[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] mark nic as trusted
|
From: |
Jamie Lokier |
|
Subject: |
Re: [Qemu-devel] [PATCH] mark nic as trusted |
|
Date: |
Sat, 10 Jan 2009 02:27:59 +0000 |
|
User-agent: |
Mutt/1.5.13 (2006-08-11) |
Dor Laor wrote:
> As the guest OS's TCP is being used, what do you do about IP address
> space conflicts?
>
> I.e. if NIC #1 is the guest's LAN, and NIC #2 is the vmchannel, how
> is
> the vmchannel NIC going to be configured in a way that's guaranteed
> to
> avoid breaking the LAN networking, which could be assigned any legal
> subnet (especially when bridging is used), and on some networks
> changes from time to time?
>
> Perhaps vmchannel will only use IPv6, so it can confidently pick a
> unique link-local address?
>
> We plan to pick link local subnets for ipv4.
> It solved all the above questions.
Using an ipv4 link local subnet for the vmchannel may break many
guests. The guest's LAN may also be configured with a link local
subnet, so routing will get messed up.
When bridged to the host LAN, any Windows guest on a LAN without DHCP
will break, for example; so will current Linux distros. They use a
link local subnet for the LAN interface, when DHCP is not detected.
(They might do something else when there's a second NIC, though. That
would just be a further complication - you want the vmchannel NIC to
have no visible effect other than the vmchannel apps working).
In fact, the guest's LAN may regularly _change_ between a link local
subnet, a public IP subnet, and a private scope IP subnet (192.168..),
while the guest is running.
This can happen if the guest is bridged to the host's LAN, and the
host is on a network where DHCP is working sometimes, or where the
host is being moved between networks such as a laptop host.
> w.r.t the option of using virtio nic, there is advantage of using
> any other nic since this way there is no requirement to install
> virtio driver on windows or on other older Linux/other OSs.
I agree. Simple vmchannel monitoring apps may port easily to OSes
which don't have a virtio driver, or even run without any changes if
they're simple enough and statically linked.
-- Jamie
- Re: [Qemu-devel] [PATCH] mark nic as trusted, (continued)
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Anthony Liguori, 2009/01/10
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Jamie Lokier, 2009/01/10
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Blue Swirl, 2009/01/11
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Carl-Daniel Hailfinger, 2009/01/11
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Dor Laor, 2009/01/11
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Blue Swirl, 2009/01/11
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Dor Laor, 2009/01/11
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Jamie Lokier, 2009/01/11
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Gleb Natapov, 2009/01/12
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Dor Laor, 2009/01/12
- Re: [Qemu-devel] [PATCH] mark nic as trusted,
Jamie Lokier <=
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Anthony Liguori, 2009/01/08
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Jamie Lokier, 2009/01/09
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Anthony Liguori, 2009/01/10
- Re: [Qemu-devel] [PATCH] mark nic as trusted, Jamie Lokier, 2009/01/10