Open Stack

(I originally asked this question a couple of days ago on the main
OpenStack mailing list).

I'm trying to wrap my head around how Quantum works. If understanding
things correctly, when using the openvswitch plugin, a packet traveling
from a guest out to the physical switch has to cross two software bridges
(not counting the additional Linux bridge if security groups are required):

1. br-int
2. br-ethN or br-tun (depending on whether using VLANs or GRE tunnels)

So, I think I understand the motivation behind this design: the integration
bridge handles the rules associated with the virtual networks defined by
OpenStack users, and the (br-ethN | br-tun) bridge handles the rules
associated with moving the packets across the physical network.

My question is:  Does having two software bridges in the path incur a
larger network performance penalty than if there was only a single software
bridge between the VIF and the physical network interface? For example, I
would guess that there would be additional latency involved in hopping
across two bridges instead of one.

If there is a performance panelty, was Quantum implemented to use multiple
openvswitch bridges because it's simply not possible to achieve the desired
functionality using a single bridge, or was it because using the multiple
bridge approach simplifies the Quantum implementation through separation of
concerns, or was there some other reason?

Lorin
-- 
Lorin Hochstein
Lead Architect - Cloud Services
Nimbis Services, Inc.
www.nimbisservices.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130508/f6a5fef9/attachment.html>