In systems that include a plurality of virtual machine environments, trusted host software, such as a hypervisor or virtual machine manager, is needed to manage network resources. In particular, these virtual machines are required to share network bandwidth. In order to enforce bandwidth sharing amongst the virtual machines, a trusted host may implement rate limiting.
Rate limiting is a technique used to limit traffic sent and received by the virtual machines. In particular, there are two types of rate-limiting: hardware rate limiting and software rate limiting.
Hardware rate limiting is performed by a network interface controller (NIC). In this regard, a limited number of hardware transmission queues are supported by the NIC. In transmitting a packet, the operating system will transmit a packet to the NIC, thereby notifying it of the packet and the appropriate transmission buffer to use. The NIC will subsequently decide the order in which the received packets are transmitted. However, the limited number of hardware transmission queues do not scale well and require a large amount of memory, which increases the cost associated with hardware rate limiting.
Software rate limiting is typically performed by a hypervisor. In this regard, a plurality of software transmission queues are provided in the hypervisor. The hypervisor receives packets from the virtual machines and transmits them to the NIC in batches based on rate limiting classification. In this regard, the packet flow and other rate limiting policies are enforced by the hypervisor. This results in high overhead with the trusted host's processor. Additionally, the hypervisor does not have control of the packets once they are transmitted to the NIC, so packets may be transmitted out-of-order or at unpredictable times.