Concerns have been raised about the performance of PC-based virtual routers as they do packet processing in software. Furthermore, it becomes challenging to maintain isolation among virtual routers due to resource contention in a shared environment. Hardware vendors recognize this issue and PC hardware with virtualization support (SR-IOV and Intel-VTd) has been introduced in recent years. In this paper, we investigate how such hardware features can be integrated with two different virtualization technologies (LXC and KVM) to enhance performance and isolation of virtual routers on shared environments. We compare LXC and KVM and our results indicate that KVM in combination with hardware support can provide better trade-offs between performance and isolation. We notice that KVM has slightly lower throughput, but has superior isolation properties by providing more explicit control of CPU resources. We demonstrate that KVM allows defining a CPU share for a virtual router, something that is difficult to achieve in LXC, where packet forwarding is done in a kernel shared by all virtual routers.
| Published in | American Journal of Networks and Communications (Volume 2, Issue 4) |
| DOI | 10.11648/j.ajnc.20130204.11 |
| Page(s) | 88-96 |
| Creative Commons |
This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited. |
| Copyright |
Copyright © The Author(s), 2013. Published by Science Publishing Group |
Network Virtualization, Virtual Router (VR), SR-IOV, Virtual Function (VF), SoftIRQ, NAPI
| [1] | J. Whiteaker, F. Schneider, R. Teixeira, "Explaining packet delays under virtualization," ACM SIGCOMM Computer Communication Review, Vol. 41 Number 1, January 2011. |
| [2] | S. Rathore, M. Hidell, P. Sjödin, "Performance Evaluation of Open Virtual Routers," IEEE GlobeCom workshop on future Internet, Miami USA, December 2010. |
| [3] | S. Rathore, M. Hidell, P. Sjödin, "Data Plane Optimization in OpenVirtual Routers," IFIP Networking, Valencia Spain, May 2011. |
| [4] | G. Somani, S. Chaudhary, "Application performance isolation in virtualization," IEEE International Conference on Cloud Computing, Bangalore India, September 2009. |
| [5] | PCI-SIG: PCI-SIG Single Root I/O Virtualization Specifications, http://www.pcisig.com/specifications/iov/single_root/ |
| [6] | A.Kivity, Y.Kamay, D.Laor, "KVM: Linux virtual machine monitor," Proceedings of Linux Symposium, Ottawa Canada, June 2007. |
| [7] | Linux Namespaces, http://lxc.sourceforge.net/index.php/about/kernel-namespaces/ |
| [8] | Linux process scheduler, https://www.kernel.org/doc/Documentation/scheduler/sched-design-CFS.txt |
| [9] | N. Egi, A. Greenhalgh, M. Handley, M. Hoerdt, L. Mathy, and T. Schooley, "Evaluating Xen for virtual routers," IEEE ICCCN workshop on Performance Modeling and Evaluation in Computer and Telecommunication Networks (PMECT07), Honolulu USA, August 2007. |
| [10] | F. Anhalt, P. Primet, "Analysis and experimental evaluation of data plane virtualization with Xen," IEEE International Conference on Networking and Services (ICNS), Valencia Spain, April 2009. |
| [11] | Greenhalgh, M. Handley, L. Mathy, N. Egi, M. Hoerdt, and F. Huici, "Fairness issues in software virtual routers," ACM SIGCOMM PRESTO Workshop, Seattle USA, August 2008. |
| [12] | S. Bhatia et al. "Hosting virtual networks on commodity hardware," Georgia Tech. University, Tech. Report, GT-CS-07-10, January 2008. |
| [13] | J. Liu, "Evaluating Standard-Based Self-Virtualizing Devices: A Performance Study on 10 GbE NICs with SR-IOV support," IEEE International Symposium on parallel and distributed processing, Atlanta USA, 2010. |
| [14] | Y. Dong, X. Yang, X. Li, J. Li, K. Tian, H. Guan, "High Performance Network Virtualization with SR-IOV," IEEE International Symposium on High Performance Computer Architecture, Banglore India, 2010. |
| [15] | S. Rathore, M. Hidell, P. Sjödin, "PC-based Router Virtualization with Hardware Support," IEEE International Conference on Advanced Information Networking and Applications (AINA), Fukuoka Japan, March 2012. |
| [16] | J.H.Salim, R.Olsson, A.Kuznetsov, "Beyond softnet," Proceedings of the 5th Annual Linux Showcase & Conference (ALS 2001), Oakland USA, 2001. |
| [17] | Ben Pfaff, Justin Petit, Teemu Koponen, Keith Amidon, Martin Casado, Scott Shenker, "Extending Networking into the virtualization layer," ACM SIGCOMM HotNets Workshop, New York USA, September 2009. |
| [18] | The Openvswitch Project, http://openvswitch.org/ |
| [19] | Intel Virtualization Technology, http://www.intel.com/technology/itj/2006/v10i3/2-io/7-conclusion.htm |
| [20] | R. Olsson, "pktgen the Linux packet Generator," Proceedings of the Linux Symposium, Vol.2 pp. 11-24, Ottawa Canada, July 2005. |
| [21] | D. Turull, "Open source traffic analyzer," Master’s thesis, KTH Information and Communication Technology, 2010. http://tslab.ssvl.kth.se/pktgen/docs/DanielTurull-thesis.pdf |
APA Style
Muhammad Siraj Rathore, Markus Hidel, Peter Sjödin. (2013). KVM vs. LXC: Comparing Performance and Isolation of Hardware-assisted Virtual Routers. American Journal of Networks and Communications, 2(4), 88-96. https://doi.org/10.11648/j.ajnc.20130204.11
ACS Style
Muhammad Siraj Rathore; Markus Hidel; Peter Sjödin. KVM vs. LXC: Comparing Performance and Isolation of Hardware-assisted Virtual Routers. Am. J. Netw. Commun. 2013, 2(4), 88-96. doi: 10.11648/j.ajnc.20130204.11
AMA Style
Muhammad Siraj Rathore, Markus Hidel, Peter Sjödin. KVM vs. LXC: Comparing Performance and Isolation of Hardware-assisted Virtual Routers. Am J Netw Commun. 2013;2(4):88-96. doi: 10.11648/j.ajnc.20130204.11
Share This Article
Twitter
Linked In
Facebook
Copy
Download@article{10.11648/j.ajnc.20130204.11,
author = {Muhammad Siraj Rathore and Markus Hidel and Peter Sjödin},
title = {KVM vs. LXC: Comparing Performance and Isolation of Hardware-assisted Virtual Routers},
journal = {American Journal of Networks and Communications},
volume = {2},
number = {4},
pages = {88-96},
doi = {10.11648/j.ajnc.20130204.11},
url = {https://doi.org/10.11648/j.ajnc.20130204.11},
eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.ajnc.20130204.11},
abstract = {Concerns have been raised about the performance of PC-based virtual routers as they do packet processing in software. Furthermore, it becomes challenging to maintain isolation among virtual routers due to resource contention in a shared environment. Hardware vendors recognize this issue and PC hardware with virtualization support (SR-IOV and Intel-VTd) has been introduced in recent years. In this paper, we investigate how such hardware features can be integrated with two different virtualization technologies (LXC and KVM) to enhance performance and isolation of virtual routers on shared environments. We compare LXC and KVM and our results indicate that KVM in combination with hardware support can provide better trade-offs between performance and isolation. We notice that KVM has slightly lower throughput, but has superior isolation properties by providing more explicit control of CPU resources. We demonstrate that KVM allows defining a CPU share for a virtual router, something that is difficult to achieve in LXC, where packet forwarding is done in a kernel shared by all virtual routers.},
year = {2013}
}
TY - JOUR T1 - KVM vs. LXC: Comparing Performance and Isolation of Hardware-assisted Virtual Routers AU - Muhammad Siraj Rathore AU - Markus Hidel AU - Peter Sjödin Y1 - 2013/08/20 PY - 2013 N1 - https://doi.org/10.11648/j.ajnc.20130204.11 DO - 10.11648/j.ajnc.20130204.11 T2 - American Journal of Networks and Communications JF - American Journal of Networks and Communications JO - American Journal of Networks and Communications SP - 88 EP - 96 PB - Science Publishing Group SN - 2326-8964 UR - https://doi.org/10.11648/j.ajnc.20130204.11 AB - Concerns have been raised about the performance of PC-based virtual routers as they do packet processing in software. Furthermore, it becomes challenging to maintain isolation among virtual routers due to resource contention in a shared environment. Hardware vendors recognize this issue and PC hardware with virtualization support (SR-IOV and Intel-VTd) has been introduced in recent years. In this paper, we investigate how such hardware features can be integrated with two different virtualization technologies (LXC and KVM) to enhance performance and isolation of virtual routers on shared environments. We compare LXC and KVM and our results indicate that KVM in combination with hardware support can provide better trade-offs between performance and isolation. We notice that KVM has slightly lower throughput, but has superior isolation properties by providing more explicit control of CPU resources. We demonstrate that KVM allows defining a CPU share for a virtual router, something that is difficult to achieve in LXC, where packet forwarding is done in a kernel shared by all virtual routers. VL - 2 IS - 4 ER -
Email: