All of lore.kernel.org
 help / color / mirror / Atom feed
From: Grant Taylor <gtaylor@tnetconsulting.net>
To: lartc@vger.kernel.org
Subject: Re: tc question about ingress bandwidth splitting
Date: Tue, 24 Mar 2020 18:17:30 +0000	[thread overview]
Message-ID: <80cb040e-532a-5279-bcd0-4f743e73ff54@tnetconsulting.net> (raw)
In-Reply-To: <74CFEE65-9CE8-4CF7-9706-2E2E67B24E08@redfish-solutions.com>

[-- Attachment #1: Type: text/plain, Size: 2041 bytes --]

On 3/24/20 3:21 AM, Marco Gaiarin wrote:
> Interesting... i've found:
> 
> https://blog.scottlowe.org/2013/09/04/introducing-linux-network-namespac
> es/
> 
> and i've not understood how can i 'link' phisical interfaces with 
> vethX.

It depends what you mean by "link".

> Using bond?

I would avoid using a bond with a vEth interface.

> But after that, i need to use ebtales?

Did you mean "bridge"?

ebtables, as in Ethernet Bridging Tables, is associated with bridges.

Bonding is LACP / EtherChannel / etc.

Yes, bridging would be a good choice to have L2 connectivity between the 
Network Namespace and the physical NIC.

You can also use traditional routing between the physical and the vEth NICs.

You can even move the physical NIC into a Network Namespace.

It *REALLY* depends on what you want to do.

Network Namespaces are as powerful as the Linux kernel is.  Meaning that 
you can do just about everything with the network in a network namespace 
that you can do outside of it.  The benefit is that you can have 
multiple network namespaces on the same machine with minimal resources used.

Think about all the things that you can do with virtual machines acting 
as routers (or other servers), but with comparatively no resource 
utilization.

I think about network namespaces as if they are different sets of 
configuration data that the same kernel TCP/IP stack uses.  So the 
resource over head is only what's necessary to hold the different 
network configuration.  (I'm guessing single digit MBs at the most.)

I have had double digits of network namespaces on Raspberry Pis multiple 
times.  No problem.  Getting fat VMs on a Raspberry Pi is problematic 
b/c of resource constraint.

> ifbX interfaces are very limited by not having connection tracking,
> having some 'real' interfaces would be a must!

vEth interfaces are very much so 'real' interfaces.

As are MACVLAN & IPVLAN, other options that are frequently used.



-- 
Grant. . . .
unix || die


[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4013 bytes --]

  parent reply	other threads:[~2020-03-24 18:17 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-03-22 21:56 tc question about ingress bandwidth splitting Philip Prindeville
2020-03-22 22:59 ` Grant Taylor
2020-03-24  6:51 ` Philip Prindeville
2020-03-24  9:21 ` Marco Gaiarin
2020-03-24 17:57 ` Grant Taylor
2020-03-24 18:17 ` Grant Taylor [this message]
2020-03-26  3:44 ` Philip Prindeville
2020-03-26  3:53 ` Fwd: " Philip Prindeville
2020-03-26 12:50   ` Toke Høiland-Jørgensen
2020-03-26  4:03 ` Grant Taylor
2020-04-01  9:48 ` Marco Gaiarin
2020-04-03 22:44 ` Grant Taylor
2020-04-06  9:13 ` Marco Gaiarin
2020-04-13  1:11 ` Grant Taylor
2020-04-17  9:58 ` Marco Gaiarin
  -- strict thread matches above, loose matches on Subject: below --
2020-03-22 18:20 Philip Prindeville
2020-03-23  6:47 ` Gáspár Lajos
2020-03-23  9:36   ` Marc SCHAEFER
2020-03-23 18:15     ` Philip Prindeville

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=80cb040e-532a-5279-bcd0-4f743e73ff54@tnetconsulting.net \
    --to=gtaylor@tnetconsulting.net \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.