to jail or not to jail
Matthew Seaman
matthew at FreeBSD.org
Mon Jun 3 08:33:27 UTC 2019
On 02/06/2019 12:41, Dave Cottlehuber wrote:
>> think about using vimage jails on 12.0, as that makes the jails seem a
>> lot more like just regular VMs, and gives you the ability to effectively
>> create a private virtual switch inside your server, rather than having
>> services appear on external interfaces. Beware though that there are
>> currently some quite severe bandwidth limitations on this sort of
>> internally virtualized networking under FreeBSD, so this is not suitable
>> for a high-traffic system.
> Matthew, anything you can point me to about this limitation?
Kristof Provost talked about it during his presentation at BSDCAN -- the
video of that is not turning up in my searches, but here's probably a
very similar talk from linux.conf.au:
https://www.youtube.com/watch?v=2neDPNIcrBk
In short the problem is that there's a single thread for handling all
the internal traffic. (Possibly a single lock as well?)
Cheers,
Matthew
More information about the freebsd-questions
mailing list