Editing Containers/Network virtualization
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 7: | Line 7: | ||
== Approaches == | == Approaches == | ||
− | + | * '''virtualization on the 2nd level (OpenVZ)'''; | |
− | + | : For input packets context switching is performed in device xmit code, requires virtual device for performing. For output, context is inherited from socket one. | |
− | + | * '''virtualization on the 3d level (IBM)'''; | |
− | + | : For input packets context switching is performed in routing code, for output - inherited from socket one. | |
− | + | * '''socket virtualization (Linux-VServer)'''. | |
− | + | : There is no context switching for packets at all, checks are performed between process and socket contexts. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | For input packets context switching is performed in | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | For input packets context switching is | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Virtualization table == | == Virtualization table == | ||
− | This is a summary table in order to show which core networking objects are virtualized/isolated in | + | This is a summary table in order to show which core networking objects are virtualized/isolated in above approaches or not. |
{| class="wikitable" | {| class="wikitable" | ||
! width="20%" | Virtualization approach | ! width="20%" | Virtualization approach | ||
− | ! width=" | + | ! width="13%" | network devices |
− | ! Width=" | + | ! Width="13%" | routing tables |
− | ! Width=" | + | ! Width="13%" | network sockets |
− | ! Width=" | + | ! Width="13%" | netfilters |
− | |||
|- | |- | ||
− | | 2d level virtualization || v || v/i | + | | 2d level virtualization || v || v/i || v || v |
|- | |- | ||
− | | 3d level virtualization || - | + | | 3d level virtualization || - || i || i || - |
|- | |- | ||
− | | | + | | bind filtering || - || - || i || - |
|} | |} | ||