1 RDMA (ibverb) device driver
2 ===========================
4 This driver relies on Linux rdma-core (libibverb) userspace poll-mode
5 driver to rx/tx Ethernet packets. Despite using the RDMA APIs, this is
6 **not** about RDMA (no Infiniband, no RoCE, no iWARP), just pure
7 traditional Ethernet packets.
12 Under development: it should work, but has not been thoroughly tested.
23 - bifurcation: MAC based flow steering for transparent sharing of a
24 single physical port between multiple virtual interfaces including
28 Security considerations
29 -----------------------
31 When creating a rdma interface, it will receive all packets to the MAC
32 address attributed to the interface plus a copy of all broadcast and
33 multicast traffic. The MAC address is under the control of VPP: **the
34 user controlling VPP can divert all traffic of any MAC address to the
35 VPP process, including the Linux netdev MAC address as long as it can
36 create a rdma interface**. The rights to create a rdma interface are
37 controlled by the access rights of the
38 ``/dev/infiniband/uverbs[0-9]+``\ device nodes.
43 1. Make sure the ``ib_uverbs`` module is loaded:
49 2. In VPP, create a new rdma virtual interface tied to the Linux netdev
50 of the physical port you want to use (``enp94s0f0`` in this example):
54 vpp# create int rdma host-if enp94s0f0 name rdma-0
56 3. Use the interface as usual, e.g.:
60 vpp# set int ip addr rdma-0 1.1.1.1/24
61 vpp# set int st rdma-0 up
67 It should work in containers as long as: - the ``ib_uverbs`` module is
68 loaded - the device nodes ``/dev/infiniband/uverbs[0-9]+`` are usable
69 from the container (but see `security
70 considerations <#Security%20considerations>`__)
75 It should work on SR-IOV VFs the same way it does with PFs. Because of
76 VFs security containment features, make sure the MAC address of the rdma
77 VPP interface matches the MAC address assigned to the underlying VF. For
82 host# echo 1 > /sys/class/infiniband/mlx5_0/device/sriov_numvfs
83 host# ip l set dev enp94s0f0 vf 0 mac 92:5d:f5:df:b1:6f spoof on trust off
84 host# ip l set dev enp94s0f2 up
85 vpp# create int rdma host-if enp94s0f2 name rdma-0
86 vpp# set int mac address rdma-0 92:5d:f5:df:b1:6f
88 If you plan to use L2 features such as switching, make sure the
89 underlying VF is configured in trusted mode and spoof-checking is
90 disabled (of course, be aware of the `security
91 considerations <#Security%20considerations>`__):
95 host# ip l set dev enp94s0f0 vf 0 spoof off trust on
100 Direct Verb allows the driver to access the NIC HW RX/TX rings directly
101 instead of having to go through libibverb and suffering associated
102 overhead. It will be automatically selected if the adapter supports it.