Hello All I was wondering if anyone has setup a domU with direct access to the Ethernet cards? IE, is it possible to setup two domU’s on a machine with 3 Ethernet cards, giving each domU control over an Ethernet card (so that each machine can start a rp-pppoe session over the different Ethernet cards). Thanks Adam Schoeman admin@cho-jin.net -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.394 / Virus Database: 268.10.5/403 - Release Date: 2006/07/28 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Adam Schoeman wrote:> > Hello All > > > > I was wondering if anyone has setup a domU with direct access to the > Ethernet cards? IE, is it possible to setup two domU’s on a machine > with 3 Ethernet cards, giving each domU control over an Ethernet card > (so that each machine can start a rp-pppoe session over the different > Ethernet cards). > > > > Thanks > > > > Adam Schoeman > > admin@cho-jin.net > > > -- > No virus found in this outgoing message. > Checked by AVG Free Edition. > Version: 7.1.394 / Virus Database: 268.10.5/403 - Release Date: 2006/07/28 > > ------------------------------------------------------------------------ > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-usershere we go hide the pci-cards(lspci) that you want to use in domU fire up your dom0 without these devices drivers ... ... module /vmlinuz-2.6-xen root=/dev/hda5 ro console=tty0 max_loop=64 pciback.hide=(0000:00:0c.0)(0000:00:09.0) ... .... now start you domU with the pci device declared in domU config .... pci = [''00:0c.00'',''00:09.00''] .... _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
> here we go > > hide the pci-cards(lspci) that you want to use in domU > > fire up your dom0 without these devices drivers > > ... > ... > module /vmlinuz-2.6-xen root=/dev/hda5 ro console=tty0 max_loop=64 > pciback.hide=(0000:00:0c.0)(0000:00:09.0) > ... > .... > > > now start you domU with the pci device declared in domU config > > .... > pci = [''00:0c.00'',''00:09.00''] > ....ok, but what about sharing this device with other domUs? According to xm man page I can specify vif = [ ''backend=myDriverDomain'' ] which should give access to the network card in the above mentioned domain. but so far I was not able to make that work. Thx for any hints Andrej _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Note, you may/will need to recompile the xen kernel and modules to support your hardware. As the domU kernal and modules will not have the support. Alternatively, you can try and use the dom0 kernel and modules. I use xen 2.x , can anyone say if this is still possible in xen 3.x? Thanks W From: "iambrockz@gmail.com" To: xen-users@lists.xensource.com Subject: Re: [Xen-users] DomU Direct Hardware access Date: Wed, 02 Aug 2006 11:32:47 +0200 MIME-Version: 1.0 Received: from lists.xensource.com ([217.147.82.229]) by bay0-mc6-f4.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444); Wed, 2 Aug 2006 02:38:03 -0700 Received: from localhost ([127.0.0.1] helo=lists.xensource.com)by host-192-168-0-1-bcn-london with esmtp (Exim 4.50)id 1G8DGT-00071R-3A; Wed, 02 Aug 2006 09:43:45 +0000 Received: from [192.168.0.10] (helo=lists.xensource.com)by host-192-168-0-1-bcn-london with esmtp (Exim 4.50)id 1G8DBc-0004g6-73for xen-users@lists.xensource.com; Wed, 02 Aug 2006 09:38:44 +0000 Received: from natklopstock.rzone.de ([81.169.145.174])by lists.xensource.com with esmtp (Exim 4.50) id 1G8D3e-0003Yr-Elfor xen-users@lists.xensource.com; Wed, 02 Aug 2006 09:30:33 +0000 Received: from [192.168.0.118] (p549C7761.dip.t-dialin.net [84.156.119.97])(authenticated bits=0)by post.webmailer.de (8.13.6/8.13.6) with ESMTP id k729WlSD016592for ;Wed, 2 Aug 2006 11:32:48 +0200 (MEST) >Adam Schoeman wrote: >> >>Hello All >> >> >> >>I was wondering if anyone has setup a domU with direct access to >>the Ethernet cards? IE, is it possible to setup two domU’s on a >>machine with 3 Ethernet cards, giving each domU control over an >>Ethernet card (so that each machine can start a rp-pppoe session >>over the different Ethernet cards). >> >> >> >>Thanks >> >> >> >>Adam Schoeman >> >>admin@cho-jin.net >> >> >>-- >>No virus found in this outgoing message. >>Checked by AVG Free Edition. >>Version: 7.1.394 / Virus Database: 268.10.5/403 - Release Date: >>2006/07/28 >> >>------------------------------------------------------------------------ >> >>_______________________________________________ >>Xen-users mailing list >>Xen-users@lists.xensource.com >>http://lists.xensource.com/xen-users > >here we go > >hide the pci-cards(lspci) that you want to use in domU > >fire up your dom0 without these devices drivers > >... >... >module /vmlinuz-2.6-xen root=/dev/hda5 ro console=tty0 max_loop=64 >pciback.hide=(0000:00:0c.0)(0000:00:09.0) >... >.... > > >now start you domU with the pci device declared in domU config > >.... >pci = [''00:0c.00'',''00:09.00''] >.... > > > >_______________________________________________ >Xen-users mailing list >Xen-users@lists.xensource.com >http://lists.xensource.com/xen-users --===============0620240375=Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users --===============0620240375==--
When you specify vif, you are creating a virtual interface, not a way to acces the network card. The setup i have, is the machine has 2 pci network cards. Both using pci_hide, and i create 2 vif as below: vif = [''mac=aa:00:00:00:00:13,bridge=dmz'',''mac=aa:00:00:00:00:12,bridge=intranet''] This means the domU will have 4 eth connections. 2 vritual, 2 physical. It does the routing and is also the dmz server. Other domUs, I have: vif = [''mac=aa:00:00:00:00:15, bridge=intranet''] Allowing that machine to have access to the virtual network connection, intranet. I hope it answers your question. Someone please correct me, if I''m wrong W From: Andrej Radonic To: "iambrockz@gmail.com" CC: xen-users@lists.xensource.com Subject: Re: [Xen-users] DomU Direct Hardware access Date: Wed, 02 Aug 2006 11:44:50 +0200 MIME-Version: 1.0 Received: from lists.xensource.com ([217.147.82.229]) by bay0-mc12-f14.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444); Wed, 2 Aug 2006 02:45:11 -0700 Received: from localhost ([127.0.0.1] helo=lists.xensource.com)by host-192-168-0-1-bcn-london with esmtp (Exim 4.50)id 1G8DNM-0000kT-Gy; Wed, 02 Aug 2006 09:50:52 +0000 Received: from [192.168.0.10] (helo=lists.xensource.com)by host-192-168-0-1-bcn-london with esmtp (Exim 4.50)id 1G8DN0-0000aV-Ijfor xen-users@lists.xensource.com; Wed, 02 Aug 2006 09:50:30 +0000 Received: from manhattan.visp.de ([84.23.254.159])by lists.xensource.com with esmtp (Exim 4.50) id 1G8DF5-0003sV-3kfor xen-users@lists.xensource.com; Wed, 02 Aug 2006 09:42:20 +0000 Received: from manhattan.visp.de ([10.159.10.22] helo=localhost)by manhattan.visp.de with esmtpa (Exim 4.62 id 1G8DHO-000Kl1-2p);Wed, 02 Aug 2006 11:44:42 +0200 >>here we go >> >>hide the pci-cards(lspci) that you want to use in domU >> >>fire up your dom0 without these devices drivers >> >>... >>... >>module /vmlinuz-2.6-xen root=/dev/hda5 ro console=tty0 max_loop=64 >> pciback.hide=(0000:00:0c.0)(0000:00:09.0) >>... >>.... >> >> >>now start you domU with the pci device declared in domU config >> >>.... >>pci = [''00:0c.00'',''00:09.00''] >>.... > >ok, but what about sharing this device with other domUs? > >According to xm man page I can specify vif = [ >''backend=myDriverDomain'' ] which should give access to the network >card in the above mentioned domain. but so far I was not able to >make that work. > >Thx for any hints > >Andrej > >_______________________________________________ >Xen-users mailing list >Xen-users@lists.xensource.com >http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
William Man schrieb:> When you specify vif, you are creating a virtual interface, not a way to > acces the network card. > > The setup i have, is the machine has 2 pci network cards. Both using > pci_hide, and i create 2 vif as below: > > vif = > [''mac=aa:00:00:00:00:13,bridge=dmz'',''mac=aa:00:00:00:00:12,bridge=intranet''] > > > This means the domU will have 4 eth connections. 2 vritual, 2 physical. > It does the routing and is also the dmz server. > > Other domUs, I have: > > vif = [''mac=aa:00:00:00:00:15, bridge=intranet''] > > Allowing that machine to have access to the virtual network connection, > intranet. >It''s the concept of "driver domain" what I am after: to have a domU which has exclusive access to a NIC. the driver is encapsulated in the domU and ensures security and stability of the overall system. other domUs should be able to use this "driver" for network access. if you specify "vif" then implicitly dom0 is accessed for network connections. but there is also the vif-parameter "backend" which should enable the domU to specify a different "dom0" (in this case a domU as driver domain with privileges). is it becoming clear what I am trying to achieve? thx, Andrej _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Wed, Aug 02, 2006 at 04:47:08PM +0200, Andrej Radonic wrote:> to have a domU which has exclusive access to a NIC. the driver is > encapsulated in the domU and ensures security and stability of the > overall system.Only if you have an isolation capable IOMMU in the machine... Cheers, Muli _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Muli Ben-Yehuda wrote:> On Wed, Aug 02, 2006 at 04:47:08PM +0200, Andrej Radonic wrote: > >> to have a domU which has exclusive access to a NIC. the driver is >> encapsulated in the domU and ensures security and stability of the >> overall system. >> > > Only if you have an isolation capable IOMMU in the machine... >Muli, sorry for keeping on picking at this: but what is the "backend" parameter in the vif statement then for (also found in block-attach as well as network-attach)? I thought it makes no difference to a domU if it accesses a device in dom0 or domU-X ... Thx, Andrej _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Thu, Aug 03, 2006 at 06:09:40AM +0200, Andrej Radonic wrote:> Muli, > sorry for keeping on picking at this: but what is the "backend" > parameter in the vif statement then for (also found in block-attach as > well as network-attach)? > I thought it makes no difference to a domU if it accesses a device in > dom0 or domU-X ...Sorry, if I knew I would''ve answered already :-) you might want to take a look at the code and try to figure out how it''s used. Cheers, Muli _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users