VT-d / IOMMU with intel haswell and Z87 chipset

A sub project of Homeserver 2.0 was the virtualization of my home router.
I wanted to use pass-through of the additional nic for the external interface, so my host system can’t see any external traffic.

The steps should be easy, started virt-manager and followed these simple steps:
add-pci-1 add-pci-2

After a reboot of the vm i got a error: Connection reset by peer. The qemu process for the wasn’t started.

I got a more detailed error message with the virsh console:

server # virsh
virsh # start router-linz --console
error: Failed to start domain router-linz
error: internal error process exited while connecting to monitor: qemu-kvm: 
-device pci-assign,host=03:00.0,id=hostdev0,configfd=24,bus=pci.0,addr=0x5: 
No IOMMU found.  Unable to assign device "hostdev0"
qemu-kvm: -device pci-assign,host=03:00.0,id=hostdev0,configfd=24,bus=pci.0
,addr=0x5: Device 'kvm-pci-assign' could not be initialized
2013-10-01 17:44:52.566+0000: shutting down

Here it is: No IOMMU found. But i bought hardware that supports VT-d, a i5-4570 and a Z87 board. I rebooted my host system and checked the bios. VT-d was activated already.

Ok, I started googling and found a article about xen and HowTo activate VT-d. This article mentions special boot parameters you have to add to use this feature.

I’ve tested iommu=1 but haven’t got luck. Then i tried different combinations of the other kernel parameters in the article but none works.

Shortly before my surrender i found a mailing list post. In this post was explained to use intel_iommu=1.

Grub menu.lst edited, a short reboot of the host and then it worked.

Summary:

To activate VT-d under linux you have to add the kernel boot parameter intel_iommu=1. The VT-d/IOMMU support in the kernel alone is only half the battle.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.