Container or VM

[yarii]

I would like to make a router for a 10G+ bandwidth (BGP+QoS+Firewall).
Of course I will passthrough the network cards inside to the VM/Container.

What is better for that purpose: Container or Virtual machine?

 

[tom]

VM, and I would try virtual VirtIO nics.

 

[yarii]

@tom I plan not to use virtio nics because of performance (I need multiqueue and offload from my hw nic).
So there is not a good idea to do that - i will use VirtIO nic for management nics.

 

[tom]

So there is not a good idea to do that

Did you run benchmarks (VIrtIO vs passtshrough? Please post results, including physical hardware details.

 

[yarii]

I will do tests between LXC and KVM with passthrough.

I could do also (virtio vs passthrough) but You show me the way to simply simulate 100.000 connections with different src/dst ips....

 

[tom]

Running benchmarks is complex, but if you tell that VirtIO is slow in your use case, I just wanted to know if you really tested this or if this is just an assumption from your side.

Which OS do you run?

 

[yarii]

Networking stack is complex - adding additional layer for this would block the oportuninty of tuning in many ways.
So I think I probbably use IOMMU instead of SRV-IO and not to use virtio as a bridge to network nic.

OS: Proxmox 7.1 --> Debian 11