On Mon, Apr 18, 2011 at 02:01:14PM +0200, Ingo Molnar wrote: > - the kvm tool wants to be stateless - i.e. it does not want to allocate or > manage host side devices - it just wants to provide the kind of TCP/IP > connectivity host unprivileged user-space has, to the guest. The tool wants > to be a generic tool with no global state, not a daemon. > > So it wants to be a stateless, unprivileged and zero-configuration solution. > > Is this possible with macvtap, and if yes, what kind of macvtap mode and usage > would you recommend for that goal? Well current approaches really all boil down to a network device in guest passing us raw packets. Typically this means the backend deals with raw packets as well. For example, macvtap injects raw packets into host device, That's a priveledged operation. For tap you can setup NAT to reduce the priveledge. This is at the moment far from stateless though. I would love to see something that does NAT but does not need priveledges or host state. qemu uses slirp to do (most of) this in userspace but it just seems silly to maintain yet another networking stack just for this. What do others think? -- MST -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
