6 Replies Latest reply on Jan 12, 2017 9:40 PM by Intel Corporation

    Xeon-D 1541 SR-IOV VF in Promiscuous mode

    esealing

      Hi,

       

      I am using a Xeon-D 1541, with (2) x552/x557 10G Ethernet cards. I am able to enable VFs and have the latest Linux Kernel/iproute2 (both v4.8.0). I am attempting to put a VF into "Promiscuous Mode" with a VLAN tag for a security monitoring container. I can enable "trust mode", which should allow promiscuous traffic, however I can only see packets that are destined for the VF MAC address or broadcast packets.

       

      Does the x552/x557 support unicast/multicast promiscuous mode in VFs?

       

      Some Specific configuration information:

      [root@localhost ~]# modinfo ixgbe

      filename:       /lib/modules/3.10.0-514.el7.x86_64/kernel/drivers/net/ethernet/intel/ixgbe/ixgbe.ko

      version:        4.4.0-k-rh7.3

      license:        GPL

      description:    Intel(R) 10 Gigabit PCI Express Network Driver

      author:         Intel Corporation, <linux.nics@intel.com>

      rhelversion:    7.3

      srcversion:     E85AB43E463B4B0083D9BE3

       

       

      [root@localhost ~]#ip link show

      5: eno4: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT qlen 1000

          link/ether 0c:c4:7a:c4:ad:7f brd ff:ff:ff:ff:ff:ff

          vf 0 MAC 06:9f:fb:7b:1b:9f, vlan 1000, spoof checking off, link-state auto, trust on

          vf 1 MAC 7e:12:a8:d2:59:76, vlan 2000, spoof checking off, link-state auto, trust on

       

      [root@localhost ~]#ifconfig

      eno4: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500

              ether 0c:c4:7a:c4:ad:7f  txqueuelen 1000  (Ethernet)

              RX packets 22  bytes 6232 (6.0 KiB)

              RX errors 0  dropped 0  overruns 0  frame 0

              TX packets 0  bytes 0 (0.0 B)

              TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

       

       

      enp3s16f1: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500

              inet6 fe80::49f:fbff:fe7b:1b9f  prefixlen 64  scopeid 0x20<link>

              ether 06:9f:fb:7b:1b:9f  txqueuelen 1000  (Ethernet)

              RX packets 21  bytes 6126 (5.9 KiB)

              RX errors 0  dropped 0  overruns 0  frame 0

              TX packets 8  bytes 648 (648.0 B)

              TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

       

       

      enp3s16f3: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500

              ether 7e:12:a8:d2:59:76  txqueuelen 1000  (Ethernet)

              RX packets 1  bytes 78 (78.0 B)

              RX errors 0  dropped 0  overruns 0  frame 0

              TX packets 49  bytes 8310 (8.1 KiB)

              TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

       

      The physical interface (eno4) is able to see all packets, but the VF interface (enp3s16f1) is not able to show promiscuous packets.

       

      Does the x552/x557 support unicast/multicast promiscuous mode in VFs? If so, is this a hardware, driver, kernel, or user error.

       

      Thanks in advance!