# VT-d vs. IOMMU

## pactoo

Hello,

I would like to know wether someone has experience with both in terms of performance using KVM.  By now I know, that the VT-d present in Socket 1156 setups has less features than their X58 counterpart. How important those missing features are, cannot be judged by me. 

However, I wonder how AMDs IOMMU compares? Haven'd really found anything on google which of these two architectures ist more advanced (or wether it really matters at all) in regards to virtualisation, especially hardeware passthrough, but maybe someone here has some experiences or technical knowledge.

----------

## BradN

It's my understanding that IOMMU was implemented not so much with virtualization in mind (although this could be a potential application), but more to prevent peripheral devices from crashing the whole system by writing data where they shouldn't.

For example, an active firewire port can be used to gain access to all the memory of the host system (this has been demonstrated on windows and linux to bypass password authentication), but an IOMMU could be configured to prevent this.

I don't think that an IOMMU is particularly useful for hardware passthru to a VM, since if the VM is running as root, it already has access to the hardware, and just a kernel module or something might be needed to hook interrupts or things like that.

----------

## pactoo

Well, IOMMU is vital for hardware passthrough, as it enables somewhat secure DMA access of guest domains to hardware. As far as I understand, of course. However, let's just exchange the more generic term IOMMU with AMD-Vi, how it is called now.

So the qustion is, how does AMD-Vi compare to the second generation VT-d as to be found in X58 boards? And how crucial are those VT-d feature missing in socket 1156 CPUs compared to their X58 father in real life?

----------

