Re: [RFC] Allowing promiscuous mode for domains network interfaces

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 07/02/2012 09:28 AM, Jean-Baptiste Rouault wrote:
> Hi all,
> 
> By default, OpenVZ and VirtualBox (> 4.0.x) filter network packets by MAC 
> addresses : only broadcast, multicast and packets directly targeted to VMs are 
> transmitted.
> This behaviour prevents from using promiscuous mode inside domains.
> 
> I'd like to write some patches to disable these filters from libvirt.
> Would it be ok to modify OpenVZ and VirtualBox drivers so that they disable 
> the filters by default ?
> 
> If this is not acceptable, what about making it configurable through domains' 
> XML ?

It sounds like exposing this through the domain XML would be useful to
other hypervisors, and certainly something that I would rather have
configurable per-guest instead of hard-coded to one default or another.
 We might declare that if the XML element is not present then it is up
to hypervisor defaults whether the interface is promiscuous, to allow
for back-compat, while still allowing the user to explicitly select
narrow or promiscuous with new libvirt.

-- 
Eric Blake   eblake@xxxxxxxxxx    +1-919-301-3266
Libvirt virtualization library http://libvirt.org



Attachment: signature.asc
Description: OpenPGP digital signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]