WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] DomU Bridged vs. Routed Networking?

from [Nivedita Singhvi] [Permanent Link][Original]
To: Ian Pratt <m+Ian.Pratt@xxxxxxxxxxxx>
Subject: Re: [Xen-users] DomU Bridged vs. Routed Networking?
From: Nivedita Singhvi <nsnix@xxxxxxxxxxx>
Date: Wed, 17 Aug 2005 02:51:54 -0700
Cc: ian.pratt@xxxxxxxxxxxx, Andy Lee <andylee@xxxxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 17 Aug 2005 09:50:11 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <A95E2296287EAD4EB592B5DEEFCE0E9D282B99@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <A95E2296287EAD4EB592B5DEEFCE0E9D282B99@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.8 (X11/20041020) 
Ian Pratt wrote:
Seems like most users opt for the bridged approach. Perhaps it's because it is easier to setup and it is the default setting. For route, I spent several days to learn that /proc/sys/net/ipv4/conf/eth0/proxy_arp needs to be set to 0. It is not (Debian Sarge). It should probably be added to /etc/xen/scripts/network-route.
I also modified scripts/vif-route (using iptables) to forward only packets belonging to each domU's IP address, thereby
preventing domU's
from using IP addresses not assigned to them. 


Please can you post diffs and we'll update the example scripts.


There are network-nat and vif-nat scripts, but they need
a little tweaking. Would be good to merge Andy's changes.
With bridge, I'd need to install etables - one extra program to install and learn. 


That's not actually true -- you can use iptables to do packet filtering
in bridge mode. You only need ebtables if you want to do matches on MAC
addrs.
There is one other factor which some people have noticed and pointed out on this list: the interface is in promiscuous mode in the bridging scenario, which deteriorates performance. 
Your mileage may vary.



All modern Ethernet networks are switched rather than shared media.
Putting the interface in promiscous mode will make NO difference to
performance unless you have lots of *multicast* traffic on your network
that this host isn't interested in.


Yep, mostly multicast traffic, since that's the only additional bucket
(unless you turn off icmp broadcast echo replies when not promiscuous)
but I measured this earlier this morning with a tcp netperf stream
and it was about 4% difference. Admittedly, today was an exception,
the network was getting hammered due to a misconfigured router,
congestion on the net due to the worm and some heavy multicast
traffic. I didn't see this till now but it was logging a bunch
of those, which exacerbated the load on the system.

thanks,
Nivedita


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] help boot ing xen, Daniel Hulme
Next by Date:  [Xen-users] kernel panic - VFS: Unable to mount root fs on unknown-block(0, 0) -- xen IDE drivers?, Eric Brown
Previous by Thread:  RE: [Xen-users] DomU Bridged vs. Routed Networking?, Ian Pratt
Next by Thread:  Re: [Xen-users] DomU Bridged vs. Routed Networking?, Andy Lee
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy