How to pass through single NIC port from i350-t4 ?

+DS_DV+

New Member
Feb 9, 2020
4
0
1
Hi,
there is a proxmox setup with working pcie passtrhough of a HBA for a freenasvm.
vifo / kernel parameters (incl iommu=pt) are set.
i can see the single ports in the hardware dropdown but as soon as i add one to a vm i cant start it anymore (the whole setup hangs untill reset).

anny suggetions how to add single NIC port to VMs and LXCs ?
the goal is to have VMs / LXCs to only use thier designated NIC ports

Code:
ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp3s0f0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether a0:36:9f:71:ae:00 brd ff:ff:ff:ff:ff:ff
3: enp3s0f1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether a0:36:9f:71:ae:01 brd ff:ff:ff:ff:ff:ff
4: enp3s0f2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether a0:36:9f:71:ae:02 brd ff:ff:ff:ff:ff:ff
5: enp3s0f3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether a0:36:9f:71:ae:03 brd ff:ff:ff:ff:ff:ff
6: enp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr0 state UP mode DEFAULT group default qlen 1000
    link/ether 60:45:cb:9c:59:34 brd ff:ff:ff:ff:ff:ff
7: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 60:45:cb:9c:59:34 brd ff:ff:ff:ff:ff:ff
 
Last edited:

H4R0

Active Member
Apr 5, 2020
229
33
28
28
The whole nic shares the same iommu group, so passing a single nic port will not work.

You will have to create a bridge per nic port and add that to the vm as emulated network adapter.

There is not much overhead with that approach anyway.

A better approach would be to use vlans.
 
  • Like
Reactions: +DS_DV+

H4R0

Active Member
Apr 5, 2020
229
33
28
28
i tried foolowing this tutorial:
https://forum.proxmox.com/threads/enabling-sr-iov-for-intel-nic-x550-t2-on-proxmox-6.56677/
is there any advanteage to the bridge way?
For sr-iov to work your cpu, mobo and nic need to support it. Did you enable it in the bios ? In that case different iommu groups per port will be created and your passtrough should indeed work.

The only advantage is no overhead and maybe some hardware offloading features. But with a 1gbit nic there will be not much overhead, if at all. Just make sure to use virtio if you go with the bridge way.

Whats the setup for ? In case you want to emulate a firewall e.g pfsense it would actually make sense, otherwise there is no real benefit.
 
  • Like
Reactions: +DS_DV+

+DS_DV+

New Member
Feb 9, 2020
4
0
1
i have an B350M Pro (asus) a AMD 3100 and the I350. The option is enabled in the bios.
but bridging seems far more simple :) i will try that first.

my firewall is an opnsense box but i like to keep it on bare metal (cause its the firewall).

u mentioind vlans. can i tag the "vms/containers" ?
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!