lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 12 Feb 2014 23:10:40 +0000
From:	Ben Hutchings <ben@...adent.org.uk>
To:	yoann.juet@...v-nantes.fr
Cc:	netdev@...r.kernel.org, Ariel Elior <ariele@...adcom.com>
Subject: Re: bnx2x + SR-IOV, no internal L2 switching

On Wed, 2014-02-12 at 14:33 +0100, Yoann Juet wrote:
> Hi all,
> 
> I'm conducting experiments on SR-IOV with Broadcom and Intel cards on 
> debian/unstable with KVM hypervisor. On Broadcom cards (bnx2x module, 
> BCM57810 devices), Virtual Functions (VFs) get running, Virtual Machines 
> attached to such VFs inherit network connectivity with excellent 
> performance.
> 
> However, VMs attached to VFs on the Broadcom Physical Functions (PFs) 
> behave like they were connected to an ancient hub, not a L2 switch. It 
> is as if there was no internal L2 switching on the Broadcom card to 
> process VF <-> VF or VF <-> PF communications. As a result, a VM sees 
> all inbound/outbound traffic from/to others VMs as well as traffic 
> destined to the PF (for instance, the physical ethX has an IP address).

Are you're using the ISC DHCP client, which puts the interface in
promiscuous mode?  If the Broadcom NIC supports promiscuous mode on VFs,
that may explain what you're seeing.

> On the other hand, everything works like a charm with Intel cards (ixgbe 
> module, 82599EB devices). Traffic between VFs or VF/PF is switched 
> internally by the card.

I think these VFs don't support promiscuous mode.  Anyway, the ixgbevf
driver silently ignores it.

Ben.

> I found very little literature about SR-IOV on Broadcom devices. I 
> wonder if it's a normal behaviour, a misconfiguration on my side or 
> perhaps a firmware/driver bug.
> 
> Have you seen this issue before ?
> 
> ---
> Kernel 3.12.9 (same behaviour with kernels 3.10.x)
> 	driver: bnx2x
> 	firmware-version: 7.8.17
> Debian/unstable
> 	libvirt 1.2.1
> 	QEMU 1.7.0
> ---
> 
> Best regards,

-- 
Ben Hutchings
If more than one person is responsible for a bug, no one is at fault.

Download attachment "signature.asc" of type "application/pgp-signature" (812 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ