[pve-devel] [PATCH pve-common] network: disable unicast flooding on tap|veth|fwln ports
Thomas Lamprecht
t.lamprecht at proxmox.com
Wed Sep 15 19:09:28 CEST 2021
On 15.09.21 17:33, alexandre derumier wrote:
> I have looked at other hypervisors implementations (as it don't see to
> have problem with hetzner),
>
>
> https://listman.redhat.com/archives/libvir-list/2014-December/msg00173.html
>
>
> https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/administration/GUID-C5752084-A582-4AEA-BD5D-03FE5DBC746E.html
>
>
> Both vmware && libvirt have a mode to manually manage fdb entries in
> bridge mac table.
>
> This will work if only 1mac is behind 1 nic, so it should be an option
> (nested hypervisor for examples).
>
> but for classic vm , it could allow to disable unicast_flood &&
> learning for the tap interface, but also promisc mode on tap interface!
>
> I was think about add an option on vmbrX or vnetX directly to
> enable/disable.
As this would be on the VM tap devices it would sound somewhat reasonable to
have it as per vNIC setting, but naturally it would then be a bit annoying to
change for all; a tradeoff could be to allow setting the default value per
bridge, node or datacenter (I'd do only one of those).
What do you think?
>
> I'm going to do tests, testing vlan aware && live migration too.
great, thanks for your work on this!
More information about the pve-devel
mailing list