[libvirt] Replace AF_LOCAL with AF_PACKET
Hi, I've a question on whether it's 'safe' to change the socket type used in virNetxxx calls from AF_PACKET to AF_LOCAL ? The reason I ask is that we're using libvirt-lxc with a couple of bridge interfaces, and we've found that the socket close call on AF_PACKET type sockets takes between 40ms and 60ms. For our container config there is roughly 12 close calls on AF_PACKET sockets, delaying the start-up of the LXC container by around 450ms. So a simple fix to speed up our container start-up is to just switch from AF_PACKET to AF_LOCAL sockets. Hence my question on whether we can safely do this, or is there some reason why AF_PACKET was chosen ? Thanks in advance, Ben. FWIW - I believe that AF_PACKET sockets take so long to close is because the kernel packet driver calls synchronize_net() when closing.
On Fri, Jul 31, 2015 at 03:10:24PM +0100, Ben Gray wrote:
Hi,
I've a question on whether it's 'safe' to change the socket type used in virNetxxx calls from AF_PACKET to AF_LOCAL ?
The reason I ask is that we're using libvirt-lxc with a couple of bridge interfaces, and we've found that the socket close call on AF_PACKET type sockets takes between 40ms and 60ms. For our container config there is roughly 12 close calls on AF_PACKET sockets, delaying the start-up of the LXC container by around 450ms.
So a simple fix to speed up our container start-up is to just switch from AF_PACKET to AF_LOCAL sockets. Hence my question on whether we can safely do this, or is there some reason why AF_PACKET was chosen ?
AFAIK, there's no particular reason why we chose AF_PACKET - we were probably just copying code somewhere else. Looking at the kernel code it seems the various ioctls() we do are accepted on any type of socket family. So if AF_LOCAL works, I don't see a reason not to change it. We should probably test old distro like RHEL5 to be sure there's no historical reason for it though. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
Thanks Daniel, It does indeed work for us, we use both a NAT based network config and an Isolated network config. So far we haven't seen any negative impacts. For reference this is the very simple patch I did --- a/src/util/virnetdev.c 2015-07-31 15:46:58.925705063 +0100 +++ b/src/util/virnetdev.c 2015-07-31 15:47:13.545901192 +0100 @@ -40,7 +40,7 @@ #ifdef __linux__ # include <linux/sockios.h> # include <linux/if_vlan.h> -# define VIR_NETDEV_FAMILY AF_PACKET +# define VIR_NETDEV_FAMILY AF_LOCAL #elif defined(HAVE_STRUCT_IFREQ) && defined(AF_LOCAL) # define VIR_NETDEV_FAMILY AF_LOCAL #else Thanks once again, Ben.
Hi,
I've a question on whether it's 'safe' to change the socket type used in virNetxxx calls from AF_PACKET to AF_LOCAL ?
The reason I ask is that we're using libvirt-lxc with a couple of bridge interfaces, and we've found that the socket close call on AF_PACKET type sockets takes between 40ms and 60ms. For our container config there is roughly 12 close calls on AF_PACKET sockets, delaying the start-up of the LXC container by around 450ms.
So a simple fix to speed up our container start-up is to just switch from AF_PACKET to AF_LOCAL sockets. Hence my question on whether we can safely do this, or is there some reason why AF_PACKET was chosen ? AFAIK, there's no particular reason why we chose AF_PACKET - we were
On Fri, Jul 31, 2015 at 03:10:24PM +0100, Ben Gray wrote: probably just copying code somewhere else. Looking at the kernel code it seems the various ioctls() we do are accepted on any type of socket family. So if AF_LOCAL works, I don't see a reason not to change it.
We should probably test old distro like RHEL5 to be sure there's no historical reason for it though.
Regards, Daniel
participants (2)
-
Ben Gray -
Daniel P. Berrange