On 11/29/2011 9:19 AM, Ben Hutchings wrote:
On Tue, 2011-11-29 at 16:35 +0000, Ben Hutchings wrote:Maybe I missed something! Let's be clear on what our models are for filtering. At the moment we have MAC filters set through ndo_set_rx_mode and VF filters set through ndo_set_vf_{mac,vlan}. Ignoring anti-spoofing for the moment, should the currently defined filters look like this (a): TX ^ | RX | v +------------------+---+-----------------+ | | ++------------+ | | | |RX MAC filter| | | | ++------------+ | | | |match | | ^ v | | | ++------------+ | | | |RX VF filters| | | | +-------+-----+ | | /|\ no /|\ | | | | \ match/ | |match 2 | | | ^ \ / v | | | | | \ /match| | | | \ \/ 1/ | | | | \ /\ / | | | ^ \/ \/ v | | | /\ /\ | | | | / || \ | | | | / || \ | | | | / || \ | | | || || || | +----------------++-----++-----++--------+ || || || PF VF 1 VF 2 or like this (b): TX ^ | RX | v +------------------+---+-----------------+ | | ++------------+ | | | |RX VF filters| | | | ++--------+---+ | | | no|match /| | | ^ v | | | | | +-+----+ | | | | | |RX MAC| | | | | | |filter| | | | | | +------+ | | | | | |match | | | | /|\ | | | | | | | \ | match| |match 2 | | | ^ \/ 1 v | | | | | /\ | | | | | \/ \ / | | | | /\ \ / | | | ^ / \ \/ v | | || \ /\ | | | || || \ | | | || || \ | | | || || \ | | | || || || | +----------------++-----++-----++--------+ || || || PF VF 1 VF 2 I think the current model is (a); do you agree? So is the proposed new model something like this (c):Corrected diagram: TX ^ | RX | v +------------------+---+-----------------+ | | ++------------+ | | | |RX MAC filter| | | ^ ++------------+ | | | |match | | no match| v | | +----------------+ ++------------+ | | |loopback filters| |RX VF filters| | | +---------+-----++ +-------+-----+ | | /|\ /|\ match /|\ | | v | `-+>+-+-.2 / | | | | \ \ | |m \ \ / | | | | match 0\ `-+-+.a \ \ / v | | | \ | | \t \ X / | | | \ | \ \c X \ / | | | \| \ \h \ X | | | \ \/\1 X \ v | | || /\ |/ \ \ | | | |v / || \ \| | | || / ^| \ | | | ||/ |v || | | || || || | +----------------++-----++-----++--------+ || || || PF VF 1 VF 2(I've labelled the new filters as loopback filters here, and I'm still leaving out anti-spoofing.) If not, please explain what the new model *is*.
The new model is to incorporate a VEB into the NIC. The current model doesn't address any of the requirements of a VEB in the NIC and this proposed set of patches allow us to set MAC filters for the *ports* on the internal NIC VEB. Consider the PF and each of the VFs as just a port on the VEB. We need the ability to set L2 filters (MAC, MC and VLAN) for each of the ports on that VEB. There is no currently supported method for doing this. So yes, this is a new model although it's a fairly simple one.
If you have an alternative proposal for allowing us to set L2 filters for the ports on our NIC VEB then I'm all ears (or eyes as the case may be).
- Greg -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
