virtual NICs

virtual NICs

[Davy Durham]

Curious question:

  If I configure multiple IP addresses to a NIC, and assign 1.2.3.4 to 
eth0 and 5.6.7.8 to eth0:0 (a virtual NIC) is there extra work involved 
on the part of the CPU or memory or whatever in routing traffic via 
5.6.7.8 than 1.2.3.4.. I mean does one IP have an advantage over the 
other in any sense?

Thanks,
  Davy

Re: virtual NICs

[linux-os (Dick Johnson)]

On Wed, 16 Nov 2005, Davy Durham wrote:

> Curious question:
>
>  If I configure multiple IP addresses to a NIC, and assign 1.2.3.4 to
> eth0 and 5.6.7.8 to eth0:0 (a virtual NIC) is there extra work involved
> on the part of the CPU or memory or whatever in routing traffic via
> 5.6.7.8 than 1.2.3.4.. I mean does one IP have an advantage over the
> other in any sense?
>

Of course there is extra work! Any time something has to be checked
(filtered), there is the overhead of the filtering. In the case of
two or more IP addresses, the software has to perform an ARP on two
or more IPs. This means that it needs to "listen" for more queries.
Note that machines on Ethernet, communicate using their hardware-
addresses i.e., the "IEEE station address". But, the initial route
to the target machine needs to be set up by broadcasting an IP address,
thereby asking everybody on the LAN if the IP address belongs to them.
Hopefully only one machine answers. This sequence is called ARP
(address resolution protocol).

Adding more IP addresses is like adding more machines as far as
the source (perhaps a router) is concerned. Adding more IP addresses
to a single host is sometimes necessary, but it is not without
cost. Basically, don't do it unless it's necessary.

> Thanks,
>  Davy
> -

Cheers,
Dick Johnson
Penguin : Linux version 2.6.13.4 on an i686 machine (5589.44 BogoMips).
Warning : 98.36% of all statistics are fiction.
.

****************************************************************
The information transmitted in this message is confidential and may be privileged.  Any review, retransmission, dissemination, or other use of this information by persons or entities other than the intended recipient is prohibited.  If you are not the intended recipient, please notify Analogic Corporation immediately - by replying to this message or by sending an email to DeliveryErrors@analogic.com - and destroy all copies of this information, including any attachments, without reading or disclosing them.

Thank you.

Re: virtual NICs

[Davy Durham]

First, thanks for the prompt response.

linux-os (Dick Johnson) wrote:

>Of course there is extra work! Any time something has to be checked
>(filtered), there is the overhead of the filtering. In the case of
>two or more IP addresses, the software has to perform an ARP on two
>or more IPs. This means that it needs to "listen" for more queries.
>Note that machines on Ethernet, communicate using their hardware-
>addresses i.e., the "IEEE station address". But, the initial route
>to the target machine needs to be set up by broadcasting an IP address,
>thereby asking everybody on the LAN if the IP address belongs to them.
>Hopefully only one machine answers. This sequence is called ARP
>(address resolution protocol).
>
>  
>
My question was whether the one being defined to eth0 has an advantage 
over the one assigned to eth0:0 since one is real and one is virtual.  
My uninformed instinct told me to wonder if the NIC hardware itself 
somehow gets told to handle the IP assigned to eth0 and something in the 
linux software has to handle the IP assigned to eth0:0

I realize that the machine will have to do more work total.  But I 
wonder if it's any more work than if the server has two NICs with two 
different IPs.

>Adding more IP addresses is like adding more machines as far as
>the source (perhaps a router) is concerned. Adding more IP addresses
>to a single host is sometimes necessary, but it is not without
>cost. Basically, don't do it unless it's necessary.
>
>  
>
It's necessary because of the in-born inability for name based virtual 
hosting to be done over SSL (though I think this inability was 
unnecessary in that it could have been relaxed if just a little bit of 
unsecured data could be transmitted in the SSL header allowing the 
server to make some decision based on that clear data.. but that's 
another matter).

Thanks again,
  Davy

Re: virtual NICs

[Lee Causier]

Hi,
Just a quick note..

iirc, virtual interfaces are necessary in order to configure multiple
IP addresses using "ifconfig", but if you use iproute2's tools you can
add any/all IPs to one interface (the original, eg eth0, br0, vlan0001
etc) with a command like "ip addr add 12.3.45.66/28 dev eth0" and then
all the addresses are considered equal; although ifconfig will only
list one of the IPs (it appears that it is restricted to
"understanding" only one IP per interface)

Cheers,

Lee Causier.
Undergraduate
BSc Computer Science (Year 1)

On 11/16/05, Davy Durham <pubaddr2@davyandbeth.com> wrote:
> First, thanks for the prompt response.
>
> linux-os (Dick Johnson) wrote:
>
> >Of course there is extra work! Any time something has to be checked
> >(filtered), there is the overhead of the filtering. In the case of
> >two or more IP addresses, the software has to perform an ARP on two
> >or more IPs. This means that it needs to "listen" for more queries.
> >Note that machines on Ethernet, communicate using their hardware-
> >addresses i.e., the "IEEE station address". But, the initial route
> >to the target machine needs to be set up by broadcasting an IP address,
> >thereby asking everybody on the LAN if the IP address belongs to them.
> >Hopefully only one machine answers. This sequence is called ARP
> >(address resolution protocol).
> >
> >
> >
> My question was whether the one being defined to eth0 has an advantage
> over the one assigned to eth0:0 since one is real and one is virtual.
> My uninformed instinct told me to wonder if the NIC hardware itself
> somehow gets told to handle the IP assigned to eth0 and something in the
> linux software has to handle the IP assigned to eth0:0
>
> I realize that the machine will have to do more work total.  But I
> wonder if it's any more work than if the server has two NICs with two
> different IPs.
>
> >Adding more IP addresses is like adding more machines as far as
> >the source (perhaps a router) is concerned. Adding more IP addresses
> >to a single host is sometimes necessary, but it is not without
> >cost. Basically, don't do it unless it's necessary.
> >
> >
> >
> It's necessary because of the in-born inability for name based virtual
> hosting to be done over SSL (though I think this inability was
> unnecessary in that it could have been relaxed if just a little bit of
> unsecured data could be transmitted in the SSL header allowing the
> server to make some decision based on that clear data.. but that's
> another matter).
>
> Thanks again,
>   Davy
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
>

Re: virtual NICs

[Bernd Eckenfels]

In article <7fce76bf0511161442q5eef217dhe14f6ff1625437a2@mail.gmail.com> you wrote:
> iirc, virtual interfaces are necessary in order to configure multiple
> IP addresses using "ifconfig"

"ifconfig add" works only with v6, yes. (However this feature is easy to add
http://net-tools.berlios.de)

Note: there are some differences between alias interfaces and additional
interface addresses, because there is a primary address.

Gruss
Bernd