Hi,
I'm trying to configure FreeBSD VMs with redundant VF-based network connections, but the MAC filters are giving me trouble.
While some newer network cards support VF-LAG, i.e. the network chip is put into switchdev mode, the LAGG part, be it active-backup or LACP, is offloaded to hardware and the VMs just get a single virtual function, many of my older systems and network cards do not. This requires me to find another solution, which is why I tried giving each VM two virtual functions, one per physical function. Now I need to configure LAGG in the virtual machine while the virtual functions have fixed MAC addresses, assigned at VM start. I don't want to set the VFs to trusted, so that they can change their MAC addresses.
I followed the configuration example found in https://man.freebsd.org/cgi/man.cgi?lagg and adjusted it to my setup:
As expected, when I set iavf0 down, the second interface is given the MAC address of the first, so that the MAC of lagg0 remains constant. Since these are VFs with hard-coded MACs, this doesn't work.
Under Linux there is the option fail_over_mac, which causes the MAC address of lagg0 to always be that of the active port. While this causes problems until the ARP entries are refreshed, at least it works in this scenario.
How is this problem solved in FreeBSD?
Despite searching for quite some time, I couldn't come up with a solution. Can someone please point me in the right direction?
I'm trying to configure FreeBSD VMs with redundant VF-based network connections, but the MAC filters are giving me trouble.
While some newer network cards support VF-LAG, i.e. the network chip is put into switchdev mode, the LAGG part, be it active-backup or LACP, is offloaded to hardware and the VMs just get a single virtual function, many of my older systems and network cards do not. This requires me to find another solution, which is why I tried giving each VM two virtual functions, one per physical function. Now I need to configure LAGG in the virtual machine while the virtual functions have fixed MAC addresses, assigned at VM start. I don't want to set the VFs to trusted, so that they can change their MAC addresses.
I followed the configuration example found in https://man.freebsd.org/cgi/man.cgi?lagg and adjusted it to my setup:
Code:
cloned_interfaces="lagg0"
ifconfig_lagg0="laggproto failover laggport iavf0 laggport iavf1 10.0.30.133/24"
ifconfig_iavf0="up"
ifconfig_iavf1="up"As expected, when I set iavf0 down, the second interface is given the MAC address of the first, so that the MAC of lagg0 remains constant. Since these are VFs with hard-coded MACs, this doesn't work.
Under Linux there is the option fail_over_mac, which causes the MAC address of lagg0 to always be that of the active port. While this causes problems until the ARP entries are refreshed, at least it works in this scenario.
How is this problem solved in FreeBSD?
Despite searching for quite some time, I couldn't come up with a solution. Can someone please point me in the right direction?