On Thu, 12 Jan 2023 09:45:39 -0500 Laine Stump <laine@xxxxxxxxxx> wrote: > On 1/11/23 1:33 PM, Daniel P. Berrangé wrote: > > On Sun, Jan 08, 2023 at 11:11:07PM -0500, Laine Stump wrote: > >> Initial support for network devices using passt (https://passt.top) > >> for the backend connection will require: > >> > >> * new attributes of the <backend> subelement: > >> * "type" that can have the value "passt" (to differentiate from > >> slirp, because both slirp and passt will use <interface > >> type='user'>) > >> * "logFile" (a path to a file that passt should use for its logging) > >> * "upstream" (a netdev name, e.g. "eth0"). > > > > IMHO this attribute is inappropriate for <backend>.... > > > [...] > >> + <interface type='user'> > >> + <mac address='00:11:22:33:44:55'/> > >> + <ip address='172.17.2.0' family='ipv4' prefix='24'/> > >> + <ip address='2001:db8:ac10:fd01::feed' family='ipv6'/> > >> + <portForward proto='tcp' address='2001:db8:ac10:fd01::1:10'> > >> + <range start='22' to='2022'/> > >> + <range start='1000' end='1050'/> > >> + <range start='1020' exclude='yes'/> > >> + <range start='1030' end='1040' exclude='yes'/> > >> + </portForward> > >> + <portForward proto='udp' address='1.2.3.4' dev='eth0'> > >> + <range start='5000' end='5020' to='6000'/> > >> + <range start='5010' end='5015' exclude='yes'/> > >> + </portForward> > >> + <portForward proto='tcp'> > >> + <range start='80'/> > >> + </portForward> > >> + <portForward proto='tcp'> > >> + <range start='443' to='344'/> > >> + </portForward> > >> + <model type='rtl8139'/> > >> + <backend type='passt' logFile='/var/log/loglaw.blog' upstream='eth42'/> > > > > I don't think that 'upstream' is really describing a property of the > > backend. > > > > This is expressing a traffic routing restriction for the 'user' > > networking type. IMHO it should probably be using the existing > > <source dev="xxxx"/> element, that is currently used by the > > 'direct' networking type. > > I'm still not sure *exactly* what it does; it apparently grabs the > routes that are fed to the guest from the given host interface; I should > probably ask Stefano to explain it to me again (he described it once, > but that was along with explanations of several other things). Yes, it's pretty much that... recycling from the man page: -i, --interface name Use host interface name to derive addresses and routes. Default is to use the interfaces with the first default routes for each IP version. It's not actually a routing restriction -- passt can't do that. The only interface binding that passt implements (with Linux kernel versions >= 5.7) is an optional bound interface specification for port forwarding. > So it's not *exactly* the same as <source dev='xxx'/> for type='direct' > (which determines the link-level connection rather than IP routing), but > definitely very similar. Right, I think so too, and "source" is probably a good name for that in any case. -- Stefano
