From owner-freebsd-virtualization@freebsd.org  Wed Feb 28 11:51:19 2018
Return-Path: <owner-freebsd-virtualization@freebsd.org>
Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1D6DCF41120
 for <freebsd-virtualization@mailman.ysv.freebsd.org>;
 Wed, 28 Feb 2018 11:51:19 +0000 (UTC)
 (envelope-from freebsd@omnilan.de)
Received: from mx0.gentlemail.de (mx0.gentlemail.de [IPv6:2a00:e10:2800::a130])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 9363873321
 for <freebsd-virtualization@freebsd.org>; Wed, 28 Feb 2018 11:51:18 +0000 (UTC)
 (envelope-from freebsd@omnilan.de)
Received: from mh0.gentlemail.de (mh0.gentlemail.de [IPv6:2a00:e10:2800::a135])
 by mx0.gentlemail.de (8.14.5/8.14.5) with ESMTP id w1SBpGgx019653;
 Wed, 28 Feb 2018 12:51:16 +0100 (CET)
 (envelope-from freebsd@omnilan.de)
Received: from titan.inop.mo1.omnilan.net (s1.omnilan.de [217.91.127.234])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mh0.gentlemail.de (Postfix) with ESMTPSA id 3D455F87;
 Wed, 28 Feb 2018 12:51:16 +0100 (CET)
Message-ID: <5A9697B3.5050200@omnilan.de>
Date: Wed, 28 Feb 2018 12:51:15 +0100
From: Harry Schmalzbauer <freebsd@omnilan.de>
Organization: OmniLAN
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; de-DE;
 rv:1.9.2.8) Gecko/20100906 Lightning/1.0b2 Thunderbird/3.1.2
MIME-Version: 1.0
To: Vincent Hoffman-Kazlauskas <vince@unsane.co.uk>
CC: freebsd-virtualization@freebsd.org
Subject: Re: superfluous host interfaces
References: <20180225131401.GA3138@v007.zyxst.net>
 <5A93CEB6.1080406@omnilan.de> <a0ccbf77-ec23-127c-0529-ddb05dc689e3@osfux.nl>
 <5A93D9D0.4090804@omnilan.de> <54f9019e-6e86-8e10-32d7-9f14d159bb0a@osfux.nl>
 <5A93F9DE.9090908@omnilan.de> <5A94F730.7040009@redbarn.org>
 <5A95140E.8030909@omnilan.de>
 <e8ffef13-4616-c063-e3a9-dd3361bff78d@unsane.co.uk>
In-Reply-To: <e8ffef13-4616-c063-e3a9-dd3361bff78d@unsane.co.uk>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7
 (mx0.gentlemail.de [IPv6:2a00:e10:2800::a130]);
 Wed, 28 Feb 2018 12:51:16 +0100 (CET)
X-Milter: Spamilter (Reciever: mx0.gentlemail.de; Sender-ip: ;
 Sender-helo: mh0.gentlemail.de; )
X-BeenThere: freebsd-virtualization@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: "Discussion of various virtualization techniques FreeBSD supports."
 <freebsd-virtualization.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-virtualization/>
List-Post: <mailto:freebsd-virtualization@freebsd.org>
List-Help: <mailto:freebsd-virtualization-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Feb 2018 11:51:19 -0000

 Bezüglich Vincent Hoffman-Kazlauskas's Nachricht vom 27.02.2018 21:09
(localtime):
>
> On 27/02/2018 08:17, Harry Schmalzbauer wrote:
>> Bezüglich Paul Vixie's Nachricht vom 27.02.2018 07:14 (localtime):
>>>
>>> Harry Schmalzbauer wrote:
>>>> Bezüglich Ruben's Nachricht vom 26.02.2018 11:34 (localtime):

…

>> If you have only one "LAN" sharing all VMs, the one additional interface
>> is neglectable.
>> But my setups are different.
>> I have almost as many different 802.11q separated ethernet collsion
>> domains (VLANs) as VMs.
>> That's what ESXi's portgroup is used for.  I need a separate switch for
>> each VLAN (guests mustn't be able to sniff traffic etc.).
>>
> Untested by me with bhyve but it looks like net/openvswitch
> (http://www.openvswitch.org/) could be useful to you. As I say though
> untested by me so cant speak for performance etc.

I made a local OVS port which incorporated netmap support, but I was
told that OVS lost attraction for the netmap team, when I tried to solve
some problems, since netmap patches from upstream were highly linux
specific and considered obsolete.
Intel contributed some DPDK resources, which look interesting (and seem
to perform great on linux).
But OVS itself would need more resources to get better support on
FreeBSD and additionally a huge ammount of resources to get DPDK|netmap
enabled.
In 10GE days, OVS without netmap|DPDK doesn't make much sense imho.

We have netmap/vale(4), which could be extenden to cover a small subset
of OVS feature, with porbably moderate ammount of resources.
So in my opinion, for those using bhyve(4) as slim hypervisor, the not
very slim OVS doesn't fit well overall, especially due to perfomance
constraints.

A portgroup/vlan filter+manager on top of vale(4) was a much better
companion for bhyve(4).  I'll start immediately when retireing (learing
to use whatever debugger will be arround then...)  ;-)

-harry