From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:42103) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UczlM-0004SD-Su for qemu-devel@nongnu.org; Thu, 16 May 2013 11:06:39 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1UczlJ-00028X-OW for qemu-devel@nongnu.org; Thu, 16 May 2013 11:06:36 -0400 Received: from mx1.redhat.com ([209.132.183.28]:30935) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UczlJ-00028O-Fi for qemu-devel@nongnu.org; Thu, 16 May 2013 11:06:33 -0400 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r4GF6WPm000457 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 16 May 2013 11:06:33 -0400 Date: Thu, 16 May 2013 18:06:48 +0300 From: "Michael S. Tsirkin" Message-ID: <20130516150648.GA2607@redhat.com> References: <1368702445-30733-1-git-send-email-akong@redhat.com> <1368702445-30733-2-git-send-email-akong@redhat.com> <20130516121745.GE31841@redhat.com> <5194F41E.3020501@redhat.com> <20130516150326.GB2485@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20130516150326.GB2485@redhat.com> Subject: Re: [Qemu-devel] [PATCH v2 1/2] net: introduce MAC_TABLE_CHANGED event List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Eric Blake Cc: Amos Kong , qemu-devel@nongnu.org, stefanha@redhat.com, lcapitulino@redhat.com On Thu, May 16, 2013 at 06:03:26PM +0300, Michael S. Tsirkin wrote: > On Thu, May 16, 2013 at 08:58:38AM -0600, Eric Blake wrote: > > On 05/16/2013 06:17 AM, Michael S. Tsirkin wrote: > > > On Thu, May 16, 2013 at 07:07:24PM +0800, Amos Kong wrote: > > >> Introduce this new QMP event to notify management after guest changes > > >> mac-table configuration. > > >> > > > > > > This makes it easy for guest to flood management with > > > spurious events. > > > How about we set a flag after this, and avoid sending any more > > > events until management queries the filter status? > > > > > > > Or use rate-limiting, similar to what we have done for other > > guest-triggered events (such as BALLOON_CHANGE), where management can > > then tweak the maximum frequency at which it is willing to receive events. > > > > -- > > Eric Blake eblake redhat com +1-919-301-3266 > > Libvirt virtualization library http://libvirt.org > > > > I'm not sure how would management set the rate though, > and any throttling here might hurt the guest, > unlike the balloon. > > OTOH what I proposed kind of moderates itself automatically. To clarify the issue: - guest might be changing macs a lot not because it is malicious, but because it has a reason to do it. delaying the filter update for such a guest would drop lots of packets. To clarify what I am proposing: - on info mac-table -> clear flag - on mac-table change -> test and set flag if was not set -> send event to management if was set -> do not send event This way management does not get events faster than it can handle them. > -- > MST