[libvirt-users] Guest still receive packet with vlan tag (SR-IOV transparent VLAN)

Laine Stump laine at laine.org
Sat May 14 00:00:00 UTC 2016 

On 05/13/2016 02:21 PM, Long Hoang wrote:
> Hello everyone,
>
> I'm having problem with SR-IOV transparent VLAN.
> My host is Fedora 22 and my guest is: pfSense 2.3. The NIC is Intel 82576.
>
> I'm using pfSense Packet Capture to check the packet and find that 
> inbound packet still have the vlan tag. The outbound packet seem fine 
> because the router can receive DHCP discover packet from the guest and 
> then send DHCP offer and ARP request packet to the guest (which still 
> have the vlan tag so the guest does not response).
>
> Loading Ubuntu LiveCD in the same VM does not have this issue so I do 
> not know what is the cause? Any idea to diagnose?

This is extremely odd. AFAIK, the vlan tag is stripped off on the card 
before it ever gets to the OS in the guest. Are you certain that the 
guest has no knowledge of the vlan tag, and that the tag is set in the 
card itself (look at the output of "ip link show" for the PF and see if 
that VF has a vlan tag listed).


>
>
> Another problem I have is libvirt does not correctly restore the vf 
> mac address to all zero and then some occasion, there will be 
> duplicate mac address in different vfs which will trigger  spoof checking.
> I found the related mail here 
> https://www.redhat.com/archives/libvir-list/2015-December/msg00478.html 
> which point to this bug 
> https://bugzilla.redhat.com/show_bug.cgi?id=1302166 . The bug only 
> mention to mellanox cards. Do anyone have the same problem (with 
> igb/igbvf driver) ? Or is it fixed in upstream?

The same problem exists in the igb (82576), ixgb and enic drivers (at 
least). I've meant to file a bug against the kernel, but keep getting 
sidetracked while I'm half-finished writing it.

You can kind of work around the problem by setting all your VF macs to 
00:00:00:00:00:01 at boot time:

       for vf in $(seq 0 6)
       do
           ip link set $PF vf 6 mac 00:00:00:00:00:01
       done

Then when it's resetting the MAC, it will reset to a value the kernel 
accepts.

>
>
> _______________________________________________
> libvirt-users mailing list
> libvirt-users at redhat.com
> https://www.redhat.com/mailman/listinfo/libvirt-users


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20160513/496083d6/attachment.htm>

More information about the libvirt-users mailing list