[dpdk-users] Fwd: use VF in promiscuous mode in dpdk to receive all traffic received by PF

[David Christensen]

On 1/13/21 9:59 PM, Myth Ren wrote:
> Hi， all
>      is it possible we are mirror traffic from switch/router to PF, then a
> program based on DPDK
> read packet from a VF related to the PF, presume we are mirror the traffic
> from PF to the VF （promiscuous），
> while the PF device still managed by the kernel driver(if it's possible),
> or managed by UIO driver.
> at least, restart the DPDK based program will not influence the PF device
> state.

You should be specific about the NIC/PMD you're using here.  One use 
case for PF/VF is that the PF will run in the host operating system and 
the VF will be passed-through to a virtual machine.  Because of this, 
NICs will often support a feature to actively prevent a VF from snooping 
on the traffic seen by the PF for security, limiting it to only 
broadcast/multicast traffic and unicast traffic with a matching MAC 
address.  The ability for a VF to enable promiscuous mode and see PF 
traffic, if it is supported on the NIC, is likely to be NIC/PMD specific 
implementation.

And why the need for a VF in the first place? If the switch/router is 
external to the box and forwarding traffic into the PF, why not just 
catch the traffic from the PF?  You'll need a second PF anyway to send 
the traffic onward (like a bump-in-the-wire implementation), unless 
you're mangling the packets for some reason to change their address, 
adding a VLAN or other tag, etc.  A drawing of what you're trying to 
implement would be useful here.

Dave