* Arnd Bergmann <arnd@xxxxxxxx> wrote: > On Monday 18 April 2011, Asias He wrote: > > (1) Is it possible to add an interface to macvtap like /dev/net/tun, > > eg, /dev/net/macvtap. Currently, it is hard to use macvtap programmatically. > > I decided against having a multiplexor device because it makes permission > handling rather hard. One chardev per network interface makes it possible > to handle permissions in multiuser setups. > > > (2) Adding another macvlan device(e.g., macvlan0) to the hardware > > interface(e.g., eth0) and using it as the old eth0 make the process of > > using macvtap complicate. One has to reconfigure the network. This is > > not optimal from the user perspective. Is it possible to leave the > > low-level device as is when using the macvtap device? > > Only in VEPA mode. Note that a similar restriction applies when using the > bridge device, for the same technical reasons. Just to sum things up, our goal is to allow the tools/kvm/ unprivileged tool to provide TCP connectivity to Linux guests transparently, with the following parameters: - the kvm tool runs unprivileged - as ordinary user - without having to configure much (preferably zero configuration: without having to configure anything) on the guest Linux side - multiple guests should just work without interfering with each other - the kvm tool wants to be stateless - i.e. it does not want to allocate or manage host side devices - it just wants to provide the kind of TCP/IP connectivity host unprivileged user-space has, to the guest. The tool wants to be a generic tool with no global state, not a daemon. So it wants to be a stateless, unprivileged and zero-configuration solution. Is this possible with macvtap, and if yes, what kind of macvtap mode and usage would you recommend for that goal? Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
