VM-Series on KVM— Requirements and Prerequisites

VM-Series on KVM System Requirements
Requirements	Description
Hardware Resources	See VM-Series System Requirements for the minimum hardware requirements for your VM-Series model.
Software Versions	Ubuntu: 14.04 LTS (QEMU-KVM 2.0.0 and libvirt 1.2.2) 16.04 LTS (QEMU-KVM 2.5.0 and libvirt 1.3.1) CentOS/RedHat Enterprise Linux: 7.2 (QEMU-KVM 1.5.3 and libvirt 2.0.0) CentOS: 7.5 (QEMU-KVM 1.5.3 and libvirt 3.9.0) With CentOS 7.5, only Packet MMap mode is supported. So you must disable DPDK with op-cmd-dpdk-pkt-io=off in the init-cfg.txt file used for bootstrapping or use the CLI command set system setting dpdk-pkt-io off after you deploy the firewall.
Network Interfaces—Network Interface Cards and Software Bridges	The VM-Series on KVM supports a total of 25 interfaces— 1 management interface and a maximum of 24 network interfaces for data traffic. VM-Series deployed on KVM supports software-based virtual switches such as the Linux bridge or the Open vSwitch bridge, and direct connectivity to PCI passthrough or an SR-IOV capable adapter. If you plan to establish connectivity using PCI-passthrough or SR-IOV, you cannot configure a vSwitch on the physical port used for SR-IOV or PCI-passthrough. To communicate with the host and other virtual machines on the network, the VM-Series firewall must have exclusive access to the physical port and associated virtual functions (VFs) on that interface. On the Linux bridge and OVS, the e1000 and virtio drivers are supported; the default driver rtl8139 is not supported. Open vSwitch version support: Ubuntu 14.04 LTS: OVS 1.9.3 and OVS 2.3.1 Ubuntu 16.04 LTS: OVS 2.5.0 Ubuntu 16.04 LTS with OVS-DPDK: OVS 2.5.1 CentOS/RHEL 7.2: OVS 2.5.0 For PCI passthrough/SR-IOV support, the VM-Series firewall has been tested for the following network cards: Intel 82576 based 1G NIC: SR-IOV support on all supported Linux distributions; PCI-passthrough support Intel 82599 based 10G NIC: SR-IOV support on all supported Linux distributions; PCI-passthrough support Broadcom 57112 and 578xx based 10G NIC: SR-IOV support on all supported Linux distributions; No PCI-passthrough support. Drivers: igb; ixgbe; bnx2x Drivers: igbvf; ixgbevf; bnx2x SR-IOV capable interfaces assigned to the VM-Series firewall, must be configured as Layer 3 interfaces or as HA interfaces.
Data Plane Development Kit (DPDK) Support	DPDK is enabled by default on VM-Series firewalls on KVM if one of the following NIC drivers is used: Virtual Driver: virtio NIC Drivers: ixgbe, ixgbevf, i40e, i40evf

Related Documentation