thr3ads.net - libvirt users - [Question] Should libvirt update live xml accordingly when guest mac is changed? [Aug 2022]

If this information is useful, please help other people find it:
Share via:

Fangge Jin

2022-Aug-30 03:22 UTC

[Question] Should libvirt update live xml accordingly when guest mac is changed?

Hi

I met an issue when testing trustGuestRxFilters:
Attach a macvtap interface with trustGuestRxFilters=?yes? to vm, then
change interface mac address in vm.
Should libvirt update interface mac in live vm xml accordingly? If not, vm
network will be broken after
managedsaving and restoring vm.

BR,
Fangge Jin

Steps:

   1. Start a vm
   2.

   Attach a macvtap interface with trustGuestRxFilters=?yes? to vm

   <interface type='direct'  trustGuestRxFilters='yes'>
     <source dev='enp175s0v0'  mode='passthrough'/>
     <target dev='macvtap0'/>
     <model type='virtio'/>
     <alias name='net1'/>
   </interface>

   3.

   Check vm xml:

   # virsh dumpxml uefi  --xpath //interface
   <interface type="direct" trustGuestRxFilters="yes">
     <mac address="52:54:00:46:88:8b"/>
     <source dev="enp175s0v0" mode="passthrough"/>
     <target dev="macvtap2"/>
     <model type="virtio"/>
     <alias name="net0"/>
     <address type="pci" domain="0x0000"
bus="0x01" slot="0x00" function="0x0"/>
   </interface>

   4.

   Change interface mac in guest:

   # ip link set dev enp1s0 address 52:54:00:9d:a1:1e
   # ip a
   1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
   4: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
fq_codel state UP group default qlen 1000
    link/ether 52:54:00:9d:a1:1e brd ff:ff:ff:ff:ff:ff permaddr
52:54:00:46:88:8b
    inet 192.168.124.5/24 scope global enp1s0
       valid_lft forever preferred_lft forever
   # ping 192.168.124.4
   PING 192.168.124.4 (192.168.124.4) 56(84) bytes of data.
   64 bytes from 192.168.124.4: icmp_seq=1 ttl=64 time=0.240 ms
   64 bytes from 192.168.124.4: icmp_seq=2 ttl=64 time=0.138 ms

   --- 192.168.124.4 ping statistics ---
   2 packets transmitted, 2 received, 0% packet loss, time 1001ms

   5.

   Check vm xml:

   # virsh dumpxml uefi  --xpath //interface
   <interface type="direct" trustGuestRxFilters="yes">
   <mac address="52:54:00:46:88:8b"/>
   <source dev="enp175s0v0" mode="passthrough"/>
   <target dev="macvtap2"/>
   <model type="virtio"/>
   <alias name="net0"/>
   <address type="pci" domain="0x0000"
bus="0x01" slot="0x00" function="0x0"/>
   </interface>

   6.

   Check on host:

   16: macvtap1 at enp175s0v0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500
qdisc noqueue state UP group default qlen 500
    link/ether 52:54:00:9d:a1:1e brd ff:ff:ff:ff:ff:ff
    inet6 fe80::5054:ff:fe46:888b/64 scope link
       valid_lft forever preferred_lft forever

   7.

   Do managedsave and restore

   # virsh managedsave uefi
   Domain 'uefi' state saved by libvirt
   # virsh start uefi
   Domain 'uefi' started

   8.

   Check vm network function:

   # ip a
   1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
   4: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
fq_codel state UP group default qlen 1000
    link/ether 52:54:00:9d:a1:1e brd ff:ff:ff:ff:ff:ff permaddr
52:54:00:46:88:8b
    inet 192.168.124.5/24 scope global enp1s0
       valid_lft forever preferred_lft forever
   # ping 192.168.124.4
   PING 192.168.124.4 (192.168.124.4) 56(84) bytes of data.

   --- 192.168.124.4 ping statistics ---
   3 packets transmitted, 0 received, 100% packet loss, time 2036ms
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://listman.redhat.com/archives/libvirt-users/attachments/20220830/a8e85bcc/attachment.htm>

Michal Prívozník

2022-Sep-26 14:24 UTC

head link

[Question] Should libvirt update live xml accordingly when guest mac is changed?

On 8/30/22 05:22, Fangge Jin wrote:> Hi
> 
> I met an issue when testing trustGuestRxFilters:
> Attach a macvtap interface with trustGuestRxFilters=?yes? to vm, then
> change interface mac address in vm.
> Should libvirt update interface mac in live vm xml accordingly? If not,
> vm network will be broken after
> managedsaving and restoring vm.
> 
> BR,
> Fangge Jin
The MAC is updated accordingly. It's just that it does not survive
save+restore (and thus possibly migration). This is a bug in libvirt,
please file one. What we could do is just before resuming vCPUs, we
could query-rx-filters for those <interface/>s where trustGuestRxFilters
is enabled and change MAC, just like we do when NIC_RX_FILTER_CHANGED
event is delivered.

Michal

libvirt users - Aug 2022 - [Question] Should libvirt update live xml accordingly when guest mac is changed?

[Question] Should libvirt update live xml accordingly when guest mac is changed?

[Question] Should libvirt update live xml accordingly when guest mac is changed?