HP BL680c XenServer Software Development Kit Guide 4.1.0 - Page 34
Advanced settings for network interfaces, 5.5.1. ethtool settings
UPC - 884420396314
View all HP BL680c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 34 highlights
XenServer API extensions • The device /dev/xen/evtchn, which is accessed via xs_evtchn_open() in libxenctrl. A handle can be restricted using xs_evtchn_restrict(). • The device /proc/xen/privcmd, accessed through xs_interface_open() in libxenctrl. A handle is restricted using xc_interface_restrict(). Some privileged commands are naturally hard to restrict (e.g. the ability to make arbitrary hypercalls), and these are simply prohibited on restricted handles. • A restricted handle cannot later be granted more privilege, and so the interface must be closed and reopened. Security is only gained if the process cannot subsequently open more handles. • The qemu device emulation processes and vncterm terminal emulation processes run as a non-root user ID and are restricted into an empty directory. They uses the restriction API above to drop privileges where possible. • Access to xenstore is rate-limited to prevent malicious guests from causing a denial of service on the control domain. This is implemented as a token bucket with a restricted fill-rate, where most operations take one token and opening a transaction takes 20. The limits are set high enough that they should never be hit when running even a large number of concurrent guests under loaded operation. • The VNC guest consoles are bound only to the localhost interface, so that they are not exposed externally even if the control domain packet filter is disabled by user intervention. 5.5. Advanced settings for network interfaces Virtual and physical network interfaces have some advanced settings that can be configured using the other-config map parameter. There are a set of custom ethtool settings and some miscellaneous settings. 5.5.1. ethtool settings Developers might wish to configure custom ethtool settings for physical and virtual network interfaces. This is accomplished with ethtool- keys via the other-config map parameter. Key ethtool-rx ethtool-tx ethtool-sg ethtool-tso ethtool-ufo ethtool-gso ethtool-autoneg ethtool-speed ethtool-duplex Description Specify if RX checksumming is enabled Specify if TX checksumming is enabled Specify if scatter-gather is enabled Specify if tcp segmentation offload is enabled Specify if UDP fragmentation offload is enabled Specify if generic segmentation offload is enabled Specify if autonegotiation is enabled Set the device speed in Mb/s Set full or half duplex mode Valid settings on or true to enable the setting, off or false to disable it on or true to enable the setting, off or false to disable it on or true to enable the setting, off or false to disable it on or true to enable the setting, off or false to disable it on or true to enable the setting, off or false to disable it on or true to enable the setting, off or false to disable it on or true to enable the setting, off or false to disable it 10, 100. or 1000 half or full 28