From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1LVSNt-0006r7-TV
	for qemu-devel@nongnu.org; Fri, 06 Feb 2009 10:12:49 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1LVSNr-0006qQ-U5
	for qemu-devel@nongnu.org; Fri, 06 Feb 2009 10:12:49 -0500
Received: from [199.232.76.173] (port=41789 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1LVSNr-0006qL-Pd
	for qemu-devel@nongnu.org; Fri, 06 Feb 2009 10:12:47 -0500
Received: from mx20.gnu.org ([199.232.41.8]:25965)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <paul@codesourcery.com>)
	id 1LVSNr-0007Fs-HM
	for qemu-devel@nongnu.org; Fri, 06 Feb 2009 10:12:47 -0500
Received: from mail.codesourcery.com ([65.74.133.4])
	by mx20.gnu.org with esmtp (Exim 4.60)
	(envelope-from <paul@codesourcery.com>) id 1LVSNp-00086l-PH
	for qemu-devel@nongnu.org; Fri, 06 Feb 2009 10:12:46 -0500
From: Paul Brook <paul@codesourcery.com>
Subject: Re: [Qemu-devel] [PATCH][RFC] qemu:virtio-net: Use TUNSETTXFILTER for
	MAC filtering
Date: Fri, 6 Feb 2009 15:12:41 +0000
References: <20090206044853.3116.46699.stgit@kvm.aw>
In-Reply-To: <20090206044853.3116.46699.stgit@kvm.aw>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="utf-8"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200902061512.42261.paul@codesourcery.com>
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: kvm@vger.kernel.org, Alex Williamson <alex.williamson@hp.com>

On Friday 06 February 2009, Alex Williamson wrote:
> Now that virtio-net knows what packets the guest wants to see, we
> can start moving the filtering down the stack.  This patch adds
> an interface to set the software filter in the tap device.  It's
> fairly limited, but we can back it up with our own filtering if it
> overflows.

I think you've got the abstraction wrong here. Devices certainly shouldn't 
care what else is connected to the vlan.

Remember that a qemu vlan is an arbitrary set of network devices. You need to 
be able to support multiple devices all with their own filters.

There should be two interface points between the the vlan and the device:
1) The device can indicate that it only cares about incoming (vlan to device) 
packets sent to a subset of MAC addresses.
2) The vlan can request that a device discards outgoing (device to vlan) 
packets that don't match a subset of MAC addresses.

Typically a emulated NIC will implement (1) and a host interface will 
implement (2).

The generic vlan code should be responsible for using the information provided 
by (1) to set (2) appropriately. Remember that network devices can be 
hotplugged.


On a related note, you need to add comments making it clear that this is a 
performance optimisation, and must not be relied on. A device may still 
receive packets that should have been filtered out. If a device needs 
reliable filtering (most "real" hardware does), then this still needs to be 
implemented per-device.

Paul