[crossbow-discuss] A Virtual Router/Switch for Virtual Machines?

Kais Belgaied Kais.Belgaied at Sun.COM
Mon Feb 5 09:44:42 PST 2007 


Jeff Victor wrote On 02/05/07 06:45 AM,:

> Bill Quayle wrote:
>
>> I apologize if this has been discussed, as I am relatively new to this
>> forum.
>>
>> I would like to create a network of containers under a single global 
>> zone.
>> Can I do this without hitting the physical network?
>

depends what you mean by "hitting" the physical network.

Multiple VNICs can be created over the same NIC, and comminicate among 
each other
without going through the NIC itself.
The NIC is just an anchor point to create the vnics, it's there for 
control operation,
and no packet destined to the machine goes to the wire (see also Dave's 
reply)

If you want the same inter-vnic communication on a host tht has no 
physical NICs (or none
available for such use), then we'll have that in a future phase, using 
v-switches.

>>
>>
>> I envision the ability to create virtual routers and switches, 
>> allowing one
>> to create this network of Solaris and Linux zones within a single 
>> physical
>> box.  (This would provide a huge benefit to a transaction processing 
>> shop.)
>

yep. cool appliance, isn't it :)

>>
>
> If you would like multiple containers to communicate with each other, 
> without using the physical network for inter-container transport, you 
> can do that today without Crossbow.  All inter-container traffic stays 
> in the IP stack.


that's right.
However, with IP level communication you don't get to filter between 
exclusive zones,
you don't get to snoop their assigned interfaces individually, and you 
don't get to express
different bandwidth allocation policy to each.

    Kais.

>
> Another example that you can do without Crossbow is a web server which 
> sits in one container and uses the physical network, and an app server 
> which only communicates with the web server, and perhaps with another 
> container in which you run a DB server.
>
> But if you would like something more sophisticated, e.g. packets come 
> in from the network into one container where they are filtered, and 
> some packets are forwarded/routed to other containers in the same 
> system, you should be looking at Crossbow.
>
>
> -------------------------------------------------------------------------- 
>
> Jeff VICTOR              Sun Microsystems            jeff.victor @ 
> sun.com
> OS Ambassador            Sr. Technical Specialist
> Solaris 10 Zones FAQ:    
> http://www.opensolaris.org/os/community/zones/faq
> -------------------------------------------------------------------------- 
>
> _______________________________________________
> crossbow-discuss mailing list
> crossbow-discuss at opensolaris.org
> http://opensolaris.org/mailman/listinfo/crossbow-discuss

More information about the crossbow-discuss mailing list