From: ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman)
To: Renato Westphal <renatowestphal-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
Cc: "containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org"
<containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>,
Pavel Emelyanov <xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>,
Lxc-users-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org,
"Ward,
David - 0663 - MITLL"
<david.ward-OVIABD91gjs3uPMLIKxrzw@public.gmane.org>
Subject: Re: netns: Issues with deleting virtual interfaces during namespace cleanup
Date: Sun, 27 Feb 2011 01:02:47 -0800 [thread overview]
Message-ID: <m18vx197ew.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <AANLkTinQQHKiujHNet07kbK5eqYvp6-2iBnn27v2-85+-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> (Renato Westphal's message of "Sun, 27 Feb 2011 02:16:23 -0300")
Renato Westphal <renatowestphal-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> writes:
> Hello David,
>
> You may try the patch below (kernel v2.6.35) and see if that helps. It
> basically does what you asked for: during namespace cleanup, move back the
> virtual interfaces to their original namespaces. I did some tests with veth
> pairs and nested netns's and everything worked fine.
>
> I think this should be the default behaviour, I would like if someone could
> review/fix this patch and push it upstream.
I think this approach of pushing virtual network devices back where they
came from is a bad idea. All of the desired benefits can be obtained by
using an extra veth pair and ethernet bridging. The current semantics
make it difficult to leak virtual network devices by accident. The
suggested patch fails hard when the originating network namespace exits
before the target network namespace, and I would contend that is a
fundamentally hard problem and will lead to complicated code. Finally I
don't see what is gained by changing the current semantics.
Eric
next prev parent reply other threads:[~2011-02-27 9:02 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-02-26 16:59 netns: Issues with deleting virtual interfaces during namespace cleanup Ward, David - 0663 - MITLL
[not found] ` <4D69316F.4000606-OVIABD91gjs3uPMLIKxrzw@public.gmane.org>
2011-02-26 22:32 ` Daniel Lezcano
[not found] ` <4D697F6A.9000907@free.fr>
[not found] ` <4D697F6A.9000907-GANU6spQydw@public.gmane.org>
2011-02-27 5:16 ` Renato Westphal
[not found] ` <AANLkTinQQHKiujHNet07kbK5eqYvp6-2iBnn27v2-85+-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2011-02-27 9:02 ` Eric W. Biederman [this message]
2011-02-27 9:19 ` Daniel Lezcano
[not found] ` <4D6A1726.1010400@free.fr>
[not found] ` <4D6A1726.1010400-GANU6spQydw@public.gmane.org>
2011-02-27 15:28 ` Renato Westphal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m18vx197ew.fsf@fess.ebiederm.org \
--to=ebiederm-as9lmozglivwk0htik3j/w@public.gmane.org \
--cc=Lxc-users-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=david.ward-OVIABD91gjs3uPMLIKxrzw@public.gmane.org \
--cc=renatowestphal-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.