From mboxrd@z Thu Jan 1 00:00:00 1970 From: Daniel Lezcano Subject: network virtualization performances Date: Wed, 02 May 2007 21:53:10 +0200 Message-ID: <4638EC26.4010209@fr.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Return-path: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: xen-devel@lists.xensource.com List-Id: xen-devel@lists.xenproject.org Hi all, I am currently working on the network virtualization for lightweight containers based on the network namespace concept. The network device list are relative to a namespace, so in one namespace, you can not access to network device belonging to another namespace. To allow the namespace to communicate, a special network device has been written. It is like a "pipe" but for the network with an extremity in each namespace. By this way, the virtualized environment can send traffic via a network device (an extremity of the "pipe") and the traffic goes to the namespace where the real nic is. During some performance testing, I noticed that using the Gigabyte NIC and netperf, the cpu usage is much more important when the network is virtualized than when not. After investigating, it appears the real NIC is an offload card and when we are using the virtual network device, the offloading is lost and the kernel spends a lot of time to compute checksums and tcp segmentations. That makes sense because the virtual device has not the HW feature like the real NIC. After looking in internet, I found the "Optimizing Network Virtualization in Xen" document and the problems seems to be exactly the same. Do you have some pointers, informations about these optimization, specific optimization code or anything else which can help me ? Thanks you in advance. Regards. -- Daniel