Can't run multiple SEV guests using SR-IOV?

Question asked by sinanju on Jul 30, 2020
Latest reply on Aug 16, 2020

Trying to get around an IOMMU performance issue documented elsewhere, I am trying to leverage SR-IOV. It appears to work well, generally. For testing purposes I have 10 non-SEV guests and 10 SEV guests, all using SR-IOV on an Intel Ethernet Controller X710 for 10GbE SFP+ (rev 02). I can run multiple non-SEV guests simultaneously, each using a different VF. I can also run a single SEV guest and multiple non-SEV guests simultaneously, also using different VFs.


However, if I have an SEV guest running and I attempt to bring up another also using SR-IOV, the first loses network connectivity and the second never gets it.  I have verified they are using different VFs, have unique IP addresses, and are reporting unique MACs.


I can't find anything that says this is a known limitation.


A more fulsome description of my server can be found in this thread: IOMMU on KVM Guest NIC reduces throughput by factor of 10 on EPYC 7282