From: "Michael S. Tsirkin" <mst@redhat.com>
To: Sridhar Samudrala <sri@us.ibm.com>
Cc: kaber@trash.net, Arnd Bergmann <arnd@arndb.de>,
netdev <netdev@vger.kernel.org>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>
Subject: Re: [RFC PATCH] macvlan: Introduce a PASSTHRU mode to takeover the underlying device
Date: Tue, 2 Nov 2010 20:42:57 +0200 [thread overview]
Message-ID: <20101102184257.GB2341@redhat.com> (raw)
In-Reply-To: <4CD05621.6000706@us.ibm.com>
On Tue, Nov 02, 2010 at 11:19:13AM -0700, Sridhar Samudrala wrote:
> On Mon, 2010-11-01 at 10:28 +0200, Michael S. Tsirkin wrote:
>
> On Tue, Oct 26, 2010 at 03:19:38PM -0700, Sridhar Samudrala wrote:
> > With the current default macvtap mode, a KVM guest using virtio with
> > macvtap backend has the following limitations.
> > - cannot change/add a mac address on the guest virtio-net
> > - cannot create a vlan device on the guest virtio-net
> > - cannot enable promiscuous mode on guest virtio-net
> >
> > This patch introduces a new mode called 'passthru' when creating a
> > macvlan device which allows takeover of the underlying device and
> > passing it to a guest using virtio with macvtap backend.
> >
> > Only one macvlan device is allowed in passthru mode and it inherits
> > the mac address from the underlying device and sets it in promiscuous
> > mode to receive and forward all the packets.
> >
> > Thanks
> > Sridhar
>
> One concern with promisc mode is that for the common case,
> which is a single mac and no vlans, we will be getting
> extra packets that will get dropped in userspace/guest
> as compared to the case where same mac is programmed
> in hardware and by guest.
>
> In the tap/bridge model also, the external i/f is put in promiscuous mode and
> the
> bridge does the filtering of extra packets.
Yes but
1. that is much cheaper than passing them all the way up to the guest.
2. it's pretty painful for management to have to decide between
features and speed. Better give them both :)
> We could let userspace supply a list of mac/vlan addresses through
> an ioctl on macvtap, and then
> 1. for a single mac, program it in hardware
> 2. for other configurations, set promisc mode
>
> tun already has TUNSETTXFILTER which might come in handy here.
> We don't pass in vlans with the filter now but maybe we should.
> How does this sound?
>
> I guess this can be done. But i am not sure if we can extend the existing
> TUNSETTXFILTER
> to support vlans too. we may need a new ioctl.
>
> Thanks
> Sridhar
OK. Maybe add it to tap too.
--
MST
prev parent reply other threads:[~2010-11-02 18:42 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-26 22:19 [RFC PATCH] macvlan: Introduce a PASSTHRU mode to takeover the underlying device Sridhar Samudrala
2010-10-27 14:05 ` Arnd Bergmann
2010-11-01 8:28 ` Michael S. Tsirkin
[not found] ` <4CD05621.6000706@us.ibm.com>
2010-11-02 18:42 ` Michael S. Tsirkin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101102184257.GB2341@redhat.com \
--to=mst@redhat.com \
--cc=arnd@arndb.de \
--cc=kaber@trash.net \
--cc=kvm@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=sri@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).