Intel i710 SR-IOV

D

ducs4rs

Active Member
Apr 13, 2021
37
5
28
67
I had an Intel i350 setup with SR-IOV and it was working fine. I could use ViFs with Linux, and Windows 11. I swapped out the i350 with an i710. This was smooth as the OS saw the new NIC and it seemed to work. I changed the # of Vifs from 7 for the i350 to 32 for the i710. I have assigned ViFs to Linux and after making small OS updates it worked. But I see a console errors on Proxmox host for the i710 that weren't there with the i350

CSS: 
Cannot add more MAC addresses, VF is not trusted, switch the VF to trusted to add more functionality

Plus I can not add a ViF to windows. When I go into Window device manager it shows a failed nic but the Intel driver installed doesn't detect the NIC as an Intel.

Any insight on these issues?
 
Last edited:
For those interested, there are other quirks using X710 on proxmox :
- VLAN stripping on SR-IOV VFs
- LLDP offload not reporting to linux kernel
- Asymmetric speed due to TX checksum offload

See https://github.com/nvandamme/systemd-networkd-i40e for a more friendly approach with a systemd service (and maybe add your quirks too!).
 
Sorry for the late response. Seems that your PF priv flags are not set to allow VF to handle any MAC settings:

  • VF trust should be true for each VF
    • ip link set dev enpXsXfXnpX vf N trust on
    • OR using Trust=true under each of your VF [SR-IOV] section of any relevant iface in /etc/systemd/network/xx-enpX.link config files
  • VF spoof check should also be false for each VF
    • ip link set dev enpXsXfXnpX vf N spoofchk off
    • OR using MACSpoofCheck=false under each of your VF [SR-IOV] section of any relevant iface in /etc/nsystemd/network/xx-enpX.link config files
All of that should be set following any udev event related to i40e/iavf device starting up before any VM/LXC startup. It is guaranteed to be executed if you use systemd-network link files (and optionally my service script https://github.com/nvandamme/systemd-networkd-i40e that is litterally launched upon said udev events).

You can also check on your host/hypervisor if the correct trust and spoofchk flags are set (they should) using ip link:

Code: 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp2s0f0np0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 10000
    link/ether 58:47:de:ad:be:ef brd ff:ff:ff:ff:ff:ff
    vf 0     link/ether 5a:47:de:ad:b0:00 brd ff:ff:ff:ff:ff:ff, spoof checking off, link-state enable, trust on
 
You must log in or register to reply here.
Top Bottom
Back