Date: Sat, 20 Apr 2024 00:21:37 -0400 From: Paul Procacci <pprocacci@gmail.com> To: Lexi Winter <lexi@le-fay.org> Cc: freebsd-net@freebsd.org Subject: Re: ixl(4) bhyve(8) SR-IOV with Transparent VLAN associated w/ VF's Message-ID: <CAFbbPuivoRigxn=gUYOy%2BRNzu%2B2Os3D2OcmeANmhdY0237MGFA@mail.gmail.com> In-Reply-To: <ZiB_xHXXN4M6Ud4P@ilythia.eden.le-fay.org> References: <CAFbbPuhcKFO=%2B8-y_aQibmu4U00G6Y%2BJ8_WTOHs_oanhHH8EKA@mail.gmail.com> <ZiB_xHXXN4M6Ud4P@ilythia.eden.le-fay.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--000000000000efee1906167f8a9a
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
On Wed, Apr 17, 2024 at 10:04=E2=80=AFPM Lexi Winter <lexi@le-fay.org> wrot=
e:
> Paul Procacci:
> > I'm assigning VF's to bhyve with pci passthru.
> [...]
> > Given this, I figured the best option would be to set the VLAN on the V=
F
> on
> > the host prior to handing it off to the bhyve instance effectively
> enabling
> > transparent vlans.
> [...]
> > Has anyone done this? Does anyone have any pointers to accomplish this=
?
>
> i looked into this a while ago and concluded that it's not supported, at
> least on Intel cards.
>
> my recollection is that someone was working on this at one point, but
> never finished it -- unfortunately, i can't remember who that was...
>
> you may be able to work around this by running vlan(4) on the VF on the
> host instead of passing the interface to the guest, but then you lose
> most of the benefits of using SR-IOV to begin with. i have run into
> some odd bugs with both SR-IOV and vlan(4) on ixgbe cards and would
> definitely recommend testing that thoroughly before deploying it.
>
That's a real bummer. You'd think this would be kinda a thing considering
the security implications.
Welp, Thanks for writing back Lexi!
~Paul
--=20
__________________
:(){ :|:& };:
--000000000000efee1906167f8a9a
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div><div dir=3D"ltr"><br></div><br><div class=3D"gmail_qu=
ote"><div dir=3D"ltr" class=3D"gmail_attr">On Wed, Apr 17, 2024 at 10:04=E2=
=80=AFPM Lexi Winter <<a href=3D"mailto:lexi@le-fay.org">lexi@le-fay.org=
</a>> wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:=
0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">=
Paul Procacci:<br>
> I'm assigning VF's to bhyve with pci passthru.<br>
[...]<br>
> Given this, I figured the best option would be to set the VLAN on the =
VF on<br>
> the host prior to handing it off to the bhyve instance effectively ena=
bling<br>
> transparent vlans.<br>
[...]<br>
> Has anyone done this?=C2=A0 Does anyone have any pointers to accomplis=
h this?<br>
<br>
i looked into this a while ago and concluded that it's not supported, a=
t<br>
least on Intel cards.<br>
<br>
my recollection is that someone was working on this at one point, but<br>
never finished it -- unfortunately, i can't remember who that was...<br=
>
<br>
you may be able to work around this by running vlan(4) on the VF on the<br>
host instead of passing the interface to the guest, but then you lose<br>
most of the benefits of using SR-IOV to begin with.=C2=A0 i have run into<b=
r>
some odd bugs with both SR-IOV and vlan(4) on ixgbe cards and would<br>
definitely recommend testing that thoroughly before deploying it.<br>
</blockquote></div><br clear=3D"all">
That's a real bummer.=C2=A0=C2=A0 You'd think this would be kinda a=
thing considering the security implications.<br><br></div><div>Welp, Thank=
s for writing back Lexi!<br><br></div><div>~Paul<br><br></div><div><span cl=
ass=3D"gmail_signature_prefix">-- </span><br><div dir=3D"ltr" class=3D"gmai=
l_signature">__________________<br><br>:(){ :|:& };:</div></div></div>
--000000000000efee1906167f8a9a--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFbbPuivoRigxn=gUYOy%2BRNzu%2B2Os3D2OcmeANmhdY0237MGFA>