Date: Wed, 04 Dec 2002 11:41:25 +0100 From: Marko Zec <zec@tel.fer.hr> To: Terry Lambert <tlambert2@mindspring.com> Cc: net@freebsd.org, Tony Finch <dot@dotat.at>, wacky@ns1.vrx.net, hackers@freebsd.org Subject: Re: jail: multiple ip's Message-ID: <3DEDDBD5.3FEF6F04@tel.fer.hr> References: <E18JVwz-0003Hh-00@chiark.greenend.org.uk> <3DEDD35B.A1E7638E@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Terry Lambert wrote: > Tony Finch wrote: > > wacky@ns1.vrx.net (Mike Ghunt) wrote: > > > Has anyone hacked the jail code to support more than one ip? > > >Would it be wise to hack at the code to add such a feature? > > > > Probably the best way to address this issue is to incorporate the > > network stack virtualization patch, then change the jail ID from > > an IPv4 address into a network stack ID. > > I'm really tempted to say that the network virtualization patch > is special purpose, and introduces a lot of overhead that would > not be there without the network virtualization patch. Just the contrary, the network stack virtualization concept is mostly general-purpose oriented. The (minor) penalty of "a lot of overhead" introduced by the patch is measurable only on loopback traffic, however in practice the NIC media sets the limit on traffic throughput, so in most cases no performance degradation can be observed. Some measurement results can be found at http://www.tel.fer.hr/zec/papers/zec-bsdconeurope-2002.pdf On the other hand, I agree with you that this stuff is still in early experimental phase, but the patch has been proven to work reliably with 4.7-RELEASE as announced, with a -CURRENT version to follow soon... Marko To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DEDDBD5.3FEF6F04>