Date: Sat, 20 Apr 2024 00:21:37 -0400 From: Paul Procacci <pprocacci@gmail.com> To: Lexi Winter <lexi@le-fay.org> Cc: freebsd-net@freebsd.org Subject: Re: ixl(4) bhyve(8) SR-IOV with Transparent VLAN associated w/ VF's Message-ID: <CAFbbPuivoRigxn=gUYOy%2BRNzu%2B2Os3D2OcmeANmhdY0237MGFA@mail.gmail.com> In-Reply-To: <ZiB_xHXXN4M6Ud4P@ilythia.eden.le-fay.org> References: <CAFbbPuhcKFO=%2B8-y_aQibmu4U00G6Y%2BJ8_WTOHs_oanhHH8EKA@mail.gmail.com> <ZiB_xHXXN4M6Ud4P@ilythia.eden.le-fay.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
On Wed, Apr 17, 2024 at 10:04 PM Lexi Winter <lexi@le-fay.org> wrote:
> Paul Procacci:
> > I'm assigning VF's to bhyve with pci passthru.
> [...]
> > Given this, I figured the best option would be to set the VLAN on the VF
> on
> > the host prior to handing it off to the bhyve instance effectively
> enabling
> > transparent vlans.
> [...]
> > Has anyone done this? Does anyone have any pointers to accomplish this?
>
> i looked into this a while ago and concluded that it's not supported, at
> least on Intel cards.
>
> my recollection is that someone was working on this at one point, but
> never finished it -- unfortunately, i can't remember who that was...
>
> you may be able to work around this by running vlan(4) on the VF on the
> host instead of passing the interface to the guest, but then you lose
> most of the benefits of using SR-IOV to begin with. i have run into
> some odd bugs with both SR-IOV and vlan(4) on ixgbe cards and would
> definitely recommend testing that thoroughly before deploying it.
>
That's a real bummer. You'd think this would be kinda a thing considering
the security implications.
Welp, Thanks for writing back Lexi!
~Paul
--
__________________
:(){ :|:& };:
[-- Attachment #2 --]
<div dir="ltr"><div><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Apr 17, 2024 at 10:04 PM Lexi Winter <<a href="mailto:lexi@le-fay.org">lexi@le-fay.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Paul Procacci:<br>
> I'm assigning VF's to bhyve with pci passthru.<br>
[...]<br>
> Given this, I figured the best option would be to set the VLAN on the VF on<br>
> the host prior to handing it off to the bhyve instance effectively enabling<br>
> transparent vlans.<br>
[...]<br>
> Has anyone done this? Does anyone have any pointers to accomplish this?<br>
<br>
i looked into this a while ago and concluded that it's not supported, at<br>
least on Intel cards.<br>
<br>
my recollection is that someone was working on this at one point, but<br>
never finished it -- unfortunately, i can't remember who that was...<br>
<br>
you may be able to work around this by running vlan(4) on the VF on the<br>
host instead of passing the interface to the guest, but then you lose<br>
most of the benefits of using SR-IOV to begin with. i have run into<br>
some odd bugs with both SR-IOV and vlan(4) on ixgbe cards and would<br>
definitely recommend testing that thoroughly before deploying it.<br>
</blockquote></div><br clear="all">
That's a real bummer. You'd think this would be kinda a thing considering the security implications.<br><br></div><div>Welp, Thanks for writing back Lexi!<br><br></div><div>~Paul<br><br></div><div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature">__________________<br><br>:(){ :|:& };:</div></div></div>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFbbPuivoRigxn=gUYOy%2BRNzu%2B2Os3D2OcmeANmhdY0237MGFA>