From owner-freebsd-emulation@FreeBSD.ORG Sun Jun 23 09:48:38 2013 Return-Path: Delivered-To: freebsd-emulation@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id A73917E4 for ; Sun, 23 Jun 2013 09:48:38 +0000 (UTC) (envelope-from decke@bluelife.at) Received: from mail-ob0-x232.google.com (mail-ob0-x232.google.com [IPv6:2607:f8b0:4003:c01::232]) by mx1.freebsd.org (Postfix) with ESMTP id 6D99816E6 for ; Sun, 23 Jun 2013 09:48:38 +0000 (UTC) Received: by mail-ob0-f178.google.com with SMTP id fb19so9876026obc.37 for ; Sun, 23 Jun 2013 02:48:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bluelife.at; s=google; h=mime-version:sender:x-originating-ip:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=U9kbz2cgoZTJfKPz8nE6wU+AzU+ITr0Q0ZaZcKp6Xls=; b=QeFSuPYUTUi6Ff9+HHiPauKk9/S8JfVGJDNYmwaqNHEthsCnjLtAtWb3w4XjOkeAnu G9EQ091FpQZbI9p87j0hXSXpSBdNU7trXeGkTdyHnL5Iv/mFAGAaqhUp37dy809kMtF/ ZVdWRAH1jBksg2mcljT6fQCYv0IUOy1wID6Co= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:sender:x-originating-ip:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding:x-gm-message-state; bh=U9kbz2cgoZTJfKPz8nE6wU+AzU+ITr0Q0ZaZcKp6Xls=; b=QqAnSNmcN7cycPGeiTni5o4z3s6710O3f/N2TgGiqRjidpEEOcRmBc2tMKPEG0EqS3 xB2H60nmTXLKu5NfD7yQAi37Z2EEh2xzETtUVQkEx6YJxFfRfmejIRPjMQj2fBDAiFGo EONTuJJJ374T6EEhOBwc+vYH5Sn8Z5uuRXKeW7c2cCIJB2l4f4qfgPrzszBkzoPPhKnc pfRoq/bW354RgLxWyRwsX+5EDXFevNYcB+TVvyhxKeLlQUxYvjQAR9OAwE6eR8N9eTCq LAC3/Tt3EXiteHOK6QX2lZvP58lJTh/DQYNQw529yMq9GSXYzjqsW+Ns+zNP/7K+H2aG rbwQ== MIME-Version: 1.0 X-Received: by 10.182.129.129 with SMTP id nw1mr6487169obb.100.1371980917940; Sun, 23 Jun 2013 02:48:37 -0700 (PDT) Sender: decke@bluelife.at Received: by 10.76.95.168 with HTTP; Sun, 23 Jun 2013 02:48:37 -0700 (PDT) X-Originating-IP: [46.207.29.194] In-Reply-To: <2E7892C4-F9BD-41A3-9269-D9A24D0DB695@plausible.coop> References: <6BCC0BDE-C9FD-47F0-96AE-88F797EFB074@plausible.coop> <2E7892C4-F9BD-41A3-9269-D9A24D0DB695@plausible.coop> Date: Sun, 23 Jun 2013 11:48:37 +0200 X-Google-Sender-Auth: bCIS_RvCAa1GxywbWmAW9TIb0lg Message-ID: Subject: Re: [PATCH] VLAN trunking support in VirtualBox vboxnetflt From: =?ISO-8859-1?Q?Bernhard_Fr=F6hlich?= To: Landon Fuller Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Gm-Message-State: ALoCoQm2OD5ib+OyZGh8Nhsk4t9aF6md/mYOP5jN/sPT4PQOvx3pfy1egfBdEpP5PgL+u8IlqURV Cc: "freebsd-emulation@freebsd.org" X-BeenThere: freebsd-emulation@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Development of Emulators of other operating systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Jun 2013 09:48:38 -0000 Thanks a lot for the fix! I've added it to the kmod port in our testing repository and it will be included in the next update for vbox 4.1.14. https://redports.org/changeset/13816 On Sun, May 26, 2013 at 6:17 PM, Landon Fuller wro= te: > Hello, > > This patch has been in the vbox kmod port for some time now, and I've bee= n running it without incident; however, I recently ran into a configuration= that the patch does not correctly handle: > - A single host interface (eg, em0) bridged to a VM > - VLANs also configured on the host interface (em0.vlan0, em0.vla= n1) > > The packet flow in this situation should be: > - The ng filter is handed a packet from em0 > - The filter re-adds the VLAN header to the top of the packet and= strips the M_VLANTAG flag > - After passing to the virtual switch, the packet is re-injected = into the host via ether_demux(). > - ether_demux() extracts the embedded VLAN tag and hands the pack= et off to vlan_input_p(). > > As it turns out, ether_demux() does not handle frames with embedded VLAN = tags, and at this point, the packet is dropped, rather than being routed to= the host's VLAN handling: > http://lists.freebsd.org/pipermail/freebsd-net/2011-October/03020= 1.html > > The result is as follows: > - Packets received via the host interface are handled correctly. > - Packets (including VLAN tagged packets) are passed to sub-VMs c= orrectly. > - Packets that *should* be handled by vlan* sub-interfaces on the= host are never received by those interfaces as they're dropped in ether_de= mux(). > > This worked in my existing configuration because the host and the VMs act= ually use two different VLAN trunks (em0 and em1), and so em0 packets being= dropped after injection into the virtual switch does not affect the host's= handling of packets on em1. > > I've attached an updated patch that should resolve this issue; I'm curren= tly testing it locally on my home deployment and so far it is working fine.= The patch simply restores the VLAN flags and stripped ethernet header afte= r injecting the packet into the virtual ethernet switch. With this change i= n place, ether_demux() correctly hands the packet off to vlan_input_p(). > > Cheers, > Landon > > > > > On Apr 13, 2012, at 2:51 PM, Landon J Fuller wro= te: > >> Howdy, >> >> I was looking into trunking VLANs into a virtual machine via bridging, a= nd noted that transmit of 802.1q tagged packets worked from the guest VM, b= ut upon reception, the VLAN tag seemed to be stripped before the packets hi= t the guest's interface. >> >> Taking a look at the netgraph-based bridging implementation, it looks li= ke the VLAN tag is not being re-inserted at the head of the ethernet frame = prior to handing off the to VirtualBox, and VBox doesn't seem to have an eq= uivalent 'ether_vtag' field in its INTNETSG struct to handle this. >> >> Thus, to preserve the VLAN tag, I modified vboxNetFltFreeBSDMBufToSG() t= o ether_vlanencap() to insert the VLAN tag before handing off to VBox. With= this in place, I was able to successfully trunk VLANs to a virtual machine= . >> >> Some caveats: >> - If using virtio-kmod's if_vtnet, you must set vlanhwfilter (or p= romisc) flags on the guest interface before virtualbox will pass the VLAN t= agged packets through. Otherwise, the VBox virtio-net device implementation= will filter out the incoming packets before handing them to the VM hardwar= e. >> - VBox's em(4) host implementation does not appear to support 'har= dware' VLAN tagging, but it does declare it. If using a em(4) virtualized N= IC, you must set -vlanhwtag on the guest interface. >> >> I welcome someone(s) with more experience than I eyeballing the (tiny) a= ttached patch. I'm also especially concerned as to whether this should be c= onsidered supported functionality in VBox, or I'm just getting lucky with t= he virtio-net code path. >> >> Thanks, >> Landon >> >> ____= ___________________________________________ >> freebsd-emulation@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-emulation >> To unsubscribe, send any mail to "freebsd-emulation-unsubscribe@freebsd.= org" > > > _______________________________________________ > freebsd-emulation@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-emulation > To unsubscribe, send any mail to "freebsd-emulation-unsubscribe@freebsd.o= rg" --=20 Bernhard Froehlich http://www.bluelife.at/