Trying to get around an IOMMU performance issue documented elsewhere, I am trying to leverage SR-IOV. It appears to work well, generally. For testing purposes I have 10 non-SEV guests and 10 SEV guests, all using SR-IOV on an Intel Ethernet Controller X710 for 10GbE SFP+ (rev 02). I can run multiple non-SEV guests simultaneously, each using a different VF. I can also run a single SEV guest and multiple non-SEV guests simultaneously, also using different VFs.
However, if I have an SEV guest running and I attempt to bring up another also using SR-IOV, the first loses network connectivity and the second never gets it. I have verified they are using different VFs, have unique IP addresses, and are reporting unique MACs.
I can't find anything that says this is a known limitation.
A more fulsome description of my server can be found in this thread: IOMMU on KVM Guest NIC reduces throughput by factor of 10 on EPYC 7282