36
edits
Changes
no edit summary
There are a number of approached to the network virtualization, caused different requirements for different usages. This page is made in order to summarize them and create solution, suitable for all.
== Usages ==
Current known usages are:
* Virtual Environments - complete OS environment, with it's own users, groups, filesystems and devices;
* Application Containers - partly isolated environment with application inside.
== Approaches ==
* virtualization on the 2nd level (OpenVZ);
: For input packets context switching is performed in device xmit code, requires virtual device for performing. For output, context is inherited from socket one.
* virtualization on the 3d level (IBM);
: For input packets context switching is performed in routing code, for output - inherited from socket one.
* socket virtualization (Linux-VServer).
: There is no context switching for packets at all, checks are perfromed between process and socket contexts.
== Virtualization table ==
This is a summary table in order to show which core networking objects are virtualized/isolated in above approaches or not.
{| border="1" cellpadding="3" cellspacing="0"
! width="20%" | Virtualization approach
! width="13%" | devices
! Width="13%" | routing tables
! Width="13%" | routing cache
! Width="13%" | sockets
|-
| 2d level virtualization || v || v || i || v
|-
| 3d level virtualization || - || i || - || i
|-
| bind filtering || - || - || - || i
|}
Legend:
* 'v' - virtualized
* 'i' - isolated
* '-' - nor virtualized, nor isolated
== Usages ==
Current known usages are:
* Virtual Environments - complete OS environment, with it's own users, groups, filesystems and devices;
* Application Containers - partly isolated environment with application inside.
== Approaches ==
* virtualization on the 2nd level (OpenVZ);
: For input packets context switching is performed in device xmit code, requires virtual device for performing. For output, context is inherited from socket one.
* virtualization on the 3d level (IBM);
: For input packets context switching is performed in routing code, for output - inherited from socket one.
* socket virtualization (Linux-VServer).
: There is no context switching for packets at all, checks are perfromed between process and socket contexts.
== Virtualization table ==
This is a summary table in order to show which core networking objects are virtualized/isolated in above approaches or not.
{| border="1" cellpadding="3" cellspacing="0"
! width="20%" | Virtualization approach
! width="13%" | devices
! Width="13%" | routing tables
! Width="13%" | routing cache
! Width="13%" | sockets
|-
| 2d level virtualization || v || v || i || v
|-
| 3d level virtualization || - || i || - || i
|-
| bind filtering || - || - || - || i
|}
Legend:
* 'v' - virtualized
* 'i' - isolated
* '-' - nor virtualized, nor isolated