From: David Vrabel <david.vrabel@citrix.com>
To: Stefano Stabellini <stefano@aporeto.com>, xen-devel@lists.xenproject.org
Cc: jgross@suse.com, lars.kurth@citrix.com, wei.liu2@citrix.com,
joao.m.martins@oracle.com, boris.ostrovsky@oracle.com,
roger.pau@citrix.com
Subject: Re: [DRAFT 1] XenSock protocol design document
Date: Fri, 8 Jul 2016 18:11:43 +0100 [thread overview]
Message-ID: <577FDECF.1070008@citrix.com> (raw)
In-Reply-To: <alpine.DEB.2.10.1607071740120.26575@sstabellini-ThinkPad-X260>
On 08/07/16 12:23, Stefano Stabellini wrote:
>
> XenSocks provides the following benefits:
> * guest networking works out of the box with VPNs, wireless networks and
> any other complex configurations on the host
Only in the trivial case where the host only has one external network.
Otherwise, you are going to have to have some sort of configuration to
keep guest traffic isolated from the management or storage network (for
example).
> * guest services listen on ports bound directly to the backend domain IP
> addresses
I think this could be done with SDN but I'm no expert on this area.
> * localhost becomes a secure namespace for intra-VMs communications
I presume you mean "inter-VM" communication here? This is already
achievable with a private bridged network for VMs on a host.
> * full visibility of the guest behavior on the backend domain, allowing
> for inexpensive filtering and manipulation of any guest calls
There's many existing solutions in this space for networking.
> * excellent performance
netback/netfront is pretty good now and further improvements to them
would have wider benefits.
David
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-07-08 17:11 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-08 11:23 [DRAFT 1] XenSock protocol design document Stefano Stabellini
2016-07-08 12:14 ` Juergen Gross
2016-07-08 14:16 ` Stefano Stabellini
2016-07-08 14:27 ` Juergen Gross
2016-07-08 15:57 ` David Vrabel
2016-07-08 16:52 ` Stefano Stabellini
2016-07-08 17:10 ` David Vrabel
2016-07-08 17:36 ` Stefano Stabellini
2016-07-08 17:11 ` David Vrabel [this message]
2016-07-11 10:59 ` Stefano Stabellini
2016-07-11 12:47 ` Paul Durrant
2016-07-12 17:39 ` Stefano Stabellini
2016-07-11 14:51 ` Joao Martins
2016-07-13 11:06 ` Stefano Stabellini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=577FDECF.1070008@citrix.com \
--to=david.vrabel@citrix.com \
--cc=boris.ostrovsky@oracle.com \
--cc=jgross@suse.com \
--cc=joao.m.martins@oracle.com \
--cc=lars.kurth@citrix.com \
--cc=roger.pau@citrix.com \
--cc=stefano@aporeto.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).