On Thu, Aug 14, 2014 at 03:14:05PM -0300, Flavio Leitner wrote: > Speaking on how ports works and limits, I've heard about an interesting > problem when using containers. If you add more than 1k containers to > an OVS bridge, the network starts to fail. The reason is that when > flooding packets with ARP requests, OVS clones the packet for each > port. However, for veth devices this ends up in the CPU backlog which > is limited by sysctl netdev_max_backlog to 1000, so the excess gets dropped. > > I don't see how to prevent that in OVS because the DP just loops executing > the actions, sending the packet regardless of the device's type, etc.
Another approach to communicating with namespaces, as an alternative to a veth, is to add an internal port to the OVS bridge, then move it into the appropriate namespace. I don't know whether this sidesteps a queuing limit (haven't looked, haven't tried it). _______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
