From: Jiri Pirko <jiri@resnulli.us>
To: "Samudrala, Sridhar" <sridhar.samudrala@intel.com>
Cc: alexander.h.duyck@intel.com, virtio-dev@lists.oasis-open.org,
mst@redhat.com, kubakici@wp.pl, netdev@vger.kernel.org,
virtualization@lists.linux-foundation.org, loseweigh@gmail.com,
aaron.f.brown@intel.com, davem@davemloft.net
Subject: Re: [PATCH net-next v9 3/4] virtio_net: Extend virtio to use VF datapath when available
Date: Wed, 2 May 2018 18:05:18 +0200 [thread overview]
Message-ID: <20180502160518.GH19250@nanopsycho> (raw)
In-Reply-To: <c94ce6a9-6f36-675c-cf5b-414454fc2244@intel.com>
Wed, May 02, 2018 at 05:34:44PM CEST, sridhar.samudrala@intel.com wrote:
>On 5/2/2018 12:50 AM, Jiri Pirko wrote:
>> Wed, May 02, 2018 at 02:20:26AM CEST, sridhar.samudrala@intel.com wrote:
>> > On 4/30/2018 12:20 AM, Jiri Pirko wrote:
>> > > > > Now I try to change mac of the failover master:
>> > > > > [root@test1 ~]# ip link set ens3 addr 52:54:00:b2:a7:f3
>> > > > > RTNETLINK answers: Operation not supported
>> > > > >
>> > > > > That I did expect to work. I would expect this would change the mac of
>> > > > > the master and both standby and primary slaves.
>> > > > If a VF is untrusted, a VM will not able to change its MAC and moreover
>> > > Note that at this point, I have no VF. So I'm not sure why you mention
>> > > that.
>> > >
>> > >
>> > > > in this mode we are assuming that the hypervisor has assigned the MAC and
>> > > > guest is not expected to change the MAC.
>> > > Wait, for ordinary old-fashioned virtio_net, as a VM user, I can change
>> > > mac and all works fine. How is this different? Change mac on "failover
>> > > instance" should work and should propagate the mac down to its slaves.
>> > >
>> > >
>> > > > For the initial implementation, i would propose not allowing the guest to
>> > > > change the MAC of failover or standby dev.
>> > > I see no reason for such restriction.
>> > >
>> > It is true that a VM user can change mac address of a normal virtio-net interface,
>> > however when it is in STANDBY mode i think we should not allow this change specifically
>> > because we are creating a failover instance based on a MAC that is assigned by the
>> > hypervisor.
>> >
>> > Moreover, in a cloud environment i would think that PF/hypervisor assigns a MAC to
>> > the VF and it cannot be changed by the guest.
>> So that is easy. You allow the change of the mac and in the "failover"
>> mac change implementation you propagate the change down to slaves. If
>> one slave does not support the change, you bail out. And since VF does
>> not allow it as you say, once it will be enslaved, the mac change could
>> not be done. Seems like a correct behavior to me and is in-sync with how
>> bond/team behaves.
>
>If we allow the mac to be changed when the VF is not yet plugged in
>and the guest changes the mac, then VF cannot join the failover when
>it is hot plugged with the original mac assigned by the hypervisor.
>Specifically there could be timing window during the live migration where
>VF would be unplugged at the source and if we allow the guest to change the
>failover mac, then VF would not be able to register with the failover after
>the VM is migrated to the destination.
Okay. So as suggested by mst, just forbid the mac changes all together.
>
>>
>> > So for the initial implementation, do you see any issues with having this restriction
>> > in STANDBY mode.
>> >
>> >
>
prev parent reply other threads:[~2018-05-02 16:05 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1524848820-42258-1-git-send-email-sridhar.samudrala@intel.com>
2018-04-27 17:06 ` [PATCH net-next v9 1/4] virtio_net: Introduce VIRTIO_NET_F_STANDBY feature bit Sridhar Samudrala
2018-04-27 17:06 ` [PATCH net-next v9 2/4] net: Introduce generic failover module Sridhar Samudrala
2018-04-27 17:06 ` [PATCH net-next v9 3/4] virtio_net: Extend virtio to use VF datapath when available Sridhar Samudrala
2018-04-27 17:07 ` [PATCH net-next v9 4/4] netvsc: refactor notifier/event handling code to use the failover framework Sridhar Samudrala
2018-04-27 17:45 ` [PATCH net-next v9 0/4] Enable virtio_net to act as a standby for a passthru device Jiri Pirko
[not found] ` <20180427174523.GE5632@nanopsycho.orion>
2018-04-27 17:53 ` Samudrala, Sridhar
[not found] ` <a60d08cd-6c8b-ea1e-e76c-4decba563e99@intel.com>
2018-04-27 19:38 ` Jiri Pirko
[not found] ` <1524848820-42258-2-git-send-email-sridhar.samudrala@intel.com>
2018-04-28 7:50 ` [PATCH net-next v9 1/4] virtio_net: Introduce VIRTIO_NET_F_STANDBY feature bit Jiri Pirko
[not found] ` <20180428075027.GI5632@nanopsycho.orion>
2018-04-30 2:47 ` Samudrala, Sridhar
[not found] ` <9826909e-d6cd-a0a3-142f-6f7f8cf2b5ce@intel.com>
2018-04-30 7:03 ` Jiri Pirko
2018-04-30 19:14 ` Samudrala, Sridhar
[not found] ` <1524848820-42258-3-git-send-email-sridhar.samudrala@intel.com>
2018-04-27 17:53 ` [PATCH net-next v9 2/4] net: Introduce generic failover module Jiri Pirko
2018-04-28 8:15 ` Jiri Pirko
2018-04-28 9:06 ` Jiri Pirko
2018-04-30 3:03 ` Samudrala, Sridhar
2018-05-02 16:15 ` Jiri Pirko
[not found] ` <20180502161542.GI19250@nanopsycho>
2018-05-02 17:51 ` Samudrala, Sridhar
[not found] ` <052e2c60-dc4c-d6a0-0159-fc1821cb4365@intel.com>
2018-05-02 20:30 ` Michael S. Tsirkin
[not found] ` <20180502232907-mutt-send-email-mst@kernel.org>
2018-05-02 21:36 ` Samudrala, Sridhar
2018-05-02 21:39 ` Jiri Pirko
2018-05-02 21:39 ` Jiri Pirko
[not found] ` <20180428081542.GJ5632@nanopsycho.orion>
2018-04-30 2:47 ` Samudrala, Sridhar
[not found] ` <1524848820-42258-4-git-send-email-sridhar.samudrala@intel.com>
2018-04-28 8:24 ` [PATCH net-next v9 3/4] virtio_net: Extend virtio to use VF datapath when available Jiri Pirko
2018-04-30 3:00 ` Samudrala, Sridhar
[not found] ` <62f3b81b-70f6-6991-8e23-2bf650ecea2d@intel.com>
2018-04-30 7:12 ` Jiri Pirko
[not found] ` <20180430071208.GG23854@nanopsycho.orion>
2018-04-30 19:26 ` Samudrala, Sridhar
[not found] ` <c965d7f2-9ba6-fc82-ce1c-4d70c3aceb6d@intel.com>
2018-05-01 7:33 ` Jiri Pirko
2018-04-28 9:42 ` Jiri Pirko
[not found] ` <20180428094205.GM5632@nanopsycho.orion>
2018-04-29 8:56 ` Siwei Liu
[not found] ` <CADGSJ23A4w=MmnP7CneBwk=eouS07HfK4=1UWTk3Dz3gBX0yjg@mail.gmail.com>
2018-04-29 13:45 ` Jiri Pirko
2018-04-30 4:16 ` Samudrala, Sridhar
[not found] ` <638e52c7-64db-9d8d-7530-f6b000d3e292@intel.com>
2018-04-30 7:20 ` Jiri Pirko
[not found] ` <20180430072034.GH23854@nanopsycho.orion>
2018-05-02 0:20 ` Samudrala, Sridhar
[not found] ` <9c6f055c-c665-0601-3973-bce74d72544b@intel.com>
2018-05-02 7:50 ` Jiri Pirko
[not found] ` <20180502075021.GC19250@nanopsycho>
2018-05-02 15:34 ` Samudrala, Sridhar
2018-05-02 15:47 ` Michael S. Tsirkin
[not found] ` <20180502184326-mutt-send-email-mst@kernel.org>
2018-05-02 16:04 ` Jiri Pirko
[not found] ` <c94ce6a9-6f36-675c-cf5b-414454fc2244@intel.com>
2018-05-02 16:05 ` Jiri Pirko [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180502160518.GH19250@nanopsycho \
--to=jiri@resnulli.us \
--cc=aaron.f.brown@intel.com \
--cc=alexander.h.duyck@intel.com \
--cc=davem@davemloft.net \
--cc=kubakici@wp.pl \
--cc=loseweigh@gmail.com \
--cc=mst@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=sridhar.samudrala@intel.com \
--cc=virtio-dev@lists.oasis-open.org \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox