Jail to jail network performance?
Uwe Doering
gemini at geminix.org
Tue Sep 13 23:59:18 PDT 2005
Brandon Fosdick wrote:
> I have a 5.4-S box running apache2 that's serving data from mysql running on the same box. I'm thinking about putting both in seperate jails, partly for security and partly for practice. Would this impact network performance between the two? Currently the mysql connection is using localhost which I understand to be faster than a network socket. Does jail-to-jail traffic use the same mechanism? or something else?
In MySQL 'localhost' is a hard-wired shortcut that uses domain sockets
instead of TCP sockets. Since domain sockets live in the namespace of a
filesystem this requires that both server and client have access to the
same filesystem.
Now, for security reasons jails normally are confined in separate
filesystems, or at least in separate parts of a common one. So in case
of MySQL you would have to use TCP sockets to communicate between jails.
This socket type typically consumes more CPU because of TCP's protocol
overhead. However, whether you would actually notice any difference in
speed basically depends on how much excess CPU power there is available
on that server.
Uwe
--
Uwe Doering | EscapeBox - Managed On-Demand UNIX Servers
gemini at geminix.org | http://www.escapebox.net
More information about the freebsd-stable
mailing list