Date: Tue, 12 May 2009 01:23:27 -0500 From: Brooks Davis <brooks@freebsd.org> To: Marko Zec <zec@freebsd.org> Cc: Brooks Davis <brooks@freebsd.org>, Perforce Change Reviews <perforce@freebsd.org> Subject: Re: PERFORCE change 161793 for review Message-ID: <20090512062327.GA16196@lor.one-eyed-alien.net> In-Reply-To: <200905110405.32580.zec@freebsd.org> References: <200905082144.n48LiKYP021818@repoman.freebsd.org> <20090509191540.GA85588@lor.one-eyed-alien.net> <200905110405.32580.zec@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--ikeVEW9yuYc//A+q Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, May 11, 2009 at 04:05:32AM +0200, Marko Zec wrote: > On Saturday 09 May 2009 21:15:41 Brooks Davis wrote: > > On Fri, May 08, 2009 at 09:44:20PM +0000, Marko Zec wrote: > > > http://perforce.freebsd.org/chv.cgi?CH=3D161793 > > > > > > Change 161793 by zec@zec_tpx32 on 2009/05/08 21:43:51 > > > > > > A controversial hack: when allocating if_unit numbers for > > > cloning ifnets, do NOT resort to bitmap mappings, but > > > iterate through all existing ifnets in a particular vnet > > > as long as a free unit number is found. > > > > > > The problem here is that we are switchng from a O(n) to > > > a O(n**2) search method with more work being done in each > > > iteration. So this should be revisited RSN. > > > > IMO the best solution for now is to retain the global namespace and > > thus not worry about virtualizing this any more than we do for em0. >=20 > It's not that simple - don't forget that we need to have lo0 in each vnet= due=20 > to expectations from various userland applications. Moreover, users of= =20 > cloning ifnets would expect to get (as an example) vlan0, vlan1, vlan2 wh= en=20 > issuing ifconfig vlan create, not vlan539, vlan1, vlan123 etc. The same = goes=20 > for tunneling interfaces, ng_eiface, ng_iface etc. I think the general= =20 > principle behind vimage / vnets was not to allow for any information leak= ages=20 > between the isolated contexts, and retaining global namespace for cloning= =20 > ifnets would significantly violate that principle. lo0 will need to be an exception, but I'd be inclined to only violate name uniqueness in that case. I agree that there is a longterm argument that vimage instances should look like stand alone machines in the areas that are virtualized, but at this stage of the 8.0 I think we're much better off not attempting to find all the possible edge cases. > > This must not make it in to current since if it did, users with tunnel > > brokers would be very unhappy. >=20 > Precisely for the sake of tunnel brokers, I think each vnet should have i= ts=20 > own namespace for cloning devices - and this has nothing to do with "em0"= or=20 > any other physical ifnet which does not use the if_clone infrastructure. = I=20 > agree that the O(n**2) code for searching for free ifunits should not get= =20 > commited into svn, but Julian and I already discussed how we could virtua= lize=20 > the existing O(n) bitmapped algorithm in if_clone.c, and will try to subm= it=20 Tunnel brokers mostly likely won't care AT ALL what name the interfaces have. They will case that performance will be terrible due to the n^2 algorithm. -- Brooks >=20 > Marko >=20 --ikeVEW9yuYc//A+q Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iD8DBQFKCRXdXY6L6fI4GtQRAiUSAKDMaQx/i2JPNx1zIczBRbWLvON4BQCeNLaP Id+cuGDuyaUzME763kncfEw= =H0/L -----END PGP SIGNATURE----- --ikeVEW9yuYc//A+q--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090512062327.GA16196>