9:10 a.m.
Hi,
I've a question on whether it's 'safe' to change the socket type
used in virNetxxx calls from AF_PACKET to AF_LOCAL ?
The reason I ask is that we're using libvirt-lxc with a couple of
bridge interfaces, and we've found that the socket close call on
AF_PACKET type sockets takes between 40ms and 60ms. For our container
config there is roughly 12 close calls on AF_PACKET sockets, delaying
the start-up of the LXC container by around 450ms.
So a simple fix to speed up our container start-up is to just
switch from AF_PACKET to AF_LOCAL sockets. Hence my question on whether
we can safely do this, or is there some reason why AF_PACKET was chosen ?
Thanks in advance,
Ben.
FWIW - I believe that AF_PACKET sockets take so long to close is because
the kernel packet driver calls synchronize_net() when closing.
9:23 a.m.
On Fri, Jul 31, 2015 at 03:10:24PM +0100, Ben Gray wrote:
Hi,
I've a question on whether it's 'safe' to change the socket type used
in
virNetxxx calls from AF_PACKET to AF_LOCAL ?
The reason I ask is that we're using libvirt-lxc with a couple of bridge
interfaces, and we've found that the socket close call on AF_PACKET type
sockets takes between 40ms and 60ms. For our container config there is
roughly 12 close calls on AF_PACKET sockets, delaying the start-up of the
LXC container by around 450ms.
So a simple fix to speed up our container start-up is to just switch
from AF_PACKET to AF_LOCAL sockets. Hence my question on whether we can
safely do this, or is there some reason why AF_PACKET was chosen ?
AFAIK, there's no particular reason why we chose AF_PACKET - we were
probably just copying code somewhere else. Looking at the kernel code
it seems the various ioctls() we do are accepted on any type of socket
family. So if AF_LOCAL works, I don't see a reason not to change it.
We should probably test old distro like RHEL5 to be sure there's no
historical reason for it though.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
10:33 a.m.
Thanks Daniel,
It does indeed work for us, we use both a NAT based network config and
an Isolated network config. So far we haven't seen any negative impacts.
For reference this is the very simple patch I did
--- a/src/util/virnetdev.c 2015-07-31 15:46:58.925705063 +0100
+++ b/src/util/virnetdev.c 2015-07-31 15:47:13.545901192 +0100
@@ -40,7 +40,7 @@
#ifdef __linux__
# include <linux/sockios.h>
# include <linux/if_vlan.h>
-# define VIR_NETDEV_FAMILY AF_PACKET
+# define VIR_NETDEV_FAMILY AF_LOCAL
#elif defined(HAVE_STRUCT_IFREQ) && defined(AF_LOCAL)
# define VIR_NETDEV_FAMILY AF_LOCAL
#else
Thanks once again,
Ben.
On Fri, Jul 31, 2015 at 03:10:24PM +0100, Ben Gray wrote:
> Hi,
>
> I've a question on whether it's 'safe' to change the socket type
used in
> virNetxxx calls from AF_PACKET to AF_LOCAL ?
>
> The reason I ask is that we're using libvirt-lxc with a couple of bridge
> interfaces, and we've found that the socket close call on AF_PACKET type
> sockets takes between 40ms and 60ms. For our container config there is
> roughly 12 close calls on AF_PACKET sockets, delaying the start-up of the
> LXC container by around 450ms.
>
> So a simple fix to speed up our container start-up is to just switch
> from AF_PACKET to AF_LOCAL sockets. Hence my question on whether we can
> safely do this, or is there some reason why AF_PACKET was chosen ?
AFAIK, there's no particular reason why we chose AF_PACKET - we were
probably just copying code somewhere else. Looking at the kernel code
it seems the various ioctls() we do are accepted on any type of socket
family. So if AF_LOCAL works, I don't see a reason not to change it.
We should probably test old distro like RHEL5 to be sure there's no
historical reason for it though.
Regards,
Daniel
3403
days inactive
3403
days old
2 comments
2 participants
participants (2)
-
Ben Gray -
Daniel P. Berrange