Date: Fri, 5 Jun 2020 12:07:01 +0200 From: =?utf-8?B?SsOBS8OTIEFuZHLDoXM=?= <jako.andras@eik.bme.hu> To: Julien Cigar <julien@perdition.city> Cc: freebsd-jail@freebsd.org Subject: Re: vnet jails on VLAN subinterfaces Message-ID: <20200605100701.GA83565@eik.bme.hu> In-Reply-To: <20200604134359.ei6vdsce5xrdbtqo@x1> References: <20200604113832.GD76013@eik.bme.hu> <20200604134359.ei6vdsce5xrdbtqo@x1>
next in thread | previous in thread | raw e-mail | index | archive | help
> > I'd like to use 802.1Q tagged VLANs on an Ethernet interface, one VLAN > > per jail. I assigned VLAN subinterfaces to the jail's network stacks: > > > > em0 - em0.99 (host) > > em0 - em0.100 (jail0) > > em0 - em0.101 (jail1) > > > > Here em0 and em0.99 belong to the base system while em0.10[01] belong to > > the jails' network stacks. > > > > This works perfectly so far. But I didn't see this setup mentioned > > anywhere, that's why I'm curious whether this a "valid" setup, do I use > > vnet correctly? Or does it only work by accident? > > > > In your case it's OK, but as VLAN ids are unique per interface you need > x different physical interfaces if x jails (VNET) need to be in the same > VLAN (and use the same interface). Thanks! I only need one jail per VLAN right now, but I understand that this simple setup does not work with more jails in the same VLAN. > Best option is to use SR-IOV (if your interface support it) to have > multiple virtual NIC, or use bridge + epair (which has an huge > performance impact due to locking issue in if_bridge, although this is > fixed in -CURRENT by @kp) I didn't know about SR-IOV but it's very promising. AndrĂ¡s
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200605100701.GA83565>