yuluo-zy
commented
2 weeks ago I think I can try this question!!
Closed roypat closed 13 hours ago
yuluo-zy
commented
2 weeks ago I think I can try this question!!
roypat
commented
1 week ago Hi @yuluo-zy, that sounds awesome, feel free to have a stab at it :)
Firecracker networking relies on virtio-net [1] virtualized ethernet cards, backed by TAP devices on the host. Both TAP and virtio-net support several offloading features [1][2]. In order for these to play correctly together, each offloading feature needs to be supported by both the guest driver and the TAP device on the host.
The Linux virtio-net driver always (at least in the configuration we use it) supports the same offloading features the TAP devices does. As a result, during device initialization, Firecracker informs the guest about the offloads that are possible (the ones supported by the TAP device) and configures the TAP device to use them trusting that the driver will also support the same features.
However, other operating systems, such as FreeBSD might make other decisions (see also https://github.com/firecracker-microvm/firecracker/issues/3905). Moreover, Linux in the future might decide that (at least in some cases) will not support.
We should fix the Firecracker virtio-net implementation to validate that the features it offered to the guest are actually supported by the driver and only configure the TAP device with the subset of the features that the driver acknowledged.
These is some preliminary work in https://github.com/firecracker-microvm/firecracker/pull/4386 on which a PR could be based