From mboxrd@z Thu Jan  1 00:00:00 1970
From: Bruce Richardson <bruce.richardson@intel.com>
Subject: Re: How do you setup a VM in Promiscuous Mode using PCI
 Pass-Through (SR-IOV)?
Date: Fri, 15 May 2015 10:27:19 +0100
Message-ID: <20150515092719.GA1520@bricha3-MOBL3>
References: <9478F0FB69DAA249AF0A9BDA1E6ED95218817AB9@US70TWXCHMBA07.zam.alcatel-lucent.com>
 <20150514164719.7b68b0ef@urahara>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: "dev@dpdk.org" <dev@dpdk.org>, "Assaad,
 Sami \(Sami\)" <sami.assaad@alcatel-lucent.com>
To: Stephen Hemminger <stephen@networkplumber.org>
Return-path: <dev-bounces@dpdk.org>
Received: from mga02.intel.com (mga02.intel.com [134.134.136.20])
 by dpdk.org (Postfix) with ESMTP id 8CE68DE3
 for <dev@dpdk.org>; Fri, 15 May 2015 11:27:23 +0200 (CEST)
Content-Disposition: inline
In-Reply-To: <20150514164719.7b68b0ef@urahara>
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

On Thu, May 14, 2015 at 04:47:19PM -0700, Stephen Hemminger wrote:
> On Thu, 14 May 2015 21:38:24 +0000
> "Assaad, Sami (Sami)" <sami.assaad@alcatel-lucent.com> wrote:
> 
> > Hello,
> > 
> > My Hardware consists of the following:
> >   - DL380 Gen 9 Server supporting two Haswell Processors (Xeon CPU E5-2680 v3 @ 2.50GHz)
> >   - An x540 Ethernet Controller Card supporting 2x10G ports.
> > 
> > Software:
> >   - CentOS 7 (3.10.0-229.1.2.el7.x86_64)
> >   - DPDK 1.8
> > 
> > I want all the network traffic received on the two 10G ports to be transmitted to my VM. The issue is that the Virtual Function / Physical Functions have setup the internal virtual switch to only route Ethernet packets with destination MAC address matching the VM virtual interface MAC. How can I configure my virtual environment to provide all network traffic to the VM...i.e. set the virtual functions for both PCI devices in Promiscuous mode?
> > 
> > [ If a l2fwd-vf example exists, this would actually solve this problem ... Is there a DPDK l2fwd-vf example available? ]
> > 
> > 
> > Thanks in advance.
> > 
> > Best Regards,
> > Sami Assaad.
> 
> This is a host side (not DPDK) issue.
> 
> Intel PF driver will not allow guest (VF) to go into promiscious mode
> since it would allow traffic stealing which is a security violation.

Could you maybe try passing the PF directly into the VM, rather than a VF based
off it? Since you seem to want all traffic to go to the one VM, there seems little
point in creating a VF on the device, and should let the VM control the whole
NIC directly.

Regards,
/Bruce