lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8f15ec904f631f2d792388128b34732a@justnet.pl>
Date:	Sun, 20 Sep 2015 20:18:47 +0200
From:	Nieścierowicz Adam <adam.niescierowicz@...tnet.pl>
To:	Matthew Monaco <Matthew.Monaco@...orado.edu>
Cc:	Or Gerlitz <gerlitz.or@...il.com>,
	Linux Netdev List <netdev@...r.kernel.org>,
	netdev-owner@...r.kernel.org
Subject: Re: sr-iov and bridges (mlx4)

Hi Matthew,
in near future i want to do exactly the same, if you make progress with 
SR-IOV+Bridge+OpenStack please leave here some advice.

---
Pozdrawiam
Adam Nieścierowicz

W dniu 20.09.2015 18:21, Matthew Monaco napisał(a):

> On 09/20/2015 05:01 AM, Or Gerlitz wrote: On Sun, Sep 20, 2015 at 2:58 
> AM, Matthew Monaco
> <Matthew.Monaco@...orado.edu> wrote:
> [...] In all cases, VMs with SR-IOV work fine, IP on the host works 
> fine, outbound
> DHCP from the virtio VMs work fine, but inbound frames are not making 
> it back to
> the VM. [...] Is there a know limitation of mixing SR-IOV and bridges 
> in general? Does the
> SR-IOV switch specific to the mlx4 hardware not work well with linux 
> bridges? ...?
> It would be a bit hard for bridge based promiscuous environment to work 
> OOB
> for one of the functions (PF or VF) in SRIOV, this is generic issue,
> and not related
> to specific vendor.
> 
> You need to use the bridge (8) tool (part of iproute2) and add the P.V
> VM MACs to
> the PF interface as "self" see some slides (21/22/23) from netdev 0.1
> that deal with that
> https://netdev01.org/docs/netdev_tutorial_bridge_makita_150213.pdf [1]
> 
> Or.
> 
> It also possible to mark one bridge port (the PF) as non-promiscuous,
> but I haven't
> played with that myself yet (slide 32), so can't just send you doing 
> it...

  Many thanks, that helps. Now to figure out the best approach for 
shoving this
  into OpenStack =)



Links:
------
[1] https://netdev01.org/docs/netdev_tutorial_bridge_makita_150213.pdf
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ