On Thu, 12 Jan 2023 09:45:39 -0500
Laine Stump
On 1/11/23 1:33 PM, Daniel P. Berrangé wrote:
On Sun, Jan 08, 2023 at 11:11:07PM -0500, Laine Stump wrote:
Initial support for network devices using passt (https://passt.top) for the backend connection will require:
* new attributes of the <backend> subelement: * "type" that can have the value "passt" (to differentiate from slirp, because both slirp and passt will use <interface type='user'>) * "logFile" (a path to a file that passt should use for its logging) * "upstream" (a netdev name, e.g. "eth0").
IMHO this attribute is inappropriate for <backend>....
[...]
+ <interface type='user'> + <mac address='00:11:22:33:44:55'/> + <ip address='172.17.2.0' family='ipv4' prefix='24'/> + <ip address='2001:db8:ac10:fd01::feed' family='ipv6'/> + <portForward proto='tcp' address='2001:db8:ac10:fd01::1:10'> + <range start='22' to='2022'/> + <range start='1000' end='1050'/> + <range start='1020' exclude='yes'/> + <range start='1030' end='1040' exclude='yes'/> + </portForward> + <portForward proto='udp' address='1.2.3.4' dev='eth0'> + <range start='5000' end='5020' to='6000'/> + <range start='5010' end='5015' exclude='yes'/> + </portForward> + <portForward proto='tcp'> + <range start='80'/> + </portForward> + <portForward proto='tcp'> + <range start='443' to='344'/> + </portForward> + <model type='rtl8139'/> + <backend type='passt' logFile='/var/log/loglaw.blog' upstream='eth42'/>
I don't think that 'upstream' is really describing a property of the backend.
This is expressing a traffic routing restriction for the 'user' networking type. IMHO it should probably be using the existing <source dev="xxxx"/> element, that is currently used by the 'direct' networking type.
I'm still not sure *exactly* what it does; it apparently grabs the routes that are fed to the guest from the given host interface; I should probably ask Stefano to explain it to me again (he described it once, but that was along with explanations of several other things).
Yes, it's pretty much that... recycling from the man page: -i, --interface name Use host interface name to derive addresses and routes. Default is to use the interfaces with the first default routes for each IP version. It's not actually a routing restriction -- passt can't do that. The only interface binding that passt implements (with Linux kernel versions >= 5.7) is an optional bound interface specification for port forwarding.
So it's not *exactly* the same as <source dev='xxx'/> for type='direct' (which determines the link-level connection rather than IP routing), but definitely very similar.
Right, I think so too, and "source" is probably a good name for that in any case. -- Stefano