Comments (7)
edwarnicke
commented on June 23, 2024
1
Be careful. What we are doing here is having the forwarder program the PF (physical interface) so that the VF (virtual interface) push/pops the correct vlan or vxlan tags. This should be true whether or not the mechanism the VF is using is kernel or vfio. Also, in contrast to other efforts... the vlan tag is not to be pushed by software in the kernel, we are programming the PF so that the particular VF is having its vlan tag push/popped in hardware by the NIC.
from sdk-sriov.
glazychev-art
commented on June 23, 2024
@edwarnicke
Do I understand correctly that we need to implement a feature that allows to send VLAN-tagged traffic by virtual functions (VF)?
We currently only have one VLAN on the Packet cluster, which we configure when the server starts. And the server's network configuration does not need to be VLAN-aware (see https://deploy.equinix.com/developers/docs/metal/layer2-networking/layer2-mode/#server-configuration-unbonded).
For this feature, we need to explicitly tag the traffic. Am I right?
from sdk-sriov.
glazychev-art
commented on June 23, 2024
Current state:
- Solved the problem with the VLAN on the packet. (for unknown reasons, at least 2 VLANs must be used)
- Manually configured SriovKernel2Noop example with tagged VF.
- [In progress] Manual configuring Vfio2Noop
Unresolved issues:
- Should we consider adding a new application? For example, remotevlan has cmd-nse-remote-vlan that configures
gwandvlan. But our current SriovKernel2Noop doesn't have something similar, we use simple cmd-nse-icmp-responder. Should we reuse the current chain elements for configuration? For example, ethernetcontext is very similar what we need.Calico CNI plugin (not VPP) on kubernetes cluster may stop working after manipulating vlan/ip addresses. Need to test more.Because we will now assign VLANs in deployment-k8s (in the endpoint configuration), there is a problem of VLANs overlapping when running a default and Calico-VPP clusters at the same time. These tests from different clusters will affect each other.Edited: I think we can consider using differentfacilitypacket option for the default and Calico-VPP CNI
from sdk-sriov.
glazychev-art
commented on June 23, 2024
Current state:
- Run Vfio2Noop example with vlan tagged VFs.
Question:
When we use VLAN tags, we set them in the NSE config. For example:
- Remote VLAN - https://github.com/networkservicemesh/deployments-k8s/blob/main/examples/remotevlan/patch-nse.yaml
metadata:
name: nse-remote-vlan
...
- name: NSM_SERVICES
value: "finance-bridge { vlan: 100; via: gw1}"
- Vfio2Noop will look like:
metadata:
name: nse-vfio
...
- name: NSM_SERVICE_NAMES
value: "[email protected]: { addr: 0a:55:44:33:22:11; vlan: 1044 }"
They use cmd-nse-remote-vlan and cmd-nse-vfio which parse the config.
The point is that for SriovKernel2Noop we need something similar because it uses a simple cmd-nse-icmp-responder. Should we add a new application, or modify existing ones? Perhaps we need to consider cmd-nse-vlan-vpp?
@denis-tingaikin @edwarnicke
Any thoughts would be helpful!
from sdk-sriov.
glazychev-art
commented on June 23, 2024
What else needs to be done on this issue:
- Merge prepared PRs (see above)
- Create a new or modify existing NSE app (see #489 (comment))
- Modify our deployment-k8s example (most of it is already done locally)
- Modify integration-k8s-packet setup (most of it is already done locally)
- Testing
from sdk-sriov.
glazychev-art
commented on June 23, 2024
Vlan tagged Vfio2Noop example
Passing a Request in the Vfio2Noop test with VLAN tag:
Forwarder-1 uses netlink to add a VLAN-tag (see ethernetcontext)
@edwarnicke
Is this diagram correct for Vfio2Noop?
from sdk-sriov.
glazychev-art
commented on June 23, 2024
Looks like done - networkservicemesh/deployments-k8s#9129
from sdk-sriov.
Related Issues (15)
- Compact PCIAddress list instead of multiple mechanisms. HOT 3
- SR-IOV forwarder fails with panic on NSMgr restart
- implement resource pool client HOT 9
- adapt to use connectioncontextkernel from sdk-kernel
- sdk-sriov has dataraces
- sdk-sriov is not updated to latest sdk-kernel HOT 6
- implement sriov token server chain element HOT 3
- Add support for sriov 'vlan' or 'vxlan' remote mechanism HOT 2
- VFIO tests are unstable
- unit test TestVFIOServer_Request is unstable on ci
- unit test TestVFIOServer_Close is unstable on ci
- Rework VFIO Tests
- Add config reader for endpoint
- Reset all VFs for the PF on creation
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sdk-sriov.