Xen project Mailing List

Re: [Xen-users] forcing HVM to specific network model with PV-aware FreeBSD DomU

To: Andreas Pflug <pgadmin@xxxxxxxxxxxxxxxxx>, <xen-users@xxxxxxxxxxxxx>

From: Ian Campbell <ian.campbell@xxxxxxxxxx>

Date: Thu, 15 Oct 2015 15:21:25 +0100

Delivery-date: Thu, 15 Oct 2015 14:22:57 +0000

List-id: Xen user discussion <xen-users.lists.xen.org>

On Thu, 2015-10-15 at 12:31 +0200, Andreas Pflug wrote: > Hi! > > For quite a while, I've been running several pfSense firewall DomUs up > to version 2.15 on Xen. Since the FreeBSD kernel 8.3 of pfSense wasn't > xen-aware the model e1000 was used, and I had all networking features as > expected though performance was degraded. > > When the new pfSense 2.2 was introduced, the kernel changed to FreeBSD > 10.1 which now (finally!) includes a xen netfront driver, promising a > vastly improved performance. Unfortunately, its implementation is quite > sketchy: > - offloading issues, which can be worked around by disabling tx > offloading using a custom vif-script > - VLANs are not supported. Can be achieved with multiple bridges in > Dom0, if 8 are enough. If you need more, you're out of luck. > - ALTQ not supported. No known workaround, preventing any traffic > shaping. > > On the FreeBSD side, it is said that the xn xen netfront driver can't be > disabled at boot time, unless a custom kernel is built (certainly not > desirable regarding security updates), so: "can't be disabled" also implies not being able to avoid unplugging the emulated path I take it? Otherwise you could just configure the emulated NIC and leave the PV one down. > How can I disable xen-netback drivers for a specific HVM? It should > respect the "model=e1000" setting (or maybe virtio?). I'm running Xen > 4.4 on Debian. According to http://xenbits.xen.org/docs/unstable/misc/xl-network-configuration.html the choices are: * Emulated + PV * PV only Unfortunately Emulated only is not a choice. I think the right answer would be to request that FreeBSD implements some way to keep the Emulated path and disable the PV path (e.g. similar Linux's xen_emul_unplug command line parameter). Oh, I just remembered that you can set xen_platform_pci=0 in your guest cfg, that will turn of all PV extensions though, not just network. Ian. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.