Configuring Virtual Machine Networking (InfiniBand SR-IOV Only)

For further details on enabling/configuring SR-IOV on KVM, please refer to the section titled “Single Root IO Virtualization (SR-IOV)” in Mellanox OFED for Linux User Manual.

Configuring Virtual Machine Networking (Ethernet SR-IOV Only)

To configure Virtual Machine networking:

1. Create an SR-IOV-enabled Virtual Switch over Mellanox Ethernet Adapter. 
   Go to Start → Server Manager → Tools → Hyper-V Manager.
   In the Hyper-V Manager: Actions → Virtual SwitchManager → External → Create Virtual Switch.
2. Set the following:
   • Name:
   • External network:
   • Enable single-root I/O virtualization (SR-IOV)
   Virtual Switch with SR-IOV
   
3. Click Apply.
4. Click OK.
5. Add a VMNIC connected to a Mellanox vSwitch in the VM hardware settings:
   1. Under Actions, go to Settings → Add New Hardware → Network Adapter → OK.
   2. In “Virtual Switch” dropdown box, choose Mellanox SR-IOV Virtual Switch.
      Adding a VMNIC to a Mellanox V-switch
      
      
      
6. Enable the SR-IOV for Mellanox VMNIC:
   1. Open VM settings Wizard.
   2. Open the Network Adapter and choose Hardware Acceleration.
   3. Tick the “Enable SR-IOV” option.
   4. Click OK.
      Enable SR-IOV on VMNIC
      
      
      
7. Start and connect to the Virtual Machine:
   Select the newly created Virtual Machine and go to: Actions panel → Connect.
   In the virtual machine window go to: Actions → Start.
8. Copy the WinOF driver package to the VM using Mellanox VMNIC IP address.
9. Install WinOF driver package on the VM.
10. Reboot the VM at the end of installation.

11. Verify that Mellanox Virtual Function appears in the device manager.
    Virtual Function in the VM
    
    
    

    To achieve best performance on SR-IOV VF, please run the following powershell commands on the host:
    For 10GbE: PS $ Set-VMNetworkAdapter -Name "Network Adapter" -VMName vm1 -IovQueuePairsRequested 4
    For 40GbE and 56GbE: PS $ Set-VMNetworkAdapter -Name "Network Adapter" -VMName vm1 -IovQueuePairsRequested 8

Ethertype Spoof Protection

This feature enables the hypervisor to control the allowed Ethertypes that the VF can transmit.

The hypervisor has an Ethertype table for VFs which includes a set of allowed Ethertypes values for transmission.

If a VF tries to transmit packets with undesired Ethertype value, the packets will be transmitted as corrupted but will still be counted as good packets.

The hypervisor has a default Ethertype table for VFs that contains the following values:

Default Ethertype Values

Ethertype Spoof Protection Registry Keys

The feature could be configured via registry keys as follows:

Registry keys location for configuration:

HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\<nn>\Parameters

The group below contains the registry keys through which you can configure the feature:For more information on how to find device index nn, please refer to Finding the Index Value of the HCA.

Ethertype Spoof Protection Registry Keys

When the feature is disabled, there is no restriction on the traffic that the VF can transmit.
Configuring at least one Ethertype in registry will override the default table of the Ethertypes mentioned above.

Limitations:
When one of the following Ethertypes is enabled/disabled, the other is automatically enabled/disabled:

• 0x8906 - Fibre Channel over Ethernet (FCoE)
• 0x8914 - FCoE Initialization Protocol

LLC Packets

Transmission of small packets that do not have Ethertype (also known as LLC packets) can be allowed by adding a registry key (one of VFAllowedTxEtherType0..7) with value of 0x0.