Re: MAC addresses to use for BHyve VM's running under FreeBSD?
Am 05.02.2014 um 08:03 schrieb Craig Rodrigues: Hi, I am running many BHyve VM's and am using tap interfaces with a single bridge. I am configuring the IP addresses of these VM's via DHCP. I need to have separate MAC addresses for each VM. Can anyone recommend a range of MAC addresses to use? I seem to recall that at the 2013 FreeBSD Vendor Summit in Sunnyvale, California, that George mentioned that there might be a Organizational Unique Identifier (OUI) for the FreeBSD project that we can use for BHyve VM's. Is that right? If not, can people recommend a range of addresses to use? http://standards.ieee.org/develop/regauth/oui/public.html Using Search the Public MA-L Listing with search term FreeBSD reveals.. --- snip --- Here are the results of your search through the public section of the IEEE Standards OUI database report for freebsd: 58-9C-FC (hex) FreeBSD Foundation 589CFC (base 16) FreeBSD Foundation P.O. Box 20247 Boulder CO 80308-3247 UNITED STATES --- snap --- Regards, K. -- GPG-Key: A593 E38B E968 4DBE 14D6 2115 7065 4D7C 4FB1 F588 Key available from hkps://hkps.pool.sks-keyservers.net PGP.sig Description: Signierter Teil der Nachricht
Re: MAC addresses to use for BHyve VM's running under FreeBSD?
On Feb 5, 2014, at 3:33 , Kai Gallasch k at free.de wrote: Am 05.02.2014 um 08:03 schrieb Craig Rodrigues: Hi, I am running many BHyve VM's and am using tap interfaces with a single bridge. I am configuring the IP addresses of these VM's via DHCP. I need to have separate MAC addresses for each VM. Can anyone recommend a range of MAC addresses to use? I seem to recall that at the 2013 FreeBSD Vendor Summit in Sunnyvale, California, that George mentioned that there might be a Organizational Unique Identifier (OUI) for the FreeBSD project that we can use for BHyve VM's. Is that right? If not, can people recommend a range of addresses to use? http://standards.ieee.org/develop/regauth/oui/public.html Using Search the Public MA-L Listing with search term FreeBSD reveals.. --- snip --- Here are the results of your search through the public section of the IEEE Standards OUI database report for freebsd: 58-9C-FC (hex) FreeBSD Foundation 589CFC (base 16) FreeBSD Foundation P.O. Box 20247 Boulder CO 80308-3247 UNITED STATES --- snap --- Correct, that is an address that the Foundation has registered with the IEEE. If you look at sys/net/ieee_oui.h you will see that I’ve allocated a range to bhyve already. At work, we modified the bhyverun command to seed the hostname of them machine running the hypervisor as part of the generate a MAC address routine. That means that for virtual machine foo, you now get different MACs on server bar and server baz. Without this patch, you're likely to get identical MAC addresses for virtual machine foo on different servers. I personally also have my virtual machines set bit 2 in the first octet of the MAC address, so it falls into the locally administered catagory of MAC addresses. My gut feel is that using the FreeBSD OUI bhyve range, *AND* setting the locally administered bit in the MAC address is the way to go. -Kurt diff --git a/usr.sbin/bhyve/pci_virtio_net.c b/usr.sbin/bhyve/pci_virtio_net.c --- a/usr.sbin/bhyve/pci_virtio_net.c +++ b/usr.sbin/bhyve/pci_virtio_net.c @@ -579,27 +579,36 @@ pci_vtnet_init(struct vmctx *ctx, struct close(sc-vsc_tapfd); sc-vsc_tapfd = -1; } } } /* * The default MAC address is the standard NetApp OUI of 00-a0-98, -* followed by an MD5 of the PCI slot/func number and dev name +* followed by an MD5 of the PCI slot/func number, hostname, and +* vmname. The locally administered bit is also set in the +* resulting MAC address. */ if (!mac_provided) { - snprintf(nstr, sizeof(nstr), %d-%d-%s, pi-pi_slot, - pi-pi_func, vmname); + char hostname[MAXHOSTNAMELEN]; + int rc; + + rc = gethostname(hostname, sizeof hostname - 1); + if (rc 0) + hostname[0] = 0; + hostname[MAXHOSTNAMELEN-1] = 0; + snprintf(nstr, sizeof(nstr), %d-%d-%s-%s, pi-pi_slot, + pi-pi_func, hostname, vmname); MD5Init(mdctx); MD5Update(mdctx, nstr, strlen(nstr)); MD5Final(digest, mdctx); - sc-vsc_config.mac[0] = 0x00; + sc-vsc_config.mac[0] = 0x00 | 0x2; /* locally administered */ sc-vsc_config.mac[1] = 0xa0; sc-vsc_config.mac[2] = 0x98; sc-vsc_config.mac[3] = digest[0]; sc-vsc_config.mac[4] = digest[1]; sc-vsc_config.mac[5] = digest[2]; } /* initialize config space */ ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org
Re: MAC addresses to use for BHyve VM's running under FreeBSD?
On Wed, Feb 5, 2014 at 9:46 AM, Kurt Lidl l...@pix.net wrote: On Feb 5, 2014, at 3:33 , Kai Gallasch k at free.de wrote: Am 05.02.2014 um 08:03 schrieb Craig Rodrigues: Hi, I am running many BHyve VM's and am using tap interfaces with a single bridge. I am configuring the IP addresses of these VM's via DHCP. I need to have separate MAC addresses for each VM. Can anyone recommend a range of MAC addresses to use? I seem to recall that at the 2013 FreeBSD Vendor Summit in Sunnyvale, California, that George mentioned that there might be a Organizational Unique Identifier (OUI) for the FreeBSD project that we can use for BHyve VM's. Is that right? If not, can people recommend a range of addresses to use? http://standards.ieee.org/develop/regauth/oui/public.html Using Search the Public MA-L Listing with search term FreeBSD reveals.. --- snip --- Here are the results of your search through the public section of the IEEE Standards OUI database report for freebsd: 58-9C-FC (hex) FreeBSD Foundation 589CFC (base 16) FreeBSD Foundation P.O. Box 20247 Boulder CO 80308-3247 UNITED STATES --- snap --- Correct, that is an address that the Foundation has registered with the IEEE. If you look at sys/net/ieee_oui.h you will see that I've allocated a range to bhyve already. At work, we modified the bhyverun command to seed the hostname of them machine running the hypervisor as part of the generate a MAC address routine. That means that for virtual machine foo, you now get different MACs on server bar and server baz. Without this patch, you're likely to get identical MAC addresses for virtual machine foo on different servers. I personally also have my virtual machines set bit 2 in the first octet of the MAC address, so it falls into the locally administered catagory of MAC addresses. My gut feel is that using the FreeBSD OUI bhyve range, *AND* setting the locally administered bit in the MAC address is the way to go. b George, Thanks for allocating that range of MAC addresses. We shoud probably document that MAC address range in one of the BHyve man pages. Kurt, Your change is definitely useful. It changes the behavior of BHyve with respect to MAC addresses, but it is a very useful change. Have you submitted your change to Peter and Neel to see if they can evaluate if it can be made part of BHyve in the FreeBSD src tree? -- Craig ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org
RE: MAC addresses to use for BHyve VM's running under FreeBSD?
-Original Message- From: Craig Rodrigues [mailto:rodr...@freebsd.org] Sent: Tuesday, February 4, 2014 11:03 PM To: George Neville-Neil Cc: freebsd-virtualization@freebsd.org Subject: MAC addresses to use for BHyve VM's running under FreeBSD? Hi, I am running many BHyve VM's and am using tap interfaces with a single bridge. I am configuring the IP addresses of these VM's via DHCP. I need to have separate MAC addresses for each VM. Can anyone recommend a range of MAC addresses to use? I seem to recall that at the 2013 FreeBSD Vendor Summit in Sunnyvale, California, that George mentioned that there might be a Organizational Unique Identifier (OUI) for the FreeBSD project that we can use for BHyve VM's. Is that right? If not, can people recommend a range of addresses to use? [Devin Teske] I read a bunch of RFCs on how manufacturers form their MAC addresses. There is a range of values that will indicate privately administered MAC to networking equipment. In my testing over 6 years, I've found that these privately administered MAC addresses are not only treated well (read: no issues), but in some cases they hold their DHCP leases far longer than those without this special bit set. In my vimage script: http://druidbsd.sourceforge.net/download.shtml#vimage I have the following formula: # # Set the MAC address of the new interface using a sensible # algorithm to prevent conflicts on the network. # # MAC LAYOUT LP:LL:LB:BB:BB:BB # # Where: # P2, 6, A, or E but usually 2 # NOTE: Indicates privately administered MAC # Lng_bridge(4) link number (1-65535) # BSame as bridged interface # So if we think of a MAC address as 6 octets, there are three goals that this formula/layout is addressing: Goal 1: Set the P nibble to a value of 2, 6, A, or E to indicate that the MaC address is one that is privately administered Goal 2: Allow up to 65530** unique MAC addresses to be formed from one single bridged interface. ** This number comes from stress-testing the ng_bridge(4) interface. In a lab, we were able to generate 65530 peers, all visible with ifconfig(8) and ngctl(8). Goal 3: Make the child MAC address look as similar to the parent MAC while satisfying goal 1 and goal 2. It is Goal #2 that gives us the layout requirement to have 2 octets (4 nibbles, aka 16 bits) to store a numeric identifier for a unique MAC address. It is goal #3 that gives us the layout requirement to copy (unmodified) bits from the bridge interface into the child MAC address. However, it is Goal #1 (of utmost importance in our needs) to force the second nibble of the first octet (high order; P in the layout) to a certain value. It was my own personal preference to simply split the 4 nibbles for child identifier so I could group the nibbles from the parent MAC. Resulting in the layout: LP:LL:LB:BB:BB Again, where the disjoint LL:LL represents a number 0-65535 for the LINK or CHILD identifier (first peer is 0, second is 1, so-on), P is locked at 2 (but could easily expand to also use 6, A, or E), and B:BB:BB are bits from the bridge's MAC. For code on calculating it all, see the above link -- written in shell script using bit- wise masking. I think it needless to say that we went overboard... a single system could potentially run 262,120 vimages (dup the vimage rc.d 3x and change the privately administered MAC nibble ``P'' from 2 to 6, then A, then E; each gaining up to 65530 new privately administered MAC address space). -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org