|
|
| Line 1: |
Line 1: |
| − | OpenVZ provides [[veth]] (Virtual eTHernet) or [[venet]] (Virtual NETwork) devices (or both) for in-[[CT]] networking. Here we describe the differences between those devices.
| + | F2EB4Y http://ontogen.com |
| − | | + | <a href="http://ontogen.com">online casino</a> |
| − | * ''veth'' allows broadcasts in CT, so you can use even a DHCP server inside a CT, or a samba server with domain broadcasts or other such stuff.
| + | [URL=http://ontogen.com]online casino[/URL] |
| − | * ''veth'' has some security implications. It is normally bridged directly to the host physical ethernet device and so must be treated with the same considerations as a real ethernet device on a standalone host. The CT users can access a ''veth'' device as they would a real ethernet interface. However, the CT root user is the only one that has priviledged access to the ''veth'' device.
| |
| − | * With ''venet'' device, only OpenVZ host node administrator can assign an IP to a CT. With ''veth'' device, network settings can be fully done on CT side by the CT administrator. CT should setup correct gateway, IP/netmask etc. and then a [[HN|node]] admin can only choose where your traffic goes.
| |
| − | * ''veth'' devices can be bridged together and/or with other devices. For example, in host system admin can bridge ''veth'' from 2 CTs with some VLAN eth0.X. In this case, these 2 CTs will be connected to this VLAN.
| |
| − | * ''venet'' device is a bit faster and more efficient.
| |
| − | * With ''veth'' devices, IPv6 auto generates an address from MAC.
| |
| − | | |
| − | The brief summary:
| |
| − | {| class="wikitable" style="text-align: center;"
| |
| − | |+ '''Differences between veth and venet'''
| |
| − | ! Feature !! [[veth]] !! [[venet]]
| |
| − | |-
| |
| − | ! MAC address
| |
| − | | {{yes}} || {{no}}
| |
| − | |-
| |
| − | ! Broadcasts inside CT
| |
| − | | {{yes}} || {{no}}
| |
| − | |-
| |
| − | ! Traffic sniffing
| |
| − | | {{yes}} || {{no}}
| |
| − | |-
| |
| − | ! Network security
| |
| − | | style="background: #ffdddd" | Low <ref>Independent of host. Each CT must setup its own separate network security.</ref>
| |
| − | | style="background: #ddffdd" | High<ref>Controlled by host.</ref>
| |
| − | |-
| |
| − | ! Can be used in bridges
| |
| − | | {{yes}} || {{no}}
| |
| − | |-
| |
| − | ! Performance
| |
| − | | style="background: #ffdddd" | Fast
| |
| − | | style="background: #ddffdd" | Fastest
| |
| − | |-
| |
| − | |}
| |
| − | <references/>
| |
| − | | |
| − | | |
| − | [[Category: Networking]] | |
