: Verify PCI-ID for Ordering of Network Interfaces on the VM-Series Firewall
Focus
Focus

Verify PCI-ID for Ordering of Network Interfaces on the VM-Series Firewall

Table of Contents

Verify PCI-ID for Ordering of Network Interfaces on the VM-Series Firewall

Regardless of whether you use a virtual interfaces (Linux/OVS bridge) or PCI devices (PCI-passthrough or SR-IOV capable adapter) for connectivity to the VM-Series firewall, the VM-Series firewall treats the interface as a PCI device. The assignment of an interface on the VM-Series firewall is based on PCI-ID which is a value that combines the bus, device or slot, and function of the interface. The interfaces are ordered starting at the lowest PCI-ID, which means that the management interface (eth0) of the firewall is assigned to the interface with the lowest PCI-ID.
Let's say you assign four interfaces to the VM-Series firewall, three virtual interfaces of type virtio and e1000 and the fourth is a PCI device. To view the PCI-ID for each interface, enter the command virsh dumpxml $ domain <name of the VM-Series firewall> on the Linux host to view the list of interfaces attached to the VM-Series firewall. In the output, check for the following networking configuration:
<interface type='bridge'> 
      <mac address='52:54:00:d7:91:52'/> 
      <source bridge='mgmt-br'/> 
      <model type='virtio'/> 
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> 
    </interface> 
     
   <interface type='bridge'> 
      <mac address='52:54:00:f4:62:13'/> 
      <source bridge='br8'/> 
      <model type='e1000'/> 
      <address type='pci' domain='0x0000' bus='0x00' slot='0x10' function='0x0'/> 
    </interface> 
     
   <interface type='bridge'> 
      <mac address='52:54:00:fe:8c:80'/> 
      <source bridge='br8'/> 
      <model type='e1000'/> 
      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/> 
    </interface> 
    
   <hostdev mode='subsystem' type='pci' managed='yes'> 
      <source> 
        <address domain='0x0000' bus='0x08' slot='0x10' function='0x1'/> 
      </source> 
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/> 
    </hostdev> 
In this case, the PCI-ID of each interface is as follows:
  • First virtual interface PCI-ID is 00:03:00
  • Second virtual interface PCI-ID is 00:10:00
  • Third virtual interface PCI-ID is 00:06:00
  • Fourth interface PCI-ID is 00:07:00
Therefore, on the VM-Series firewall, the interface with PCI-ID of 00:03:00 is assigned as eth0 (management interface), the interface with PCI-ID 00:06:00 is assigned as eth1 (ethernet1/1), the interface with PCI-ID 00:07:00 is eth2 (ethernet1/2) and the interface with PCI-ID 00:10:00 is eth3 (ethernet1/3).