Anita Dieckhoff edited this page Sep 19, 2016 · 21 revisions

Welcome to the MidoNet Project Wiki.

MidoNet is an open-source network virtualization platform for Infrastructure-as-a-Service (IaaS) clouds. MidoNet decouples your IaaS cloud from your network hardware, creating an intelligent software abstraction layer between your end hosts and your physical network. This network abstraction layer allows the cloud operator to move what has traditionally been hardware-based network appliances into a software-based multi-tenant virtual domain.

Some of the benefits that come from using MidoNet in your IaaS cloud are:

  • the ability to scale IaaS networking into the thousands of compute hosts
  • the ability to offer L2 isolation which is not bounded by the VLAN limitation (4096 unique VLANs)
  • making your entire IaaS networking layer completely distributed and fault-tolerant


The last release of MidoNet is 5.2.1.

Check the release notes for this version and the release schedule for all past and future versions.

Feature list

  • Fully virtualized Layer 2 through 4 networking
  • VLAN-less VLANs – Virtual L2 distributed isolation and switching with virtually none of the limitations of conventional VLANs
  • VXLAN support: VXLAN tunnel zones and VXLAN L2 Gateway
  • Fully distributed architecture with no single points of failure
  • Virtual L3 distributed routing
  • Distributed load balancing and firewall services
  • Stateful and stateless NAT
  • Zero-delay NAT connection tracking
  • Access Control Lists (ACLs)
  • Restful API
  • Monitoring of networking services

Distributed L4 Load Balancer

Load balancers provided as services in the clouds are one of the value-added features cloud-service providers can offer. Existing implementations supported by hardware and software appliances have limitations in deployment, scalability and fault tolerance. By leveraging MidoNet’s unique, fully distributed architecture, MidoNet’s distributed L4 load balancer provides great advantages compared to these appliances, such as scale-out, and scale-up and scale-down capabilities with no single point of failure.

Like other L2-L4 network functions provided in previous releases, each MidoNet Agent on a host handles the traffic that goes through the L4 load balancer deployed in the virtual topology. The new L4 load balancer offers standard, highly useful features, such as health monitoring with TCP, and session persistence or “stickiness” based on source IP addresses. It also uses a pseudo round-robin algorithm to balance the traffic between targets, which makes it ideal for the many applications that require this feature. MidoNet supports configuration of L4LB through the Neutron API.

Network Address Translation and floating IP addresses

MidoNet uses static NAT to implement floating IP addresses. MidoNet implements floating IP addresses in a two-stage process:

  • Bring traffic to a floating IP address (that is, bring traffic from an external network to a tenant router).
  • Perform network address translation from the external network's public IP address to a private IP address and in the reverse direction.

Resource protection among Virtual Ports

MidoNet employs Hierarchical Token Buckets (HTB) to improve the packet processing capabilities of MidoNet Agents. This enhancement is especially useful to public cloud-service providers that host many VMs belonging to different tenants or customers on the same hosts. It allows them to provide a certain service level even if one VM sends packets at a rate that exceeds the total capacity of the Agent.

VXLAN support

MidoNet provides support for VXLAN tunnelling between hosts, which is part of MidoNet’s integration with Virtual Extensible LAN (VXLAN) technology. VXLAN is a network virtualization technology that uses VLAN-like encapsulation techniques to encapsulate MAC-based OSI layer 2 Ethernet frames within layer 3 UDP packets. Its main advantage over traditional VLANs is its 24-bit VXLAN ID, which allows VXLAN to scale up to 16-million logical networks (by comparison - the maximum number of VLANs is 4096).

MidoNet’s support for VXLAN Gateways (VXGW) allows you to extend a virtual bridge to a physical L2 segment that is reachable via an L3 network and a VXLAN-capable physical switch. A VXLAN-capable physical switch is also referred to as a "hardware VTEP" (VXLAN Tunnel End Point). The VXGW allows you to create one or many VXLAN-based logical switches that span one hardware VTEP and a single MidoNet cloud.

Zero-delay NAT connection tracking

MidoNet is capable of fully decentralized stateful NAT and stateful FW. Connection tracking and NAT information is communicated directly between agents, through the same tunnels used to push packets. This has been achieved thanks to a concept of stateful port groups, which are groups of virtual ports that are logically associated to perform load balancing or for link redundancy.

MidoNet Project info

For more info about the MidoNet project, including governance, licensing, architectural principles, and subprojects, check out the Projects overview page.


The MidoNet documentation contains Quick Start and Operations Guides, Reference Architecture, API docs, and more:

Developer resources