Re: virtual NICs

From: Davy Durham
Date: Wed Nov 16 2005 - 16:56:49 EST

Next message: Trond Myklebust: "Re: mmap over nfs leads to excessive system load"
Previous message: Badari Pulavarty: "Re: 2.6.14 X spinning in the kernel"
In reply to: linux-os (Dick Johnson): "Re: virtual NICs"
Next in thread: Lee Causier: "Re: virtual NICs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

First, thanks for the prompt response.

linux-os (Dick Johnson) wrote:

Of course there is extra work! Any time something has to be checked
(filtered), there is the overhead of the filtering. In the case of
two or more IP addresses, the software has to perform an ARP on two
or more IPs. This means that it needs to "listen" for more queries.
Note that machines on Ethernet, communicate using their hardware-
addresses i.e., the "IEEE station address". But, the initial route
to the target machine needs to be set up by broadcasting an IP address,
thereby asking everybody on the LAN if the IP address belongs to them.
Hopefully only one machine answers. This sequence is called ARP
(address resolution protocol).

My question was whether the one being defined to eth0 has an advantage over the one assigned to eth0:0 since one is real and one is virtual. My uninformed instinct told me to wonder if the NIC hardware itself somehow gets told to handle the IP assigned to eth0 and something in the linux software has to handle the IP assigned to eth0:0

I realize that the machine will have to do more work total. But I wonder if it's any more work than if the server has two NICs with two different IPs.

Adding more IP addresses is like adding more machines as far as
the source (perhaps a router) is concerned. Adding more IP addresses
to a single host is sometimes necessary, but it is not without
cost. Basically, don't do it unless it's necessary.

It's necessary because of the in-born inability for name based virtual hosting to be done over SSL (though I think this inability was unnecessary in that it could have been relaxed if just a little bit of unsecured data could be transmitted in the SSL header allowing the server to make some decision based on that clear data.. but that's another matter).

Thanks again,
Davy
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Trond Myklebust: "Re: mmap over nfs leads to excessive system load"
Previous message: Badari Pulavarty: "Re: 2.6.14 X spinning in the kernel"
In reply to: linux-os (Dick Johnson): "Re: virtual NICs"
Next in thread: Lee Causier: "Re: virtual NICs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]