VT-d Mode for Remote Applications

Virtualization solutions allow multiple operating systems and applications to run in independent partitions all on a single computer. Intel Virtualization Technology for Directed I/O (VT-d) extends Intel's Virtualization Technology (VT) by providing hardware support for isolating and restricting device accesses to the owner of the partition managing the device. With VT-d, virtual machines (VMs) access host resources directly through physical interfaces.

VT-d provides VM management software with the following capabilities:

Using the CLI, you can configure interfaces for VT-d mode. You need to configure both the platform and the VM for passthrough. See the ethernet and interface configuration statements for the syntax and configuration options.

Advantages of VT-d

VT-d gives much better performance of the network bandwidth than simulating interfaces in a VM and attaching them through a bridge. VT-d can also improve security and reliability of the systems. The incoming and outgoing network packets land directly at the VM and completely avoid the host network stack.

Disadvantages of VT-d

Using VT-d for an interface means that the network interface is not sharable. Therefore, the number of network interfaces is limited to the number of physical interfaces in the VSE device.

Limitations of VT-d

VT-d can only be supported on a real physical interface and not on any other software interfaces, like bridges or aggregates. Additionally, once the host interface is reserved for VT-d mode of operation, it cannot be used for another purpose; for example, it cannot be used to attach to a bridge interface or an aggregated interface. Once the interface mode is reserved in VT-d, the interface is removed from the host system for any use until the VT-d mode is disabled.

