3.1. About SR-IOV¶

Single Root I/O Virtualization (SR-IOV) is a hardware specification that allows a single PCI Express (PCIe) endpoint to function as numerous devices (e.g., a single Ethernet port will appear as multiple, separate, physical devices). Physical Functions (PFs) and Virtual Functions (VFs) are two PCIe functions that enable this functionality. PCI passthrough is another functionality provided by the IOMMU driver, which allows assigning PCIe devices directly to Virtual Hosts. It allows virtual machines to benefit from direct PCI device assignment while only requiring one slot on the host physical computer.

When SR-IOV is used in conjunction with the PCI passthrough functionality in its most basic form (SR-IOV VF PCI), we can inject an SR-IOV network VF into a Linux KVM VM.

Physical Functions are Full PCIe devices that include SR-IOV capabilities (PCIe Devices).

Virtual Functions are PCIe functions that only compute I/O. These are the resulting VFs from the PCIe PFs device (Virtual NICs).

The direct assignment (PCI passthrough) approach also bypasses the Linux virtual bridges that are usually in place for virtual machine networking.

Why use SR-IOV on VHS?

Virtual Functions offer better performance than paravirtual drivers or emulated devices. The performance is nearly close to native. An overlooked feature when using VFs is data protection; all the data is managed and controlled by the hardware, which improves data protection between virtual machines on the same host. These features allow the host to have an increased virtual machine density. It is important to mention that Virtual Machines with assigned PCI devices cannot be migrated to other hosts, which in our case works well as we will be using a dedicated host with local storage, and machines will always be running on this host.