[Fedora-xen] netloop
Mark McLoughlin
markmc at redhat.com
Mon Apr 16 06:52:01 UTC 2007
On Sat, 2007-04-14 at 19:12 +0100, Daniel P. Berrange wrote:
> For compatability with FC5/6 we need to keep using network-bridge in the
> default RPM setup. What we're trying to do is alter the network-bridge
> script so that it doesn't need to use the netloop module. Part of this
> work involves kernel changes to the way the Xen network module transfer
> data to avoid some potential denial-of-service conditions that arise if
> you're not using netloop.
Just to elaborate ...
The only reason netloop exists is to prevent the netback driver from
"seizing up" if packets from DomU, destined for Dom0, are queued up
indefinitely in Dom0 socket buffers causing hypervisor resources (grant
table entries?) to be exhausted. The netloop solution is to copy packets
from DomU just before they are delivered to Dom0's networking stack.
The new solution is for netback to keep track of packets and to
periodically copy any packets which have been queued up for too long.
That way you don't need the netloop device at all.
Cheers,
Mark.
More information about the Fedora-xen
mailing list