Current Series Release Notes

Openvswitch L2 agent supports ingress bandwidth limit.

Linuxbridge L2 agent supports ingress bandwidth limit.

New Features

  • The openvswitch L2 agent now supports bi-directional bandwidth limiting.
  • The linuxbridge L2 agent now supports bi-directional bandwidth limiting.

Add data_plane_status attribute to port resources to represent the status of the underlying data plane. This attribute is to be managed by entities outside of the Networking service, while the status attribute is managed by the Networking service. Both status attributes are independent from one another.

This release adds support for running Neutron API component with a mod_wsgi compatible web server.

Add ‘default’ behaviour to QoS policies

Add DVR Floating IP (FIP) Namespace creation event on all nodes, based on the gateway configuration.

Enable creation of VXLANs with different multicast addresses allocated by VNI-address mappings.

New Features

  • The QoS service plugin now supports new attribute in qos_bandwidth_limit_rule. This new parameter is called direction and allows to specify direction of traffic for which the limit should be applied.
  • Allow to configure router service plugin without dvr API extension loaded and exposed. To achieve that, set the new enable_dvr option to False in neutron.conf file.
  • The port resource can have a data_plane_status attribute. Third parties can report via Neutron API issues in the underlying data plane affecting connectivity from/to Neutron ports. Attribute can take values None (default), ACTIVE or DOWN, and is readable by users and writable by admins and users granted the data-plane-integrator role. Append data_plane_status to [ml2]/extension_drivers section to load the extension driver.
  • Neutron API can now be managed by a mod_wsgi compatible web server (e.g. apache2 (httpd), nginx, etc.)
  • Neutron now supports having a default QoS policy in a project, assigned automatically to all new networks created.
  • Proactively create Floating IP Namespace on all compute nodes when a gateway is configured.
  • A new network_link_prefix configuration option is introduced that allows to alter the domain returned in the URLs included in the API responses. It behaves the same way as the compute_link_prefix and glance_link_prefix options do for Nova and Glance.
  • The ability to control vni-multicast address distribution in linuxbridge agent via new config option - multicast_ranges.

Known Issues

Upgrade Notes

  • Consider setting enable_dvr to False in neutron.conf file if your setup doesn’t support DVR. This will make Neutron stop advertising support for the dvr API extension via its /v2.0/extensions API endpoint.
  • Previously, neutron-server was using configuration values for oslo.db that were different from library defaults. Specifically, it used the following values when they were not overridden in configuration files: max_pool_size = 10, max_overflow = 20, pool_timeout = 10. In this release, neutron-server instead relies on default values defined by the library itself. If you rely on old default values, you may need to adjust your configuration files to explicitly set the new values.
  • The send_arp_for_ha configuration option is removed. Neutron now always sends three gratuitous ARP requests on address assigned to a port.

Other Notes

  • Example configuration of multicast_ranges in ml2_conf.ini under the [vxlan] config. section multicast_ranges =, For VNI between 10 and 90, the multicast address will be used, and for 100 through 900 will be used. Other VNI values will get standard vxlan_group address. For more info see RFE <>

Default quotas for the following resources were increased: networks (from 10 to 100), subnets (from 10 to 100), ports (from 50 to 500).

Network QoS policies are now supported for network:router_gateway ports.

New Features

  • Resource tag mechanism now supports subnet, port, subnetpool and router resources.
  • The metering agent driver can now be specified with a stevedore alias in the metering_agent.ini file. For example, driver = iptables instead of driver =
  • Neutron QoS policies set on an external network now apply to external router ports (DVR or not).
  • In order to reduce metadata proxy memory footprint, haproxy is now used as a replacement for neutron-ns-metadata-proxy Python implementation.
  • Subport segmentation details can now accept inherit as segmentation type during a trunk creation/update request. The trunk plugin will determine the segmentation type and ID and replace them with those of the network to which the port is connected. Only single-segment VLAN networks are set to have expected and correct results at this point.

Upgrade Notes

  • Default quotas were bumped for the following resources: networks (from 10 to 100), subnets (from 10 to 100), ports (from 50 to 500). If you want to stick to old values, consider explicitly setting them in the neutron.conf file.
  • Since haproxy was not used before by neutron-l3-agent and neutron-dhcp-agent, rootwrap filters for both agents have to be copied over when upgrading.
  • To upgrade to the haproxy based metadata proxy, neutron-l3-agent and neutron-dhcp-agent have to be restarted. On startup, old proxy processes will be detected and replaced with haproxy.
  • After upgrade, a macvtap agent without physical_interface_mappings configured can not be started. Specify a valid mapping to be able to start and use the macvtap agent.

Deprecation Notes

  • The gateway_external_network_id L3 agent option is deprecated and will be removed in next releases, with external_network_bridge that it depends on.
  • Now that rootwrap daemon mode is supported for XenServer, the neutron-rootwrap-xen-dom0 script is deprecated and will be removed in a next release.
  • The of_interface Open vSwitch agent configuration option is deprecated and will be removed in the future. After option removal, the current default driver (native) will be the only supported of_interface driver.
  • The nova_metadata_ip option is deprecated and will be removed in Queens. It is deprecated in favor of the new nova_metadata_host option because it reflects better that the option accepts an IP address and also a DNS name.