> From: Jason Wang <jasow...@redhat.com> > Sent: Tuesday, August 8, 2023 10:03 AM
> > This option because it is in use by very big and mature eco system of > > multiple > sw stacks, kernel subsystem, drivers, and nics for several years now. > > > > > A drawback of using switch is that it introduces dependencies. > > > > > Feature is not a dependency. :) > > Well, I meant you need a switch in order to let the IP filter work then. > Ok. > > > > > > A virtio switch object can be part of a existing virtio device or > > > > a new virtio > > > device type in itself. > > > > > > That's fine. > > > > > > > > > > > Xuan, > > > > As we discussed, since the owner device packets also needs to be > > > > filtered, potentially outside of the owner device itself, > > > > > > This seems the admin request out of the scope of virtio. > > > > > Not really, it could be virto switch device that manage PF also. > > At that point, there may be two functions, PF and switching PF, switching PF > filters the traffic of the PF. > > That's fine. But such filtering needs to be done in a switch specific way not > via > the admin command/virtqueue. A switch object needs a generic flow filter vq(s) to meet the high rate needed. Several of us have worked through the flow filter vq for few several weeks on bi-weekly basis and over public mailing lists. We can differ the design discussion once we have clarity on requirements. :)
