From: "Michael S. Tsirkin" <mst@redhat.com>
To: Anthony Liguori <anthony@codemonkey.ws>
Cc: amit.shah@redhat.com, quintela@redhat.com, qemu-devel@nongnu.org,
kraxel@redhat.com
Subject: [Qemu-devel] Re: [PATCHv2 10/12] tap: add vhost/vhostfd options
Date: Sat, 27 Feb 2010 21:44:18 +0200 [thread overview]
Message-ID: <20100227194418.GB26389@redhat.com> (raw)
In-Reply-To: <4B87E755.9000707@codemonkey.ws>
On Fri, Feb 26, 2010 at 09:23:01AM -0600, Anthony Liguori wrote:
> On 02/26/2010 08:51 AM, Michael S. Tsirkin wrote:
>> On Thu, Feb 25, 2010 at 01:47:27PM -0600, Anthony Liguori wrote:
>>
>>> On 02/25/2010 12:28 PM, Michael S. Tsirkin wrote:
>>>
>>>> This adds vhost binary option to tap, to enable vhost net accelerator.
>>>> Default is off for now, we'll be able to make default on long term
>>>> when we know it's stable.
>>>>
>>>> vhostfd option can be used by management, to pass in the fd. Assigning
>>>> vhostfd implies vhost=on.
>>>>
>>>> Signed-off-by: Michael S. Tsirkin<mst@redhat.com>
>>>>
>>>>
>>> Since the thinking these days is that macvtap and tap is pretty much all
>>> we'll ever need for vhost-net, perhaps we should revisit -net vhost vs.
>>> -net tap,vhost=X?
>>>
>>> I think -net vhost,fd=X makes a lot more sense than -net
>>> tap,vhost=on,vhostfd=X.
>>>
>>> Regards,
>>>
>>> Anthony Liguori
>>>
>> We'll have to duplicate all tap options.
>> I think long term we will just make vhost=on the default.
>>
>
> I don't think we can. vhost only works when using KVM
Yes, default to on with KVM.
> and it doesn't
> support all of the features of userspace virtio. Since it's in upstream
> Linux without supporting all of the virtio-net features, it's something
> we're going to have to deal with for a long time.
Speaking of vlan filtering etc? It's just a matter of time before it
supports all interesting features. Kernel support is there in net-next
already, userspace should be easy too. I should be able to code it up
once I finish bothering about upstream merge (hint hint :)).
> Furthermore, vhost reduces a virtual machine's security. It offers an
> impressive performance boost (particularly when dealing with 10gbit+
> networking) but for a user that doesn't have such strong networking
> performance requirements, I think it's reasonable for them to not want
> to make a security trade off.
It's hard for me to see how it reduces VM security. If it does, it's
not by design and will be fixed.
> One reason I like -net vhost is that it's a much less obscure syntax and
> it's the sort of thing that is easy to tell users that they should use.
> I understand you're argument for -net tap if you assume vhost=on will
> become the default because that means that users never really have to be
> aware of vhost once it becomes the default. But as I said above, I
> don't think it's reasonable to make it on by default with -net tap.
Not yet, but we'll get there.
>> Users do not really care about vhost, it just makes tap
>> go fater. So promoting it to 1st class options is wrong IMO.
>>
>
> User's should care about vhost because it impacts the features supported
> by the virtual machine and it has security ramifications. It's a great
> feature and I think the most users will want to use it, but I do think
> it's something that users ought to be aware of.
>
> Regards,
>
> Anthony Liguori
next prev parent reply other threads:[~2010-02-27 19:47 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-25 18:27 [Qemu-devel] [PATCHv2 00/12] vhost-net: upstream integration Michael S. Tsirkin
2010-02-25 18:27 ` [Qemu-devel] [PATCHv2 05/12] virtio: add APIs for queue fields Michael S. Tsirkin
2010-02-25 18:49 ` Blue Swirl
2010-02-26 14:53 ` Michael S. Tsirkin
2010-02-25 19:25 ` [Qemu-devel] " Anthony Liguori
2010-02-26 8:46 ` Gleb Natapov
2010-02-25 18:28 ` [Qemu-devel] [PATCHv2 09/12] vhost: vhost net support Michael S. Tsirkin
2010-02-25 19:04 ` [Qemu-devel] " Juan Quintela
2010-02-26 14:32 ` Michael S. Tsirkin
2010-02-26 14:38 ` Anthony Liguori
2010-02-26 14:54 ` Michael S. Tsirkin
2010-02-25 19:44 ` Anthony Liguori
2010-02-26 14:49 ` Michael S. Tsirkin
2010-02-26 15:18 ` Anthony Liguori
2010-02-27 19:38 ` Michael S. Tsirkin
2010-02-28 1:59 ` Paul Brook
2010-02-28 10:15 ` Michael S. Tsirkin
2010-02-28 12:45 ` Paul Brook
2010-02-28 14:44 ` Michael S. Tsirkin
2010-02-28 15:23 ` Paul Brook
2010-02-28 15:37 ` Michael S. Tsirkin
2010-02-28 16:02 ` Anthony Liguori
2010-02-25 18:28 ` [Qemu-devel] [PATCHv2 02/12] kvm: add API to set ioeventfd Michael S. Tsirkin
2010-02-25 19:19 ` [Qemu-devel] " Anthony Liguori
2010-03-02 17:41 ` Michael S. Tsirkin
2010-02-25 18:28 ` [Qemu-devel] [PATCHv2 04/12] virtio: add notifier support Michael S. Tsirkin
2010-02-25 18:28 ` [Qemu-devel] [PATCHv2 01/12] tap: add interface to get device fd Michael S. Tsirkin
2010-02-25 18:28 ` [Qemu-devel] [PATCHv2 07/12] virtio: move typedef to qemu-common Michael S. Tsirkin
2010-02-25 18:28 ` [Qemu-devel] [PATCHv2 10/12] tap: add vhost/vhostfd options Michael S. Tsirkin
2010-02-25 19:47 ` [Qemu-devel] " Anthony Liguori
2010-02-26 14:51 ` Michael S. Tsirkin
2010-02-26 15:23 ` Anthony Liguori
2010-02-27 19:44 ` Michael S. Tsirkin [this message]
2010-02-28 16:08 ` Anthony Liguori
2010-02-28 17:19 ` Michael S. Tsirkin
2010-02-28 20:57 ` Anthony Liguori
2010-02-28 21:01 ` Michael S. Tsirkin
2010-02-28 22:38 ` Anthony Liguori
2010-02-28 22:39 ` Paul Brook
2010-03-01 19:27 ` Michael S. Tsirkin
2010-03-01 21:54 ` Anthony Liguori
2010-03-02 9:57 ` Michael S. Tsirkin
2010-03-02 14:07 ` Anthony Liguori
2010-03-02 14:33 ` Paul Brook
2010-03-02 14:39 ` Anthony Liguori
2010-03-02 14:55 ` Paul Brook
2010-03-02 15:33 ` Anthony Liguori
2010-03-02 15:53 ` Paul Brook
2010-03-02 15:56 ` Michael S. Tsirkin
2010-03-02 16:12 ` Anthony Liguori
2010-03-02 16:21 ` Marcelo Tosatti
2010-03-02 16:12 ` Marcelo Tosatti
2010-03-02 16:56 ` Anthony Liguori
2010-03-02 17:00 ` Michael S. Tsirkin
2010-03-02 18:00 ` Marcelo Tosatti
2010-03-02 18:13 ` Anthony Liguori
2010-03-02 22:41 ` Paul Brook
2010-03-03 14:15 ` Anthony Liguori
2010-03-03 14:43 ` Paul Brook
2010-03-03 16:24 ` Marcelo Tosatti
2010-02-25 18:28 ` [Qemu-devel] [PATCHv2 11/12] tap: add API to retrieve vhost net header Michael S. Tsirkin
2010-02-25 18:28 ` [Qemu-devel] [PATCHv2 06/12] virtio: add set_status callback Michael S. Tsirkin
2010-02-25 18:28 ` [Qemu-devel] [PATCHv2 08/12] virtio-pci: fill in notifier support Michael S. Tsirkin
2010-02-25 19:30 ` [Qemu-devel] " Anthony Liguori
2010-02-28 20:02 ` Michael S. Tsirkin
2010-02-25 18:28 ` [Qemu-devel] [PATCHv2 03/12] notifier: event notifier implementation Michael S. Tsirkin
2010-02-25 19:22 ` [Qemu-devel] " Anthony Liguori
2010-02-28 19:59 ` Michael S. Tsirkin
2010-02-25 18:28 ` [Qemu-devel] [PATCHv2 12/12] virtio-net: vhost net support Michael S. Tsirkin
2010-02-25 19:49 ` [Qemu-devel] Re: [PATCHv2 00/12] vhost-net: upstream integration Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100227194418.GB26389@redhat.com \
--to=mst@redhat.com \
--cc=amit.shah@redhat.com \
--cc=anthony@codemonkey.ws \
--cc=kraxel@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.