Network virtualization/isolation
Eric W. Biederman
ebiederm at xmission.com
Mon Dec 4 08:58:04 PST 2006
Herbert Poetzl <herbert at 13thfloor.at> writes:
> On Mon, Dec 04, 2006 at 06:19:00PM +0300, Dmitry Mishin wrote:
>> On Sunday 03 December 2006 19:00, Eric W. Biederman wrote:
>> > Ok. Just a quick summary of where I see the discussion.
>> >
>> > We all agree that L2 isolation is needed at some point.
>
>> As we all agreed on this, may be it is time to send patches
>> one-by-one? For the beggining, I propose to resend Cedric's
>> empty namespace patch as base for others - it is really empty,
>> but necessary in order to move further.
>>
>> After this patch and the following net namespace unshare
>> patch will be accepted,
>
> well, I have neither seen any performance tests showing
> that the following is true:
>
> - no change on network performance without the
> space enabled
> - no change on network performance on the host
> with the network namespaces enabled
> - no measureable overhead inside the network
> namespace
> - good scaleability for a larger number of network
> namespaces
Yes all important criteria for selecting the implementation.
Eric
More information about the Containers
mailing list