Allowlist and Denylist for Interfaces

Onload User Guide (UG1586)

Document ID
UG1586
Release Date
2023-07-31
Revision
1.2 English

The user can, on a system-wide or a per-stack basis, specify interfaces that can be used by the Onload stack, or prevent interfaces being used by the stack:

  • The system-level configuration Files in /proc/driver/sfc_resource/<intf-name>/enable can be written with “1” or “0” to enable or disable a network interface for all applications on the system:

    This feature is available from Onload-7.1.0 onwards.

  • The per-stack environment variables EF_INTERFACE_BLACKLIST and EF_INTERFACE_WHITELIST are space-separated lists of interfaces. The network interfaces can be identified as the real interface such as p1p1 or eth1, or as a higher-order interface such as a VLAN, MACVLAN, team or bond. When the Onload stack is created interface names will be resolved to identify the underlying and adapter interface.

    This feature is available from OpenOnload-201710 onwards.

By default, all interfaces are enabled when the driver is loaded. To disable all interfaces initially, pass the “enable_accel_by_default=0” module parameter to sfc_resource.

All interfaces identified in the allowlist will be accelerated by Onload, however the denylist takes precedence such that an interface appearing in both lists will not be accelerated by Onload.

If an interface is in the denylist:

  • Onloaded applications will not accelerate sockets using the interface (the socket will be handled by the kernel).
  • ef_vi applications will fail the ef_pd_alloc() call at startup.