On Mon, Aug 28, 2017 at 06:03:16PM -0400, Bryan Harris wrote:
> Hi folks,
>
> I am in the learning process about vmd. When I read the vmctl(8) man
> page I have incorrectly got the idea that I can have a VM that has a
> vio interface but without a mapping to a host tap interface, simply by
> omitting the -i option from the "vmctl start vmX" command. However,
> if I read carefully the vm.conf(5) man page I see that there is no way
> to create any VM vio which does not map to a host tap.
>
Yes, because this is the way in which traffic is supplied to the guest VM.
> >From vmctl(8) page:
>
> If the -i option is specified during VM startup, a corresponding number
> of host-side tap(4) interfaces will be allocated and mapped to the vio(4)
> interfaces inside the guest VM.
>
> >From vm.conf(5) page:
>
> Network interface to add to the VM. The optional name can be
> either `tap' to select the next available tap(4) interface on the
> VM host side (the default) or tapN to select a specific one.
>
> Hopefully I am reading properly. There is no such way to have a VM
> vio without a mapping to the host tap. Is there any future idea to
> have a vio inside the VM which does not connect to the tap on the
> host?
>
> If the vio is connected to the virtual switch, and the switch is
But the vio(4) interface isn't visible to the host. So what you said there
doesn't make sense. It's connected to the switch *via* the corresponding
tap interface on the host.
> connected to vether0, and the vether0 is on the host, and the host has
> forwarding=1, then I thought it might be possible.
>
> Here is my purpose in asking about all this. Every time I create a VM
> I have to put stuff in the host pf.conf in order to pass the traffic,
> and I have had a hard time using any rule except one like below. Is
> there any way to pass all VM vio<->host tap traffic, or is there a way
> to bypass this need to change the pf rules each time?
>
> pass on { vether0 tap0 tap1 tap2 tap3 tap4 tap5 tap6 tap7 tap8 tap9 }
what about just:
pass
???
> Thanks all.
>
> V/r,
> Bryan
>
