For question #1, the answer is yes as long as the VF's are on the same PF. In this case the internal hardware in the PF will see that the desitnation MAC address is another VF and will move the data to the VF, without going out the physical wire. This does not prevent that VF from talking to the outside world however. You can accomplish this by assigning VLANs to the VF on each VM you want to isolate.
For the 2nd question - you need to have a physical link for VF to VF communication, as the physical link status of the PF is replicated to the VF.
Thx for the answers.
For 1), even if I assign different VLAN to different VM, the traffic will still be sent out on wire. If there is another server/VM connected to the wire w/ the same VLAN, they will still talk to each other. I am looking at the possible to completely isolate traffic from a set of VF. Do you know if the embeded switch the the 82576 can be configured in this way, even if the current driver does not implement it?
For 2), How about loopback internally? The current driver does some kind of loopback test when "ethtool -t" is invoked. Will that same loopback setup func work for my purpose? Will any traffic sent by a VF be received back by that VF (multicast for example) if using that loopback setup code?
If you have 2 VF's on the same PF the traffic gong back and forth should not go out the physical port if it is directed traffic(not broadcast or multicast). If it is going outside, something may not be configured correctly.
The loopback (where you loop traffic back to the VF it came in on) is not enabled within the driver as it is considered a debug feature. This is not to say that you could not go modify the PF driver to enable it. I believe I have some recommendations on that in the SR-IOV Toolkit: http://communities.intel.com/community/wired/blog/2010/06/09/announcing-the-intel-ethernet-sr-iov-toolkit-v11
Been doing some searches over the forum regarding SR-IOV + Multicasting, I seem not to be able to send/receive any multicast traffic through any VM using a VF, I have everything working fine and BIOS got all dependant parameters enabled for SR-IOV, CPU is an E5-2620 0 @ 2.00GHz and I have the 82599 controller.
Hope you can shed some light!
If you can provide some additional information, it will help me to better understand your situation:
- Host OS type and version
- Guest OS type and version
- Ixgbe driver versions for PF and VF
- Server type and BIOS version
- Confirm VT-D and SR-IOV is enabled
- Is Physical function’s Promiscuous mode turned on?