* Using 127.n.x.x/16 for namespace to host
@ 2009-07-06 22:46 Elwin Stelzer Eliazer
[not found] ` <638f07d70907061546h5e017064t57ee22f45fa746b2-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
0 siblings, 1 reply; 3+ messages in thread
From: Elwin Stelzer Eliazer @ 2009-07-06 22:46 UTC (permalink / raw)
To: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA
Hi,
I am using an internal bridge for internal socket communication between the
host and various containers' applications.
This is purely an internal bridge and no external traffic is expected in
this.
I can use a regular private ip address subnet for this, for example a
192.168.x.x/16 for this, and things are working.
But since the applications at the container and host handle external traffic
as well, we are forced to exclude this internal subnet for external use.
Using a 127.n.x.x/16 subnet is preferred, since that is not expected to be
used externally.
But this is requiring kernel code change, since 127.0.0.1/8 is programmed
for loopback interface 'lo' in host.
Towards this tried changing:
IFF_LOOPBACK 0x10 // in in.h, changed from 0x8 to 0x10
ifa->ifa_prefixlen = 16; // in devinet.c, changed from 8 to 16
And still do not see them connected.
Any suggestions on this will be appreciated.
regards,
Elwin.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Using 127.n.x.x/16 for namespace to host
[not found] ` <638f07d70907061546h5e017064t57ee22f45fa746b2-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
@ 2009-07-07 0:28 ` Guenter Roeck
[not found] ` <20090707002842.GA20703-gvzKVTG1yJJBDgjK7y7TUQ@public.gmane.org>
0 siblings, 1 reply; 3+ messages in thread
From: Guenter Roeck @ 2009-07-07 0:28 UTC (permalink / raw)
To: Elwin Stelzer Eliazer
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
Look for ipv4_is_loopback().
Another option might be to use link local addresses.
Guenter
On Mon, Jul 06, 2009 at 03:46:20PM -0700, Elwin Stelzer Eliazer wrote:
> Hi,
>
> I am using an internal bridge for internal socket communication between the
> host and various containers' applications.
> This is purely an internal bridge and no external traffic is expected in
> this.
> I can use a regular private ip address subnet for this, for example a
> 192.168.x.x/16 for this, and things are working.
> But since the applications at the container and host handle external traffic
> as well, we are forced to exclude this internal subnet for external use.
> Using a 127.n.x.x/16 subnet is preferred, since that is not expected to be
> used externally.
> But this is requiring kernel code change, since 127.0.0.1/8 is programmed
> for loopback interface 'lo' in host.
> Towards this tried changing:
> IFF_LOOPBACK 0x10 // in in.h, changed from 0x8 to 0x10
> ifa->ifa_prefixlen = 16; // in devinet.c, changed from 8 to 16
> And still do not see them connected.
>
> Any suggestions on this will be appreciated.
>
> regards,
> Elwin.
> _______________________________________________
> Containers mailing list
> Containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
> https://lists.linux-foundation.org/mailman/listinfo/containers
^ permalink raw reply [flat|nested] 3+ messages in thread
* RE: Using 127.n.x.x/16 for namespace to host
[not found] ` <20090707002842.GA20703-gvzKVTG1yJJBDgjK7y7TUQ@public.gmane.org>
@ 2009-07-07 9:09 ` Elwin Stelzer Eliazer
0 siblings, 0 replies; 3+ messages in thread
From: Elwin Stelzer Eliazer @ 2009-07-07 9:09 UTC (permalink / raw)
To: 'Guenter Roeck'
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA
Thank you for the suggestion. The link local address should be good enough
for now.
Cheers,
Elwin.
-----Original Message-----
From: Guenter Roeck [mailto:groeck-gvzKVTG1yJJBDgjK7y7TUQ@public.gmane.org]
Sent: Monday, July 06, 2009 5:29 PM
To: Elwin Stelzer Eliazer
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
Subject: Re: Using 127.n.x.x/16 for namespace to host
Look for ipv4_is_loopback().
Another option might be to use link local addresses.
Guenter
On Mon, Jul 06, 2009 at 03:46:20PM -0700, Elwin Stelzer Eliazer wrote:
> Hi,
>
> I am using an internal bridge for internal socket communication between
the
> host and various containers' applications.
> This is purely an internal bridge and no external traffic is expected in
> this.
> I can use a regular private ip address subnet for this, for example a
> 192.168.x.x/16 for this, and things are working.
> But since the applications at the container and host handle external
traffic
> as well, we are forced to exclude this internal subnet for external use.
> Using a 127.n.x.x/16 subnet is preferred, since that is not expected to be
> used externally.
> But this is requiring kernel code change, since 127.0.0.1/8 is programmed
> for loopback interface 'lo' in host.
> Towards this tried changing:
> IFF_LOOPBACK 0x10 // in in.h, changed from 0x8 to 0x10
> ifa->ifa_prefixlen = 16; // in devinet.c, changed from 8 to 16
> And still do not see them connected.
>
> Any suggestions on this will be appreciated.
>
> regards,
> Elwin.
> _______________________________________________
> Containers mailing list
> Containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
> https://lists.linux-foundation.org/mailman/listinfo/containers
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2009-07-07 9:09 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-07-06 22:46 Using 127.n.x.x/16 for namespace to host Elwin Stelzer Eliazer
[not found] ` <638f07d70907061546h5e017064t57ee22f45fa746b2-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2009-07-07 0:28 ` Guenter Roeck
[not found] ` <20090707002842.GA20703-gvzKVTG1yJJBDgjK7y7TUQ@public.gmane.org>
2009-07-07 9:09 ` Elwin Stelzer Eliazer
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.