From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1My6Wu-0001UA-7E for qemu-devel@nongnu.org; Wed, 14 Oct 2009 12:16:48 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1My6Wo-0001QF-PM for qemu-devel@nongnu.org; Wed, 14 Oct 2009 12:16:47 -0400 Received: from [199.232.76.173] (port=42765 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1My6Wo-0001Q8-JS for qemu-devel@nongnu.org; Wed, 14 Oct 2009 12:16:42 -0400 Received: from mx1.redhat.com ([209.132.183.28]:62844) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1My6Wo-0003eX-7T for qemu-devel@nongnu.org; Wed, 14 Oct 2009 12:16:42 -0400 Date: Wed, 14 Oct 2009 18:14:24 +0200 From: "Michael S. Tsirkin" Subject: Re: [Qemu-devel] Re: [PATCH-updated] qemu/net: add raw backend Message-ID: <20091014161424.GA30308@redhat.com> References: <20091014143415.GA29937@redhat.com> <4AD5E449.9070301@codemonkey.ws> <20091014151406.GA17062@shareable.org> <4AD5F51E.7040907@codemonkey.ws> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4AD5F51E.7040907@codemonkey.ws> List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Anthony Liguori Cc: Or Gerlitz , Arnd Bergmann , qemu-devel@nongnu.org On Wed, Oct 14, 2009 at 10:58:22AM -0500, Anthony Liguori wrote: > Jamie Lokier wrote: >> Anthony Liguori wrote: >> >>> Or Gerlitz wrote: >>> >>>> Add raw network backend option which uses a packet socket to provide >>>> raw networking access. Once the socket is opened it's bound to a >>>> provided host interface, such that packets received on the interface >>>> are delivered to the VM and packets sent by the VM are sent to the >>>> interface. >>>> >>>> This is functionally similar to the existing pcap network >>>> backend, with the same advantages and problems. >>>> Differences from pcap: >>>> - can get an open socket from the monitor, >>>> which allows running without NET_ADMIN priviledges >>>> - support iovec sends with writev, saving one data copy >>>> - one less dependency on an external library >>>> - we have access to the underlying file descriptor >>>> which makes it possible to connect to vhost net >>>> - don't support polling all interfaces, always bind to a specific one >>>> >>> Networking is probably the area in qemu that users most frequently >>> stumble with. The most common problems are: >>> >>> 1) slirp does not behave how they think it should (icmp doesn't work, >>> guest isn't accessable from host) >>> 2) it's difficult to figure out which backend behaves the way they >>> want (socket vs. vde vs. tap) >>> 3) when they figure out they need tap, tap is difficult to setup >> >> Worse, tap is impossible to setup properly with things like >> network-manager. >> > > This is being fixed. I keep hearing this. But why wait? Some users can be helped by raw today. Those that can't will have to wait for a better bridge or spend time setting it up properly. > >> I suspect user expectations are quite commonly: >> >> - guest<->host networking works >> - guest<->host's network works, directly or through host NAT >> - guest IP address is either private (inside the host) >> or on the same network as the host, according to some switch. >> >> Imho, there is only one right place to fix this, and it's by adding a >> feature to the host. Either modifying host packet socket, or >> modifying the tap+bridge combination. >> >> Neither tap nor pcap/raw works particularly well except in static IP >> configurations, and qemu cannot realistically work around the >> host configuration difficulties. >> > > The fact that network manager does work well with bridged interfaces is > a network manager bug. Network manager was just one example. > It's getting fixed so in the near future, tap > will satisfy all of these requirements. >> It'd be great if vhost_net doesn't have the configuration problems of >> tap or pcap/raw. If it does have the same problems, it's a natural >> place to fix them. I haven't looked at vhost_net yet. >> >> -- Jamie >> > > Regards, > > Anthony Liguori