From: Mike Wray <mike.wray@hp.com>
To: James Harper <james.harper@bendigoit.com.au>
Cc: Xen-devel <xen-devel@lists.xensource.com>,
Ewan Mellor <ewan@xensource.com>
Subject: Re: Xend vnet support to be removed
Date: Tue, 13 Dec 2005 09:23:39 +0000 [thread overview]
Message-ID: <439E931B.6010201@hp.com> (raw)
In-Reply-To: <AEC6C66638C05B468B556EA548C1A77DAF01CE@trantor.int.sbss.com.au>
James Harper wrote:
> Based on the description from your documentation, it sounds like the
> guts of vnets could be done with 802.1q vlan trunking and bridging. No
> extra code required. I'm already doing this now, where each xen server
> has two physical interfaces (one for AoE, and one for domu network
> access). I can provide some more information on 802.1q vlan trunking if
> anyone is interested.
>
> I'm basing all of my knowledge of vnets on a brief skim of the
> documentation in your email below, so feel free to enlighten me as to
> why they are different :)
In terms of abstract functionality they are very similar,
but there are important practical differences.
As far as I am aware, use of vlans requires that you have vlan-capable
switches in your network, and that you can configure them. Ordinary mortals
can't usually configure their network's vlan switches (if it has them).
Vnets don't require any assistance from the network,
and can be tunneled to remote subnets or through firewalls.
This is because vnets tunnel ethernet frames inside IP packets, which are
then routed normally, rather than using a modified ethernet frame like the
802.1q vlan header.
So a vnet can be created by anyone and its connectivity can span an
arbitrary piece of the IP network - not something you can do with vlans
It's also possible to run completely independent vnet infrastructures on the
same network simply by using different multicast addresses.
A new vnet can be dynamically created by configuring its endpoints, without
configuring anything in the network.
Vlan packets are limited to a 12-bit vlan id and have no support for
authentication or encryption. Vnets support 128-bit vnet ids and can
support authentication and encryption, currently using IPSEC.
Mike
next prev parent reply other threads:[~2005-12-13 9:23 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-12-13 1:09 Xend vnet support to be removed James Harper
2005-12-13 9:23 ` Mike Wray [this message]
-- strict thread matches above, loose matches on Subject: below --
2005-12-12 12:58 Ian Pratt
2005-12-13 13:51 ` Mike Wray
2005-12-09 16:20 Ian Pratt
2005-12-09 16:33 ` Tim Freeman
2005-12-09 17:12 ` Ewan Mellor
2005-12-10 16:28 ` Sean Dague
2005-12-09 16:10 Ewan Mellor
2005-12-12 8:45 ` Mike Wray
2005-12-12 10:17 ` Ewan Mellor
2005-12-12 13:48 ` Mike Wray
2005-12-12 15:21 ` Ewan Mellor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=439E931B.6010201@hp.com \
--to=mike.wray@hp.com \
--cc=ewan@xensource.com \
--cc=james.harper@bendigoit.com.au \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.