using dnf:

sudo dnf search openvswitch

Below is a sample output from a Rocky Linux machine, highlighting the centos-release-nfv-openvswitch repository, which provides the Open vSwitch RPM packages.

Last metadata expiration check: 0:04:37 ago on Wed 09 Apr 2025 10:27:10 PM EAT.
=============================================================================================================== Name Matched: openvswitch ================================================================================================================
centos-release-nfv-openvswitch.noarch : Common release file to establish shared metadata for CentOS NFV SIG
pcp-pmda-openvswitch.x86_64 : Performance Co-Pilot (PCP) metrics for Open vSwitch

Install the package by running the following commands:

sudo dnf install centos-release-nfv-openvswitch

The command will configure the necessary repositories. After that, try searching for the openvswitch package again:

sudo dnf search openvswitch

As of this update, the latest release is 3.5, and that’s the version we’ll be installing.

sudo dnf install openvswitch3.5

Start and enable the Open vSwitch service to ensure it runs on boot:

sudo systemctl enable --now openvswitch

Confirm the service is running:

systemctl status openvswitch

In the output, you should see active:

● openvswitch.service - Open vSwitch
     Loaded: loaded (/usr/lib/systemd/system/openvswitch.service; enabled; preset: disabled)
     Active: active (exited) since Thu 2025-04-10 09:19:25 EAT; 7s ago
    Process: 55447 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
   Main PID: 55447 (code=exited, status=0/SUCCESS)
        CPU: 1ms

Apr 10 09:19:25 rocky01.cloudspinx.com systemd[1]: Starting Open vSwitch...
Apr 10 09:19:25 rocky01.cloudspinx.com systemd[1]: Finished Open vSwitch.

Verify installation:

ovs-vsctl show

Sample output:

ae2caf08-9773-4bc6-ad68-2d12b3a10d8e
    ovs_version: "3.5.1-16.el9"

Building Open vSwitch from source on Debian / Ubuntu

Building Open vSwitch from source gives you greater control over the version, compile-time options, and custom patches.

Refresh the package list by running:

sudo apt update

Install dependencies required to build Open vSwitch on Debian / Ubuntu:

sudo apt install  build-essential fakeroot autoconf automake bzip2 debhelper-compat dh-exec dh-python dh-sequence-python3 \
sudo apt install build-essential automake autoconf libssl-dev openssl bzip2 libtool dh-autoreconf python3-all ifupdown
graphviz iproute2 libcap-ng-dev libdbus-1-dev libdpdk-dev libnuma-dev libpcap-dev libssl-dev libtool libunbound-dev \
openssl pkg-config procps python3-all-dev python3-setuptools python3-sortedcontainers python3-sphinx dh-sequence-sphinxdoc

Download and extract the Open vSwitch source, then navigate to its root directory.

RELEASE=3.5.0
wget https://www.openvswitch.org/releases/openvswitch-$RELEASE.tar.gz

Extract downloaded archive:

tar xvf openvswitch-$RELEASE.tar.gz

Go to the extracted binary folder and execute the boot.sh script:

cd openvswitch-$RELEASE
./boot.sh

Next, run the configure script to generate the Makefile. It will also check for any missing dependencies:

./configure && make debian

Run the command dpkg-checkbuilddeps from the top-level directory of your OVS source to verify all build dependencies are satisfied.

dpkg-checkbuilddeps

If you’ve the dependencies installed properly, the command will exit without printing anything. The output will indicate any missing packages you need to install.

Run the following command in the root directory of your project to generate installation package:

make debian-deb

Move up one level from your current working directory

cd ../

List all .deb packages:

ls -lh *.deb

Install the packages using dpkg:

sudo dpkg -i ./openvswitch-common_${RELEASE}-1_amd64.deb
sudo dpkg -i ./openvswitch-switch_${RELEASE}-1_amd64.deb
sudo dpkg -i openvswitch-doc_${RELEASE}-1_all.deb

Logout of your current active session:

logout

Check status of openvswitch service:

systemctl status openvswitch-switch.service
ovs-vsctl show

Build Open vSwitch from source on RHEL-based systems – 9 & 8

This guide provides a step-by-step walkthrough on how to compile Open vSwitch (OVS) from source on Rocky Linux, AlmaLinux, RHEL 9/8, and other RHEL-based distributions.

1. Install dependencies

Update your OS:

sudo dnf -y update

2. Enable extra repositories:

You’ll need to enable additional repositories to access certain dependencies that aren’t available in the default OS repositories.

Rocky Linux / AlmaLinux 9:

sudo dnf -y install epel-release
sudo dnf config-manager --set-enabled crb

Rocky Linux / AlmaLinux 8:

sudo dnf -y install epel-release
sudo dnf config-manager --set-enabled powertools

RHEL 9:

subscription-manager repos --enable=codeready-builder-for-rhel-9-x86_64-rpms

RHEL 8:

subscription-manager repos --enable=codeready-builder-for-rhel-8-x86_64-rpms

After the repositories are enabled, install all the dependencies by running the following commands:

sudo dnf -y install "@Development Tools"

sudo dnf -y install gcc make python3-devel openssl-devel \
kernel-devel kernel-debug-devel rpm-build desktop-file-utils \
groff-base libcap-ng-devel numactl-devel selinux-policy-devel \
systemtap-sdt-devel unbound-devel unbound python3-sphinx \
libbpf-devel libxdp-devel groff network-scripts

3. Download tarball & Build Open vSwitch

Visit Open vSwitch downloads page and select the version you want to install. Alternatively, use wget or curl from the CLI to download the file.

Set the version to download as variable VER:

VER=3.5.0

Download the tarball:

wget https://www.openvswitch.org/releases/openvswitch-$VER.tar.gz

Extract the downloaded file:

tar xvf openvswitch-$VER.tar.gz

Navigate to the folder created after extraction:

cd openvswitch-$VER

Run the boot.sh script to initiate build process:

./boot.sh

Run configure command

./configure

To compile the Open vSwitch user-space RPM packages, run the following command:

make rpm-fedora

To enable DPDK support in the Open vSwitch package, include the --with-dpdk option during the build process:

make rpm-fedora RPMBUILD_OPT="--with dpdk --without check"

Include the –with-afxdp option during the build process to enable AF_XDP support:

make rpm-fedora RPMBUILD_OPT="--with afxdp --without check"

4. Install Open vSwitch RPM Packages

Move to the rpmbuild directory:

cd rpm/rpmbuild/RPMS/x86_64

List all .rpm packages:

ls -lh

Install openvswitch RPM package:

sudo rpm -Uvh openvswitch-$VER-1.*.x86_64.rpm

Install network scripts package:

sudo rpm -Uvh network-scripts-openvswitch-$VER-1.*.x86_64.rpm

If you need Open vSwitch development tools, install the devel package.

sudo rpm -Uvh openvswitch-devel-$VER-1.*.x86_64.rpm

Start Open vSwitch services:

sudo systemctl enable --now openvswitch

The command above will start other OVS services. Check Open vSwitch service status, it should be active:

systemctl status openvswitch.service
systemctl status ovs-vswitchd ovsdb-server

Log out of your current shell session, then log back in:

logout

Run the ovs-vsctl show command to verify the Open vSwitch (OVS) version:

ovs-vsctl show

Building Open vSwitch on a Generic Linux OS

Start by installing all necessary dependencies, then proceed to download the latest Open vSwitch archive from the downloads page.

RELEASE=3.5.0
wget https://www.openvswitch.org/releases/openvswitch-$RELEASE.tar.gz

Extract downloaded archive:

tar xvf openvswitch-$RELEASE.tar.gz

Go to the extracted binary folder and execute the boot.sh script:

cd openvswitch-$RELEASE
./boot.sh

Next, run the configure script to generate the Makefile. It will also check for any missing dependencies:

./configure

By default:

• All Open vSwitch files are installed under /usr/local
• The database is expected at /usr/local/etc/openvswitch

If you’d prefer custom directories, for example:

• Use /usr instead of /usr/local
• Use /etc/openvswitch for the database

Then add the following options when running the configure script:

./configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc

Open vSwitch installation from packages method typically uses the same configuration options as shown above.

If the configuration is successful, proceed with make inside the build directory.

make

Then run make install to install the executables and man pages into your system. By default, these will be placed under /usr/local:

make install

To start Open vSwitch on Unix-like systems, use the ovs-ctl script, which automates the startup of ovsdb-server and ovs-vswitchd daemons. It’s typically located in /usr/local/share/openvswitch/scripts.

Verify if the Open vSwitch script directory is included in your PATH. If it’s missing, the following command will add it automatically to your ~/.bashrc:

grep -qxF 'export PATH=$PATH:/usr/share/openvswitch/scripts;' ~/.bashrc || \
echo 'export PATH=$PATH:/usr/share/openvswitch/scripts;' >> ~/.bashrc

Source the bashrc file:

source ~/.bashrc

The ovs-ctl script can start/stop daemons individually, e.g., to start only the ovsdb-server:

ovs-ctl --no-ovs-vswitchd start

Command execution output:

* /etc/openvswitch/conf.db does not exist
 * Creating empty database /etc/openvswitch/conf.db
 * Starting ovsdb-server
 * system ID not configured, please use --system-id
 * Configuring Open vSwitch system IDs
 * Enabling remote OVSDB managers

Similarly, to start only the ovs-vswitchd:

ovs-ctl --no-ovsdb-server start

Sample output:

 * Inserting openvswitch module
 * Starting ovs-vswitchd
 * Enabling remote OVSDB managers

Check version and services status:

$ ovs-ctl version
ovsdb-server (Open vSwitch) 3.5.0
ovs-vswitchd (Open vSwitch) 3.5.0

$ ovs-ctl status
ovsdb-server is running with pid 29515
ovs-vswitchd is running with pid 29614

If this was helpful, don’t forget to check out our KVM eBook. Whether at work or on the go, access Mastering KVM Virtualization anytime, in the book you will learn:

• Host Network Management using Netplan: bridges, VLANs, Bonded interfaces
• Host Network Management using Network Manager (NMCLI) – bridged, VLANs, Bonds/Teamed
• Host Network Management using Networking Scripts
• Host Network Management using Open vSwitch

Also watch out for our guide on how to create Linux bridges with Open vSwitch:

• How to Create Linux Bridge using Open vSwitch