| 1 |
"J. Roeleveld" <joost@××××××××.org> writes: |
| 2 |
|
| 3 |
> On Monday, December 29, 2014 03:38:40 AM lee wrote: |
| 4 |
>> "J. Roeleveld" <joost@××××××××.org> writes: |
| 5 |
>> > What do you mean with "unusable"? |
| 6 |
>> |
| 7 |
>> The bridge swallows the physical port, and the port becomes |
| 8 |
>> unreachable. IIRC, you can get around this by assigning an IP address |
| 9 |
>> to the bridge rather than to the physical port ... In any case, I'm |
| 10 |
>> finding bridges very confusing. |
| 11 |
> |
| 12 |
> This is by design and is documented that way all over the web. |
| 13 |
|
| 14 |
Nonetheless, I find them very confusing. |
| 15 |
|
| 16 |
>> >> > pass virtual NICs to the VMs which are part of the bridges. |
| 17 |
>> >> |
| 18 |
>> >> Doesn't that create more CPU load than passing the port? |
| 19 |
>> > |
| 20 |
>> > Do you have an IOMMU on the host? |
| 21 |
>> > I don't notice any significant increase in CPU-usage caused by the network |
| 22 |
>> > layer. |
| 23 |
>> |
| 24 |
>> Yes, and the kernel turns it off. Apparently it's expected to be more |
| 25 |
>> advantageous for some reason to use software emulation instead. |
| 26 |
> |
| 27 |
> Huh? That is usually because of a bug in the firmware on your server. |
| 28 |
|
| 29 |
Dunno, the kernel turned it off, so I read up about it and what I found |
| 30 |
indicated that using a software emulation of NUMA is supposed to to |
| 31 |
better --- make it sense or not. |
| 32 |
|
| 33 |
BTW, there's a kernel option to make the kernel adjust processes for |
| 34 |
better performance on NUMA systems. Does that work fine, or should I |
| 35 |
rather use numad? |
| 36 |
|
| 37 |
>> >> And at some |
| 38 |
>> >> point, you may saturate the bandwidth of the port. |
| 39 |
>> > |
| 40 |
>> > And how is this different from assigning the network interface directly? |
| 41 |
>> |
| 42 |
>> With more physical ports, you have more bandwidth available. |
| 43 |
> |
| 44 |
> See following: |
| 45 |
> |
| 46 |
>> >> My switch supports bonding, which means I have a total of 4Gbit/s between |
| 47 |
>> >> the server and switch for all networks. (using VLANs) |
| 48 |
>> |
| 49 |
>> I don't know if mine does. |
| 50 |
> |
| 51 |
> If bandwidth is important to you, investing in a quality switch might be more |
| 52 |
> useful. |
| 53 |
|
| 54 |
Unfortunately, they can be rather expensive. |
| 55 |
|
| 56 |
>> > Unless you are forced to use some really weird configuration utility for |
| 57 |
>> > the network, configuring a bridge and assiging the bridge in the |
| 58 |
>> > xen-domain config file is simpler then assigning physical network |
| 59 |
>> > interfaces. |
| 60 |
>> |
| 61 |
>> Hm, how is that simpler? And how do you keep the traffic separated when |
| 62 |
>> everything goes over the same bridge? What about pppoe connections? |
| 63 |
> |
| 64 |
> Multiple bridges? |
| 65 |
|
| 66 |
And how is that simpler? Isn't that somewhat unsafe since the bridge |
| 67 |
reaches into the host? Why would I set up a bridge, assign an interface |
| 68 |
to it, use special firewall rules and whatever else might be required |
| 69 |
instead of simply giving the physical port to the VM which does the |
| 70 |
pppoe connection and the firewalling and routing? |
| 71 |
|
| 72 |
More bridges are more confusing. |
| 73 |
|
| 74 |
You're kinda suggesting that it's simpler to live on an island which has |
| 75 |
50 bridges connecting it to some mainland where you have to go every day |
| 76 |
for work than it is to work on the island. That seems to me like taking |
| 77 |
a long detour every day. |
| 78 |
|
| 79 |
|
| 80 |
-- |
| 81 |
Again we must be afraid of speaking of daemons for fear that daemons |
| 82 |
might swallow us. Finally, this fear has become reasonable. |
Archives