From owner-freebsd-net@FreeBSD.ORG Fri May 30 11:26:47 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2D43D37B401; Fri, 30 May 2003 11:26:47 -0700 (PDT) Received: from perrin.int.nxad.com (internal.ext.nxad.com [69.1.70.251]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9FF9843F93; Fri, 30 May 2003 11:26:46 -0700 (PDT) (envelope-from sean@nxad.com) Received: by perrin.int.nxad.com (Postfix, from userid 1001) id 14FFC21065; Fri, 30 May 2003 11:26:46 -0700 (PDT) Date: Fri, 30 May 2003 11:26:45 -0700 From: Sean Chittenden To: Marko Zec Message-ID: <20030530182645.GP62688@perrin.int.nxad.com> References: <3ED14BF3.139CAC32@tel.fer.hr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3ED14BF3.139CAC32@tel.fer.hr> X-PGP-Key: finger seanc@FreeBSD.org X-PGP-Fingerprint: 3849 3760 1AFE 7B17 11A0 83A6 DD99 E31F BC84 B341 X-Web-Homepage: http://sean.chittenden.org/ User-Agent: Mutt/1.5.4i X-Mailman-Approved-At: Fri, 30 May 2003 17:25:03 -0700 cc: hackers@freebsd.org Subject: Re: Network stack cloning / virtualization patches X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 May 2003 18:26:47 -0000 > at http://www.tel.fer.hr/zec/vimage/ you can find a set of patches > against 4.8-RELEASE kernel that provide support for network stack > cloning. The patched kernel allows multiple fully independent > network stack instances to simultaneously coexist within a single OS > kernel, providing a foundation for supporting diverse new > applications, including: > > - Enhanced virtual hosting (think of jails with its own private set of > network interfaces, IP addresses, routing tables, ipfw and dummynet > instance etc.); > - High-performance real-time network simulation / emulation; > - Fully isolated overlay VPN provisioning (using IP tunnels), including > the possibility of creating nested VPNs. > > The network stacks are embedded in new resource container entities > named "virtual images". Each process and network stack instance within > the system has to be associated with a virtual image, which in effect > becomes a light or pseudo virtual machine entity. Additional goodies > include the possibility to control some other resources besides the > network stack, most notably the independent CPU load and usage > accounting, as well as feedback-driven proportional share scheduling > among virtual images. For more details, check the above URL. > Note that the patch was designed to allow all existing applications and > utilities to run unmodified on the patched kernel, so no recompiling of > the userland is necessary. > > Hope you'll find use for the new framework :-) Has anyone stepped forward to possibly shepherd this code into the tree? I am highly interested in this code and would like to see it incorporated into the base system (read: -CURRENT, before 5.2). After looking at the TODO, I realize that this patch isn't 100% yet, but can it be broken down into a smaller set of commits? Anyone doing virtual hosting would kill to have this functionality in FreeBSD right now. -sc -- Sean Chittenden