On Sun, Apr 26, 2015 at 10:51:34AM +0800, wh.h(a)foxmail.com wrote:
How does the libvirt deal with the vnet mac address?
Greetings,
if I establish a network for the VM (hypervisor is KVM) using bridge in
the virt-manager , a vnet0 device is created . There are some relationships
about mac address between the vnet0 device in the hypervisor and the ethX
device in the VM, for example :
the mac address of vnet0 is FE:54:00:84:E3:62
the mac address of ethX in the VM is 52:54:00:84:E3:62
two mac addresses above are almost the same except the first part of the address .
but if I created a tap device manually ,
tunctl -t tap0 -u root
brctl addif br0 tap0
and add tap0 to the VM, I will find that mac address between the tap0 device
in the hypervisor and the ethX device in the VM will totally different . so
I think that libvirt must do something about the mac address handling, could
you please kindly tell me something about this ?
When first created, the kernel assigns the tap device a completely random
MAC address. This bears no relation to the MAC address that is used in the
guest OS.
When you create a bridge device it initially has a MAC address of all zeros,
and when you add NIC devices to the bridge, its MAC address gets update to
the numerically lowest MAC address of all the NICs. The problem is that
when the kernel assigns MAC addresses randomly, one of these random MAC
address might be numerically lower than the bridge's current MAC address.
So the effect is that when you start/stop guests, and their TAP devices
get added/removed from the bridge, the bridge's own MAC address will
occassionally change which is a bad thing.
So deal with this, libvirt will set all guest TAP devices so that they
have a MAC address with 0xFE as the first byte. The real physical NIC
added to the bridge is thus guaranteed to have a smaller MAC address,
and so the bridge will permanently use the MAC address of the physical
NIC, which is what we want.
For bridges which do not have any physical NIC, libvirt will create a
dummy TAP device, not connected to any guest, and give it a small MAC
address. This ensures again ensures the bridge MAC address won't change
when guests start/stop.
How does the libvirt establish the arp table in the hypervisor if
the
vnet0 device in the hypervisor and the ethX device in the VM is
different?
The MAC address of the TAP device is actually totally irrelevant for
the ARP table maintenance.
If a packet arrives on the bridge and the IP doesn't have a ARP table
mapping, the bridge will just send it to all connected TAP devices.
When a packet arrives from a guest TAP, the source MAC address will
be used to populate the ARP table.
In neither case does the MAC address of the TAP device itself have
any involvement.
The only time the TAP device MAC address has any effect is when
the kerenel auto-assigns a MAC to the bridge device as explained
above.
If I want to create tap device manually , how should I deal
with the mac address ?I have setup the mac address of the
tap0 device in the hypervisor and the ethX device in the VM
in the same way with libvirt , but the network of VM cannot
work.
As mentioned above, the TAP device MAC can be pretty much anything,
but we'd recommend using 0xFE as the first byte.
Regards,
Daniel
--
|:
http://berrange.com -o-
http://www.flickr.com/photos/dberrange/ :|
|:
http://libvirt.org -o-
http://virt-manager.org :|
|:
http://autobuild.org -o-
http://search.cpan.org/~danberr/ :|
|:
http://entangle-photo.org -o-
http://live.gnome.org/gtk-vnc :|