Hi, On Sat, Jun 07, 2008 at 10:12:21PM +0200, zhengda wrote:
> 1) hypervisor creates a virtual network interface > How is the programming interface like for the virtual network > interface? I mean, is the pfinet still able to open it with > device_open()? Well, as I mentioned in the original discussion, both approaches are possible: Either there is a special para-virtualized interface which pfinets must explicitely implement so they can talk to the hypervisor. Or the hypervisor provides a virtual network interface that looks just like the actual Mach-provided one. The first approach is simpler on the hypervisor side, but requires changes in pfinet, and isn't fully transparent in usage. Para-virtualization also can be more efficient -- but I'm not sure it would make any difference here. I personally think the fully virtualized approach is more elegant, but YMMV. > If pfinet can open the interface with device_open(), I think we > need to write another program like boot to give pfinet the pseudo > master device port and help pfinet open the virtual network > interface. Why another program? I'm pretty sure "boot" is the right place to handle this. > The second question is: who can create the virtual network > interface? By default, the user who invokes the hypervisor. (I.e. the one running "boot".) More sophisticated policy control is certainly possible, but I can't think of any use case right now. > I still don't understand who should check and control the packet. I'm not sure I understand the question. I thought it is rather clear that the hypervisor does the checks?... -antrik-
