lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sat, 30 Oct 2010 13:55:25 -0700
From:	Sridhar Samudrala <>
To:	Arnd Bergmann <>
CC:	Patrick McHardy <>,
	Stephen Hemminger <>,
	"Michael S. Tsirkin" <>,
	netdev <>,
	"" <>
Subject: Re: [PATCH] macvlan: Introduce 'passthru' mode to takeover the underlying

On 10/29/2010 6:45 AM, Arnd Bergmann wrote:
> On Friday 29 October 2010, Sridhar Samudrala wrote:
>> With the current default 'vepa' mode, a KVM guest using virtio with
>> macvtap backend has the following limitations.
>> - cannot change/add a mac address on the guest virtio-net
> I believe this could be changed if there is a neeed, but I actually
> consider it one of the design points of macvlan that the guest
> is not able to change the mac address. With 802.1Qbg you rely on
> the switch being able to identify the guest by its MAC address,
> which the host kernel must ensure.
Currently the host cannot prevent a guest user from trying to change/add 
a mac address
on the guest virtio-net. From guest point of view, the request succeeds, 
but the incoming packets
are dropped siliently by the host interface.

>> - cannot create a vlan device on the guest virtio-net
> Why not? If this doesn't work, it's probably a bug!
Because the host is not aware of the guest vlan tag and the host 
external interface will filter out
incoming vlan tagged packets.

> Why does the passthru mode enable it if it doesn't work
> already?
passthru mode puts the host external interface in promiscuous mode which 
allows vlan tagged
packets to be received.

Even in tap/bridge mode, this works because adding an external interface 
to the bridge causes it to be
put in promiscuous mode.


To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists