From: Dan Smith <danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
To: Guenter Roeck <groeck-gvzKVTG1yJJBDgjK7y7TUQ@public.gmane.org>
Cc: "containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org"
<containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org>
Subject: Re: [RFC][PATCH] IP address restricting cgroup subsystem
Date: Fri, 09 Jan 2009 10:12:24 -0800 [thread overview]
Message-ID: <87ljtkic1j.fsf@caffeine.danplanet.com> (raw)
In-Reply-To: <20090109174334.GA4526-gvzKVTG1yJJBDgjK7y7TUQ@public.gmane.org> (Guenter Roeck's message of "Fri, 9 Jan 2009 09:43:35 -0800")
GR> I have tried something similar, only with
GR> CLONE_FILES|CLONE_FS|CLONE_VM|CLONE_NEWNET, and actually creating
GR> a virtual interface and controlling socket or thread in each new
GR> network namespace.
My initial test was to create a veth pair and move one end into the
namespace during create. That failed in the same way, so I took the
veth's out of the equation with the posted test.
GR> This scales to a couple of thousand interfaces, though interface
GR> creation takes a long time if more than 1,000 interfaces or so are
GR> created.
Yeah, just creating a bunch of pairs starts to slow down after a
hundred veth's or so. I think that for thousands of network
namespaces, things would be pretty painful.
GR> I can send you the code if you like.
I'd like to see it.
Thanks!
--
Dan Smith
IBM Linux Technology Center
email: danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org
next prev parent reply other threads:[~2009-01-09 18:12 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-06 23:05 [RFC][PATCH] IP address restricting cgroup subsystem Grzegorz Nosek
[not found] ` <20090106230554.GB25228-IaEwMO9oKu/77SC2UrCW1JJg/dWx8T/9@public.gmane.org>
2009-01-07 6:01 ` Li Zefan
[not found] ` <49644526.8030205-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>
2009-01-07 7:38 ` Grzegorz Nosek
2009-01-07 8:36 ` Li Zefan
2009-01-07 9:16 ` Grzegorz Nosek
2009-01-07 9:33 ` Li Zefan
2009-01-07 9:37 ` Grzegorz Nosek
2009-01-09 21:38 ` [Devel] " Paul Menage
2009-01-10 4:50 ` Li Zefan
2009-01-10 16:14 ` Paul Menage
2009-01-12 2:20 ` Li Zefan
2009-01-14 2:07 ` Paul Menage
2009-01-14 2:47 ` Li Zefan
2009-01-14 2:50 ` Paul Menage
2009-01-07 18:07 ` Serge E. Hallyn
[not found] ` <20090107180752.GA19153-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-01-07 19:15 ` Grzegorz Nosek
[not found] ` <20090107191536.GA15159-yp6mvK3Bdd2rDJvtcaxF/A@public.gmane.org>
2009-01-07 19:32 ` Serge E. Hallyn
[not found] ` <20090107193234.GA22625-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-01-08 12:43 ` Benny Amorsen
[not found] ` <20090109144122.GA9685@megiteam.pl>
[not found] ` <20090109162247.GA7925@us.ibm.com>
[not found] ` <20090109162247.GA7925-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-01-09 16:57 ` Grzegorz Nosek
2009-01-09 16:54 ` Dan Smith
[not found] ` <87priwifnu.fsf-FLMGYpZoEPULwtHQx/6qkW3U47Q5hpJU@public.gmane.org>
2009-01-09 17:43 ` Guenter Roeck
[not found] ` <20090109174334.GA4526-gvzKVTG1yJJBDgjK7y7TUQ@public.gmane.org>
2009-01-09 18:12 ` Dan Smith [this message]
[not found] ` <87ljtkic1j.fsf-FLMGYpZoEPULwtHQx/6qkW3U47Q5hpJU@public.gmane.org>
2009-01-09 22:37 ` Guenter Roeck
[not found] ` <20090109223756.GA22738-gvzKVTG1yJJBDgjK7y7TUQ@public.gmane.org>
2009-01-09 22:47 ` Serge E. Hallyn
[not found] ` <20090109224742.GA15227-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-01-09 23:37 ` Guenter Roeck
2009-01-09 18:30 ` Serge E. Hallyn
[not found] ` <20090109183046.GA14063-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-01-13 16:23 ` Dan Smith
2009-01-09 21:58 ` [Devel] " Paul Menage
[not found] ` <6599ad830901091358m11effdbegeff6cbb7ee28e262-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2009-01-10 11:20 ` Grzegorz Nosek
[not found] ` <20090110112009.GA12336-yp6mvK3Bdd2rDJvtcaxF/A@public.gmane.org>
2009-01-10 16:21 ` Paul Menage
[not found] ` <6599ad830901100821q2c943d38i314c00f7db51b4f0-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2009-01-11 0:25 ` Benny Amorsen
2009-01-11 10:19 ` Grzegorz Nosek
[not found] ` <20090111101946.GA14325-yp6mvK3Bdd2rDJvtcaxF/A@public.gmane.org>
2009-01-14 2:21 ` Paul Menage
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ljtkic1j.fsf@caffeine.danplanet.com \
--to=danms-r/jw6+rmf7hqt0dzr+alfa@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=groeck-gvzKVTG1yJJBDgjK7y7TUQ@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.