openvswitch-(switch|brcompat|datapath-dkms| and bridge-utils

What I want to do is use OpenVSwitch with Debian. However, I'd still like to be able to use the traditional tools such as brctl provided by bridge-utils to manage the OpenVSwitch bridges. To that end OpenVSwitch provides the -brcompat package as well as the brcompat_mod.ko built by -datapath-dkms.

However, as some might have guessed brcompat_mod.ko exports the same symbols as the kernel's bridge module since it's meant as a replacement of it. So, in order to be able to use it one needs to first unload bridge and then load brcompat_mod. This needs to be done on boot. To that end a /etc/modprobe.d/blacklist-bridge.conf was created containing the line 'blacklist bridge'. After that /etc/default/openswitch-switch was altered to set the BRCOMPAT variable to 'yes' which, when openvswitch-switch is started, will cause the initscript to try and load brcompat_mod.ko.

This is where it gets... interesting. After making those changes I rebooted the machine (since there still doesn't seem to be a fool-proof way of restarting networking) and noticed that despite my efforts bridge was still getting loaded instead of brcompat_mod. Turns out, blacklisting bridge doesn't really do you any good. As far as I've been able to gather blacklisting a module is only relevant if that module is getting loaded through a udev rule that triggers it. However, the package bridge-utils installs an /etc/network/if-pre-up.d and if-post-down.d script called bridge to create and destroy the bridges. Because those files are there when starting networking bridge gets loaded and by the time we get to starting openvswitch-switch it can't load brcompat_mod.

As a temporary solution I deleted the two bridge-scripts installed by bridge-utils and rebooted the machine. Sure enough, bridge wasn't loaded but brcompat_mod was. This has one nasty side-effect, bridges defined in /etc/network/interfaces are now never initialised and we need those. The idea behind brcompat_mod is that you can still use the 'traditional' way of creating bridges but that does require brcompat_mod to be loaded from the start.

As an alternative I sought to update openvswitch-switch's LSB headers to try and get it to start and hence inserting brcompat_mod prior to starting networking, alas to no avail. Though insserv -d isn't reporting any errors its stubbornly refusing to pick up the changes in my LSB headers. On top of that I do believe $network to be required before being able to start openvswitch-switch which will result in bridge getting loaded due to the scripts in if-pre-up.d.

At this point I'm stuck. The only thing I can think of right now is to try and create an init-script that only requires mountkernfs and load the module in the hope it comes early enough as to prevent bridge from getting loaded to begin with.

There's also Debian bug #680538 that is sort of this issue, however the maintainer(s) ha(s|ve) yet to respond (and the bug report isn't tremendously helpful either).