Versions Compared

Old Version 9

changes.mady.by.user W.Erber

Saved on

compared with

New Version 10

changes.mady.by.user W.Erber

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: corrected description of mac address requirement

...

Select the host attached Ethernet device to be connected to the virtual device. This field is a drop-down list of all the network adapters available on the host system. Important points:

  • The interface must allow promiscuous mode unless the configuration described below (yellow box) is usedOn a Charon-SSP AWS host, you can either use an internal bridge to create TAP interfaces that will then be used in the emulator configuration, or you can use a dedicated NIC. If a dedicated NIC is used, the MAC address of the emulated interface must be set to the MAC address of the NIC connected to the Charon host and the IP address of the guest system must be set to the private IP address allocated to the NIC by AWS.

  • It is permitted to assign the localhost interface (lo) to an emulated device (if the device will not be used by the guest).

  • It is also permitted to add the same physical device to multiple emulated Ethernet devices of the same instance. However, this is not recommended for performance reasons.

  • Sharing a NIC between emulator and host (not recommended for performance reasons) is possible on non-Cloud cloud systems but requires promiscuous mode and the MAC addresses of host and emulated system to be different (normally this is automatically taken care of by Charon-SSP assigning a locally administered MAC address to the guest system).

  • VMware and locally administered MAC addresses: VMware has several parameters to protect the environment from forged MAC addresses (e.g., the forged transmits and the address change parameters). If a MAC address for a Charon instance that is different from the host NIC MAC address is to be set and used, these parameters must allow such a configuration.

  • Assigning the same physical interface to more than one Charon-SSP instance is possible on non-cloud systems but not supported for production operation. It requires promiscuous mode and manual setting of unique MAC addresses for the Charon instances. I/O performance will be significantly degraded. For testing purposes only.

Please note:

On VMware ESXi and other hypervisors promiscuous mode is disabled by default on virtual adapters. The best solution when running the Charon-SSP host in a VM is to dedicate a vNIC to the emulator and to set the MAC address of the emulated adapter to the same address as the MAC address of the ESXi vNIC. See Set MAC Address parameter below.
If a dedicated vNIC is not possible, the interface must support promiscuous mode and the Hypervisor must allow multiple MAC addresses for this interface.

  •  

Set MAC Address:

To force the MAC address of the virtual Ethernet device to a specific value, select the checkbox and enter the address in groups of two-character hexadecimal digits, separated by a colon, e.g. 08:00:2b:aa:bb:cc.

(info) This option can be useful in cases where licensing is tied to a network adapter MAC address. It can also be used to avoid having to set a VMware virtual network adapter to promiscuous mode. If this configuration is used, the emulator needs is required if a dedicated NIC is used on the host systemCharon-SSP AWS instance.

Include Page
KBCOMMON:DOC-GoToToc
KBCOMMON:DOC-GoToToc