-----"Chuck Lever" <chuck.lever@xxxxxxxxxx> wrote: ----- >To: "Bernard Metzler" <bmt@xxxxxxxxxxxxxx> >From: "Chuck Lever" <chuck.lever@xxxxxxxxxx> >Date: 02/12/2021 02:04PM >Cc: "linux-rdma" <linux-rdma@xxxxxxxxxxxxxxx>, "Benjamin Coddington" ><bcodding@xxxxxxxxxx> >Subject: [EXTERNAL] Re: directing soft iWARP traffic through a secure >tunnel > > >> On Feb 12, 2021, at 7:37 AM, Bernard Metzler <bmt@xxxxxxxxxxxxxx> >wrote: >> >> -----"Chuck Lever" <chuck.lever@xxxxxxxxxx> wrote: ----- >> >>> To: "linux-rdma" <linux-rdma@xxxxxxxxxxxxxxx> >>> From: "Chuck Lever" <chuck.lever@xxxxxxxxxx> >>> Date: 02/11/2021 08:38PM >>> Cc: "Benjamin Coddington" <bcodding@xxxxxxxxxx> >>> Subject: [EXTERNAL] directing soft iWARP traffic through a secure >>> tunnel >>> >>> Hi- >>> >>> This might sound crazy, but bear with me. >>> >>> The NFS community is starting to hold virtual interoperability >>> testing >>> events to replace our in-person events that are not feasible due >to >>> pandemic-related travel restrictions. I'm told other communities >have >>> started doing the same. >>> >>> The virtual event is being held on a private network that is set >up >>> using OpenVPN across a large geographical area. I attach my test >>> systems to the VPN to access test systems run by others at other >>> companies. >>> >>> We'd like to continue to include NFS/RDMA testing at these events. >>> This means either RoCEv2 or iWARP, since obviously we can't create >>> an ad hoc wide-area InfiniBand infrastructure. >>> >>> Because the VPN is operating over long distances, we've decided to >>> start with iWARP. However, we are stumbling when it comes to >>> directing >>> the siw driver's traffic onto the tun0 device: >>> >>> [root@oracle-100 ~]# rdma link add siw0 type siw netdev tun0 >>> error: Invalid argument >>> [root@oracle-100 ~]# >>> >>> Has anyone else tried to do this, and what was the approach? Or >does >>> siw not yet have this capability? >>> >> >> Hi Chuck >> >> right. Attaching siw is currently restricted to some physical >> device types. This now appears a useless limitation, since >> it prevents its usage in the given setup, where it would >> be just useful... >> Relaxing that limitation is a rather simple code change in siw >> - but that would not help you asap? >> >> In any case I'd be happy to help with a fix, but participants >> would have to rebuild the siw module...probably no option? > >Participants bring code and build infrastructure. A patch now >would be great, and we can provide you with Tested-by: ! > > How does this tunnel device look like? What does ifconfig or ip show? Probably NOARP and no HW address? Or should I better setup a VPN client to your network to see what is needed? Best, Bernard.
