On 10/29/2010 6:45 AM, Arnd Bergmann wrote:
On Friday 29 October 2010, Sridhar Samudrala wrote:
With the current default 'vepa' mode, a KVM guest using virtio with
macvtap backend has the following limitations.
- cannot change/add a mac address on the guest virtio-net
I believe this could be changed if there is a neeed, but I actually
consider it one of the design points of macvlan that the guest
is not able to change the mac address. With 802.1Qbg you rely on
the switch being able to identify the guest by its MAC address,
which the host kernel must ensure.
Currently the host cannot prevent a guest user from trying to change/add
a mac address
on the guest virtio-net. From guest point of view, the request succeeds,
but the incoming packets
are dropped siliently by the host interface.
- cannot create a vlan device on the guest virtio-net
Why not? If this doesn't work, it's probably a bug!
Because the host is not aware of the guest vlan tag and the host
external interface will filter out
incoming vlan tagged packets.
Why does the passthru mode enable it if it doesn't work
already?
passthru mode puts the host external interface in promiscuous mode which
allows vlan tagged
packets to be received.
Even in tap/bridge mode, this works because adding an external interface
to the bridge causes it to be
put in promiscuous mode.
Thanks
Sridhar
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
