I had a question about Crossbow and Xen VNICs. In Linux, VNICs are available for Xen, but I don''t know if there is a way to limit/control the traffic to the NICs. So Crossbow provides the same Xen framework, but integrates more controlled for VNIC? Prior to Crossbox, Solaris Zones had virtual nics, but I guess it''s similar to the current Xen releases with a limitation of resource allocation? Please free to chime in. I''m undecided whether I really need crossbow, but if I do I will have use at least snv_83. It''s a bit of a pain since I have to include the Dell Perc 5 driver into both the installer rootfs and the final rootfs on the system. Gary This message posted from opensolaris.org
On Thu, Jan 31, 2008 at 07:58:56AM -0800, Gary Leong wrote:> I had a question about Crossbow and Xen VNICs. In Linux, VNICs are > available for Xen, but I don''t know if there is a way to > limit/control the traffic to the NICs.The architecture of networking for Xen is quite different in Solaris from that in Linux. Linux doesn''t have "vnics" in the same sense as Solaris.> So Crossbow provides the same Xen framework, but integrates more > controlled for VNIC?The entirety of Crossbow is not yet integrated into Nevada, just an early cut of the basic VNIC functionality. In particular, resource control is not available in Nevada, only in the Crossbow project bits.> Prior to Crossbox, Solaris Zones had virtual nics, but I guess it''s > similar to the current Xen releases with a limitation of resource > allocation?No. Zones generally (pre IP Instances) used logical interfaces, which are a feature of IP (at layer 3). VNICs provide a different abstraction (at layer 2).> Please free to chime in. I''m undecided whether I really need > crossbow, but if I do I will have use at least snv_83. It''s a bit > of a pain since I have to include the Dell Perc 5 driver into both > the installer rootfs and the final rootfs on the system.Nevada build 83 includes only the basic VNIC functionality required for xVM - it doesn''t have resource control.
> -----Original Message----- > From: crossbow-discuss-bounces at opensolaris.org [mailto:crossbow- > discuss-bounces at opensolaris.org] On Behalf Of Gary Leong > Sent: Thursday, January 31, 2008 10:59 AM > To: crossbow-discuss at opensolaris.org > Subject: [crossbow-discuss] Xen vnics and Crossbow question > > I had a question about Crossbow and Xen VNICs. In Linux, VNICs are > available for Xen, but I don''t know if there is a way to limit/control > the traffic to the NICs.Are you referring to Dummy NICS? (the Linux equivalent of "VNIC"s)> > So Crossbow provides the same Xen framework, but integrates more > controlled for VNIC? >The VNICS are essentially created with the bandwidth limits allocated already.> Prior to Crossbox, Solaris Zones had virtual nics, but I guess it''s > similar to the current Xen releases with a limitation of resource > allocation?Not really, the Zones allowed a NIC alias to be used, rather than use the full NIC itself, this them provides Solaris Zones with the ability to use a limited amount of physical NICS, but allocate exclusive IP stacks to the Zones on the VNIC instead of using the entire original physical NIC. Aliases are totally different than VNICS, the NIC IP alias has been around in Solaris a long time, and was implemented in Linux after even that. The BSD''s also have NIC IP aliasing as well.> > Please free to chime in. I''m undecided whether I really needcrossbow,> but if I do I will have use at least snv_83. It''s a bit of a pain > since I have to include the Dell Perc 5 driver into both the installer > rootfs and the final rootfs on the system. >Well it depends on what you are doing. If you''re a little more specific, we can help with that question.> Gary > >-Trish (SPL)
Siobhan P. Lynch writes:> > Prior to Crossbox, Solaris Zones had virtual nics, but I guess it''s > > similar to the current Xen releases with a limitation of resource > > allocation? > > Not really, the Zones allowed a NIC alias to be used, rather than use > the full NIC itself, this them provides Solaris Zones with the ability > to use a limited amount of physical NICS, but allocate exclusive IP > stacks to the Zones on the VNIC instead of using the entire original > physical NIC.Right, though the "aliases" (BSD term) are usually called "logical interfaces" on OpenSolaris. Now that IP Instances (exclusive-stack zones) has integrated, you can place a VLAN into a zone. That''s not just a logical interface, but a real one. Crossbow will eventually deliver another option (generalized VNICs) here. -- James Carlson, Solaris Networking <james.d.carlson at sun.com> Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
> Right, though the "aliases" (BSD term) are usually called "logical > interfaces" on OpenSolaris. >You''ll have to excuse me, I was a FreeBSD developer since 1996, so I tend to use many of the languages from that technology... And before that I was a SunOS 4 girl *grins*... somewhere in there I did a little Solaris work, when BSD didn''t pay the bills and Solaris did, then I worked for VA Linux/OSDN for 2 years... So I have a long OpenSource pedigree, but I''ve been out of the Solaris world since 1995 or so...> Now that IP Instances (exclusive-stack zones) has integrated, you can > place a VLAN into a zone. That''s not just a logical interface, but a > real one. Crossbow will eventually deliver another option > (generalized VNICs) here. >Yes, with the VNIC being used in the IP instance, that''s primarily what we are using Crossbow for in our product. I would love for this technology to be more stable, right now we have a major panic on incoming TCP on the *first* NIC instance brought up (in our case this is always bfe0), however we have worked around this by giving bfe0 a VNIC (vnic999) representing bfe0, and that allows incoming TCP connections fine without the panic, so does all the other interfaces (bfe1-3).... Hopefully this will be solved when we get the Beta (this week?) -Trish (SPL)
Oh..that''s right. Funny thing is that I used zones before, about two years ago when it first came out. I forgot about the NIC aliases. Xen on linux has VNICs, but I believe that are "bridged" to the host NIC. It''s similar to VMware, that also permits a VLAN among VMs, not within a zone. Why would you want a VLAN within a zone? A side question. Do you know if you can assign only on CPU per zones, or is that only control through CPU shares? I don''t want my processes switching among the available cpus. In Xen, you can only allow the VM to see one, two, or how many CPUs. I know you can set the affinity for a process, but it be easier just to permit one CPU per zone - keep things simplier. Thanks for the response. I continue to be impress with Solaris 10. Gary This message posted from opensolaris.org
----- Original Message ----- From: Gary Leong <gwleong at gmail.com> Date: Friday, February 1, 2008 4:07 am Subject: Re: [crossbow-discuss] Xen vnics and Crossbow question To: crossbow-discuss at opensolaris.org> Oh..that''s right. Funny thing is that I used zones before, about > two years ago when it first came out. I forgot about the NIC > aliases. > > Xen on linux has VNICs, but I believe that are "bridged" to the > host NIC. It''s similar to VMware, that also permits a VLAN among > VMs, not within a zone. Why would you want a VLAN within a zone?Basically it is the global administrator who gives VLAN(s) to a zone. You cannot create/manipulate the VLAN(s) inside a zone.> > A side question. Do you know if you can assign only on CPU per > zones, or is that only control through CPU shares? I don''t want my > processes switching among the available cpus. In Xen, you can only > allow the VM to see one, two, or how many CPUs. I know you can set > the affinity for a process, but it be easier just to permit one CPU > per zone - keep things simplier.I guess pool or dedicated-cpu is what you want. You can find them in zonecfg(1M). (I have problem accessing docs.sun.com at this time, thus I cannot give you the link there, sorry about that.)> > Thanks for the response. I continue to be impress with Solaris 10.Great, all members on this alias like to here this. ;-) Best, Donghai.
On Jan 31, 2008, at 10:24 AM, Siobhan P. Lynch wrote:> Yes, with the VNIC being used in the IP instance, that''s primarily > what > we are using Crossbow for in our product. I would love for this > technology to be more stable, right now we have a major panic on > incoming TCP on the *first* NIC instance brought up (in our case > this is > always bfe0), however we have worked around this by giving bfe0 a VNIC > (vnic999) representing bfe0, and that allows incoming TCP connections > fine without the panic, so does all the other interfaces (bfe1-3)....The bits that we are currently making available are pretty old, and the VNIC implementation has seen a major overhaul since them. The new bits we''re planning to make available soon should fix these issues, and will allow us to address remaining issure more effectively. We''ll also allow you to create fully virtual switches independent from any hardware, which is an additonal step towards complete network virtualization. Nicolas. -- Nicolas Droux - Solaris Networking - Sun Microsystems, Inc. nicolas.droux at sun.com - http://blogs.sun.com/droux