Date: Thu, 22 Nov 2012 11:32:58 +0000 From: "Teske, Devin" <Devin.Teske@fisglobal.com> To: "<nickolasbug@gmail.com>" <nickolasbug@gmail.com> Cc: Morgan Reed <morgan.s.reed@gmail.com>, "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org> Subject: Re: natd in a jail Message-ID: <13CA24D6AB415D428143D44749F57D7201E49842@ltcfiswmsgmb21> In-Reply-To: <CAMgYTKsVcSqhE1iO=b%2Bb%2BF1XwHr2cFNgKa=%2BNnzUsNjSGk5TgQ@mail.gmail.com> References: <CAKnh_YtF5f_0-vuGO0ov%2BJDKa_gxF%2Bf80-DCcfxPYyew0_ZG7Q@mail.gmail.com> <CAPyG9gM4Ht560WEerVXvxx=W8Q=thC7FtGyaFMC5Pou2kijLBw@mail.gmail.com> <CAMgYTKsVcSqhE1iO=b%2Bb%2BF1XwHr2cFNgKa=%2BNnzUsNjSGk5TgQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Nov 22, 2012, at 2:43 AM, <nickolasbug@gmail.com> wrote: >> I've not used it myself, but this sound like something VIMAGE may be good >> for, basically it's a virtual tcp stack per jail, there's some docs at >> http://wiki.freebsd.org/Image but I seem to remember a more up to date o= ne >> elsewhere but can't find it at the moment! I have created a boot script for managing vimages (downloadable as a FreeBS= D package) and made a little write-up on how to use it... http://druidbsd.sf.net/vimage.shtml Note that I use netgraph for bridging (not if_bridge+epair method which see= ms to be popular in some other setups -- we've benchmarked netgraph and it = scales well). Not to mention that "ngctl dot | dot -Tsvg -o network.svg" ca= n produce nice pretty graphs of your vimage structure when using my setup. > AFAIK, VIMAGE is still experimental feature. Works great, tho, seriously! We're multiplexing hardware 20:1 and could pro= bably push it further (but have conservatively kept things at about 2-3x th= e number of logical CPUs for number-of-vimages (tho, we have benchmarked up= to 65530 nodes on a single bridged network connection before netgraph woul= d refuse to make another (impressive -- but not nearly as impressive as the= ~90 minutes it took ifconfig to list all the interfaces lol?). --=20 Devin _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?13CA24D6AB415D428143D44749F57D7201E49842>