On Fri, 7 Aug 2009 12:10:07 -0700 "Paul Congdon \(UC Davis\)" <[email protected]> wrote:
> Responding to Daniel's questions... > > > I have some general questions about the intended use and benefits of > > VEPA, from an IT perspective: > > > > In which virtual machine setups and technologies do you forsee this > > interface being used? > > The benefit of VEPA is the coordination and unification with the external > network switch. So, in environments where you are needing/wanting your > feature rich, wire speed, external network device > (firewall/switch/IPS/content-filter) to provide consistent policy > enforcement, and you want your VMs traffic to be subject to that enforcement, > you will want their traffic directed externally. Perhaps you have some VMs > that are on a DMZ or clustering an application or implementing a multi-tier > application where you would normally place a firewall in-between the tiers. I do have to raise the point that Linux is perfectly capable of keeping up without the need of an external switch. Whether you want policy external or internal is a architecture decision that should not be driven by mis-information about performance. _______________________________________________ Bridge mailing list [email protected] https://lists.linux-foundation.org/mailman/listinfo/bridge
