Date: Tue, 12 May 2009 01:23:27 -0500 From: Brooks Davis <brooks@freebsd.org> To: Marko Zec <zec@freebsd.org> Cc: Brooks Davis <brooks@freebsd.org>, Perforce Change Reviews <perforce@freebsd.org> Subject: Re: PERFORCE change 161793 for review Message-ID: <20090512062327.GA16196@lor.one-eyed-alien.net> In-Reply-To: <200905110405.32580.zec@freebsd.org> References: <200905082144.n48LiKYP021818@repoman.freebsd.org> <20090509191540.GA85588@lor.one-eyed-alien.net> <200905110405.32580.zec@freebsd.org>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Mon, May 11, 2009 at 04:05:32AM +0200, Marko Zec wrote: > On Saturday 09 May 2009 21:15:41 Brooks Davis wrote: > > On Fri, May 08, 2009 at 09:44:20PM +0000, Marko Zec wrote: > > > http://perforce.freebsd.org/chv.cgi?CH=161793 > > > > > > Change 161793 by zec@zec_tpx32 on 2009/05/08 21:43:51 > > > > > > A controversial hack: when allocating if_unit numbers for > > > cloning ifnets, do NOT resort to bitmap mappings, but > > > iterate through all existing ifnets in a particular vnet > > > as long as a free unit number is found. > > > > > > The problem here is that we are switchng from a O(n) to > > > a O(n**2) search method with more work being done in each > > > iteration. So this should be revisited RSN. > > > > IMO the best solution for now is to retain the global namespace and > > thus not worry about virtualizing this any more than we do for em0. > > It's not that simple - don't forget that we need to have lo0 in each vnet due > to expectations from various userland applications. Moreover, users of > cloning ifnets would expect to get (as an example) vlan0, vlan1, vlan2 when > issuing ifconfig vlan create, not vlan539, vlan1, vlan123 etc. The same goes > for tunneling interfaces, ng_eiface, ng_iface etc. I think the general > principle behind vimage / vnets was not to allow for any information leakages > between the isolated contexts, and retaining global namespace for cloning > ifnets would significantly violate that principle. lo0 will need to be an exception, but I'd be inclined to only violate name uniqueness in that case. I agree that there is a longterm argument that vimage instances should look like stand alone machines in the areas that are virtualized, but at this stage of the 8.0 I think we're much better off not attempting to find all the possible edge cases. > > This must not make it in to current since if it did, users with tunnel > > brokers would be very unhappy. > > Precisely for the sake of tunnel brokers, I think each vnet should have its > own namespace for cloning devices - and this has nothing to do with "em0" or > any other physical ifnet which does not use the if_clone infrastructure. I > agree that the O(n**2) code for searching for free ifunits should not get > commited into svn, but Julian and I already discussed how we could virtualize > the existing O(n) bitmapped algorithm in if_clone.c, and will try to submit Tunnel brokers mostly likely won't care AT ALL what name the interfaces have. They will case that performance will be terrible due to the n^2 algorithm. -- Brooks > > Marko > [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iD8DBQFKCRXdXY6L6fI4GtQRAiUSAKDMaQx/i2JPNx1zIczBRbWLvON4BQCeNLaP Id+cuGDuyaUzME763kncfEw= =H0/L -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090512062327.GA16196>