1b- virtio, SR-IOV or sriov interfaces

SRIOV bypasses vrouter for passthrough networking

Single-root input/output virtualization

SR-IOV or sriov  interfaces have both physical functions (PFs) and multiple virtual functions (VFs).

https://www.juniper.net/documentation/en_US/vsrx/information-products/topic-collections/release-notes/15.1x49/topic-98089.html#jd0e499

Intel SR-IOV Explanation: 


The main idea is to bypass the work ( interruption) and moves of packet received in the NIC >>>>  the SR-IOV capable NIC will move ( CPU)  the packet to a vMemory of the VNF: no involvement of the sw/interuption


https://www.juniper.net/documentation/en_US/contrail4.0/topics/concept/sriov-with-vrouter-vnc.html


virtio: Para-Virtualization

 https://wiki.libvirt.org/page/Virtio

virtio like vmxnet3 and xenvirt are part of the DPDK stack

  • So-called "full virtualization" is a nice feature because it allows you to run any operating system virtualized.

  • However, it's slow because the hypervisor has to emulate actual physical devices such as RTL8139 network cards .



  • Paravirtualization is virtualization in which the guest operating system (the one being virtualized) is aware that it is a guest and accordingly has drivers that, instead of issuing hardware commands, simply issue commands directly to the host operating system. This also includes memory and thread management as well, which usually require unavailable privileged instructions in the processor.

  • Full Virtualization is virtualization in which the guest operating system is unaware that it is in a virtualized environment, and therefore hardware is virtualized by the host operating system so that the guest can issue commands to what it thinks is actual hardware, but really are just simulated hardware devices created by the host.

  • Hardware Assisted Virtualization is a type of Full Virtualization where the microprocessor architecture has special instructions to aid the virtualization of hardware. These instructions might allow a virtual context to be setup so that the guest can execute privileged instructions directly on the processor without affecting the host. Such a feature set is often called a Hypervisor. If said instructions do not exist, Full Virtualization is still possible, however it must be done via software techniques such as Dynamic Recompilation where the host recompiles on the fly privileged instructions in the guest to be able to run in a non-privileged way on the host.

VT-X technology is part of the HW assisted Virtualization

Paravirtualization:  XenServer, VMware

KVM:  can do both??