On 02/18/2014 05:58 AM, Laine Stump wrote:
On 02/17/2014 05:45 PM, John Ferlan wrote:
>
>
>>> <h5><a name="elementVlanTag">Setting VLAN tag (on
supported network types only)</a></h5>
>>> diff --git a/docs/formatnetwork.html.in b/docs/formatnetwork.html.in
>>> index 1ca1bec..d4c390a 100644
>>> --- a/docs/formatnetwork.html.in
>>> +++ b/docs/formatnetwork.html.in
>>> @@ -412,40 +412,81 @@
>>>
>>> <p>
>>> The <code><bandwidth></code> element
allows setting
>>> - quality of service for a particular network.
>>> - <span class="since">Since 0.9.4</span> The
limits specified
>>> + quality of service for a particular network
>>> + (<span class="since">since 0.9.4</span>). For
a <code>domain</code>
>>> + object, the limits specified are applied to the domain traffic.
>> I'm quite sure about the 'domain traffic'. The <bandwidth/>
under domain
>> limits the particular <interface/> that has <bandwidth/>. Having
'domain
>> traffic' written here may sound like if the domain traffic was
>> aggregated and then shaped (which is done in network not in domain).
>> Maybe 'domain interface traffic'?
>>
> Right - I struggled with this one when trying to merge things. Using
> "domain interface traffic" does target a bit better. Of course the
> context is discussing network bandwidth, so I guess I just assumed - hah
> - that the reader would consider the domain traffic as the traffic for
> that interface.
>
> In the end, they both affect the same target interface; however, it
> wasn't quite clear which would take precedence. If the interface had
> one set of values on it, then the domain was defined with a different
> set, then what happens?
That is a non-question, because there is no <bandwidth> subelement of a
<domain>! The <bandwidth> element can appear in 3 places:
1) as a subelement of a domain's <interface>. In this case, the
bandwidth applies to that one interface of that domain.
2) as a subelement of a <portgroup> in a <network>. In this case, if a
domain's <interface> has a "portgroup='xxx'" attribute in its
<source>
element:
<interface type='network'>
<source network='testnet' portgroup='admin'/>
...
*and* if the <interface itself has no <bandwidth> element, then the
<bandwidth> element of the portgroup is applied to that interface.
3) as a subelement of a <network>. In this case, the bandwidth specified
is intended to be to total aggregate bandwidth of all guest interfaces
attached to that network.
So, as you can see, there is no concept of "the bandwidth of a domain".
Semantics - I suppose. The "whole" network vs. the "slice" for the
domain. Trying to understand while flipping between two pages and using
"improper" or "inexact" words. I guess what I meant was the bandwidth
assigned to the interface of a domain vs. the bandwidth assigned to the
whole network. In any case, you've answered my questions below...
The places where there may be a question of precendence:
1) if an <interface> has a <bandwidth> *and* it belongs to a portgroup
that has a <bandwidth>. In this case, we decided that the bandwidth
under the individual <interface> would take precedence, since at the
time anyone who had permission to edit the domain (and its <interface>)
also had permission to edit the network (and its <portgroup>); so
allowing the specific config for one interface to override the general
config for many interfaces was more useful.
2) if a <network> has a bandwidth defined for the aggregate of all
interfaces attached to that network, and one interface has bandwidth
defined that is higher than the aggregate for the entire network. In
this case, the aggregate bandwidth for the network takes precedence, not
because of anything we do, but just because the two choke points are
independent of each other (the <interface> bandwidth control happens on
the interface's tap device, and the <network> bandwidth control happens
on the interface part of the bridge device created for that network).
Did you maybe mean to say
If the interface had one set of values on it, then the *NETWORK*
was defined with a different set, then what happens?
? If so, then I believe (2) above explains in (rather obtusely, of
course, but I hope it's possible to decipher it)
Your (2) is closer to what I was going for... and yes it makes sense.
The whole portgroup discussion (1) adds complexity to things, but it is
described in the formatnetwork page, although it was in a "different"
paragraph which is why I ignored it at first. I've since moved it (see
below)
> Or vice versa - a domain with a set of values
> applied to an interface and then someone edits the network interface. It
> seems it would be the "last" set to be applied that would "win".
What is "interface" vs. "network interface"? I can't tell if
you're
talking about the same thing with two slightly different names, or
incorrectly naming something in the <network> configuration.
Again some semantics, but it's becoming more clear now - thanks. The
reference to "network interface" was the "<network>" object as
opposed
to "an interface" which was the "<domain><interface>"
object (again I
may not be as semantically correct as you expect, but hopefully you see
what I was intending).
But if you're talking about interface bandwidth vs. network aggregate
bandwidth, the way that it works is that both sets of rules are
installed, and the traffic for that guest's interface is shaped twice -
once as it goes in/out of the guest interface's tap device, then the
same traffic is shaped again (in aggregate with all other traffic for
the network) as it goes in/out of the interface that is a part of the
network's bridge device.
A discussion which I think would be good to add to formatnetwork...
> Since this is an active topic for other recent patches, hopefully
we can
> come up with a wording that will stick going forward. I've copied Laine
> on this response just to bring it to his attention and get his take as
> well...
>
Although I understand the desire to eliminate nearly duplicated wording,
I'm a bit concerned about trying to combine two things that are almost
but not entirely the same, due to the potential of the combined
information being wrong in one of both cases, or at least becoming
unnecessarily confusing due to extra "exceptions" that are needed to
explain the differences. In spite of that, I'm fine with it being
combined - if people complain, we can always split it up again.
Understood; however, considering your last paragraph regarding missing
or not thinking about formatdomain is just cause enough to try and put
the discussion in one place. Keeping things in two places usually
results in one being forgotten during editing. I used cscope to find
relevant bandwidth discussions...
I can never really form a good opinion about documentation without
seeing it live on the web page and hearing how others interpret it, and
my burn-out level on documentation has lately led to my opinion either
being "yeah, that's okay", or "no, I don't like that, but I
don't know
how to / don't have time to fix it" :-P
(The recent change to the information for <bandwidth> in the network
documentation was a side effect of me making a small change to
validation of network xml to disallow specifying <bandwidth> on network
types where we can't support setting aggregate bandwidth for the entire
network. While I was doing that, I noticed that the documentation about
<bandwidth> in formatnetwork.html.in was obtuse/incorrect, so I made
some changes to fix those things; I didn't think to look at the
documentation for <bandwidth> in the domain (<interface>) XML docs,
because I hadn't changed anything there.)
Because I know it's easier to read without all the git +/-, here's what
I have now in the QoS section on the formatnetwork (hopefully I've
captured everything correctly):
The <bandwidth> element allows setting quality of service for a
particular network (since 0.9.4). Setting bandwidth for a network is
supported only for networks with a <forward> mode of route, nat, or no
mode at all (i.e. an "isolated" network). Setting bandwidth is not
supported for forward modes of bridge, passthrough, private, or hostdev.
Attempts to do this will lead to a failure to define the network or to
create a transient network.
The <bandwidth> element can only be a subelement of a domain's
<interface>, a subelement of a <network>, or a subelement of a
<portgroup> in a <network>.
As a subelement of a domain's <interface>, the bandwidth only applies to
that one interface of the domain. As a subelement of a <network>, the
bandwidth is a total aggregate bandwidth to/from all guest interfaces
attached to that network, not to each guest interface individually. If a
domain's <interface> has <bandwidth> element values higher than the
aggregate for the entire network, then the aggregate bandwidth for the
<network> takes precedence. This is because the two choke points are
independent of each other where the domain's <interface> bandwidth
control is applied on the interface's tap device, while the <network>
bandwidth control is applied on the interface part of the bridge device
created for that network.
As a subelement of a <portgroup> in a <network>, if a domain's
<interface> has a portgroup attribute in its <source> element and if the
<interface> itself has no <bandwidth> element, then the <bandwidth>
element of the portgroup will be applied individually to each guest
interface defined to be a member of that portgroup. Any <bandwidth>
element in the domain's <interface> definition will override the setting
in the portgroup (since 1.0.1).
Incoming and outgoing traffic can be shaped independently. The bandwidth
element can have at most one inbound and at most one outbound child
element. Leaving either of these children elements out results in no QoS
applied for that traffic direction. So, when you want to shape only
incoming traffic, use inbound only, and vice versa. Each of these
elements have one mandatory attribute - average (or floor as described
below). The attributes are as follows, where accepted values for each
attribute is an integer number.
average
Specifies the desired average bit rate for the interface being
shaped (in kilobytes/second).
peak
Optional attribute which specifies the maximum rate at which the
bridge can send data (in kilobytes/second). Note the limitation of
implementation: this attribute in the outbound element is ignored (as
Linux ingress filters don't know it yet).
burst
Optional attribute which specifies the amount of kilobytes that can
be transmitted in a single burst at peak speed.
floor
Optional attribute available only for the inbound element. This
attribute guarantees minimal throughput for shaped interfaces. This,
however, requires that all traffic goes through one point where QoS
decisions can take place, hence why this attribute works only for
virtual networks for now (that is <interface type='network'/> with a
forward type of route, nat, or no forward at all). Moreover, the virtual
network the interface is connected to is required to have at least
inbound QoS set (average at least). If using the floor attribute users
don't need to specify average. However, peak and burst attributes still
require average. Currently, the Linux kernel doesn't allow ingress
qdiscs to have any classes therefore floor can be applied only on
inbound and not outbound.
Attributes average, peak, and burst are available since 0.9.4, while the
floor attribute is available since 1.0.1.