From: "Serge E. Hallyn" <serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
To: Andreas B Aaen <andreas.aaen-546VmZ+UeKYX2WXlbB3fKg@public.gmane.org>
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
Subject: Re: [PATCH 0/6] netns: add linux-vrf features via network namespaces
Date: Thu, 30 Oct 2008 10:03:04 -0500 [thread overview]
Message-ID: <20081030150304.GC15099@us.ibm.com> (raw)
In-Reply-To: <200810301538.08032.andreas.aaen-546VmZ+UeKYX2WXlbB3fKg@public.gmane.org>
Quoting Andreas B Aaen (andreas.aaen-546VmZ+UeKYX2WXlbB3fKg@public.gmane.org):
> Hi,
>
> On Thursday 30 October 2008 14:05, Vivien Chappelier wrote:
> > The recently introduced network namespaces allow separate standalone
> > network stacks to coexist on the same machine. This is a very useful
> > functionality that we have been needing and using in our products for
> > some time, through the VRF ptchset (http://linux-vrf.sourceforge.net/).
> > The goal of the VRF patchset and network namespaces are very similar,
> > yet some features of the VRF are missing that these patches intend to
> > provide.
>
> I have worked with a similar patchset. the goal was to be able to terminate
> traffic from different IPv4 nets with possible overlapping IP addresses. You
> should be able to communicate with all IPv4 nets from the same process.
>
> > The network namespaces are currently tied to a process, and
> > referenced by its pid. However, a networking stack has no particular
> > reason to be associated with any process and it should be possible to
> > use and setup additional networking stacks without the need to clone()
>
> Right.
>
> > or unshare(). The initial version of the "Coexist with the sysfs
> > limitations" patches by Benjamin Thery introduced the notion of a unique
> > network namespace identifier (nsid) that is perfectly fit for the
> > purpose of referencing networking stacks independently of any process.
> > The first two patches of his set are therefore reused here to identify
> > networking stacks.
>
> I have proposed such a global namespace before on this list, but no one seemed
> interested.
Eric in particular is opposed to any "nsid" because it introduces yet
another namespace to worry about at checkpoint/restart. A reasonable
concern.
There was quite a bit of talk at the containers mini-summit about
creating a minimal filesystem to represent the namespaces. (See
http://wiki.openvz.org/Containers/Mini-summit_2008_notes for the notes,
but they're not particularly helpful on their own).
Eric, if you have a moment, could you recap your proposal?
thanks,
-serge
next prev parent reply other threads:[~2008-10-30 15:03 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-10-30 13:05 [PATCH 0/6] netns: add linux-vrf features via network namespaces Vivien Chappelier
[not found] ` <4909B10A.8090403-L+G57L1VLRbR7s880joybQ@public.gmane.org>
2008-10-30 14:38 ` Andreas B Aaen
[not found] ` <200810301538.08032.andreas.aaen-546VmZ+UeKYX2WXlbB3fKg@public.gmane.org>
2008-10-30 15:03 ` Serge E. Hallyn [this message]
2008-10-30 16:20 ` Vivien Chappelier
[not found] ` <4909DEC8.9090102-L+G57L1VLRbR7s880joybQ@public.gmane.org>
2008-10-30 23:07 ` Eric W. Biederman
[not found] ` <m14p2tznoz.fsf-B27657KtZYmhTnVgQlOflh2eb7JE58TQ@public.gmane.org>
2008-10-31 9:46 ` Andreas B Aaen
[not found] ` <200810311046.17506.andreas.aaen-546VmZ+UeKYX2WXlbB3fKg@public.gmane.org>
2008-10-31 14:17 ` Daniel Lezcano
[not found] ` <490B1384.7030001-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>
2008-10-31 18:59 ` Eric W. Biederman
[not found] ` <m1zlkksi91.fsf-B27657KtZYmhTnVgQlOflh2eb7JE58TQ@public.gmane.org>
2008-10-31 19:32 ` Eric W. Biederman
[not found] ` <m13aicsgr2.fsf-B27657KtZYmhTnVgQlOflh2eb7JE58TQ@public.gmane.org>
2008-10-31 20:48 ` Daniel Lezcano
[not found] ` <490B6F19.4060206-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>
2008-10-31 23:10 ` Eric W. Biederman
2008-10-31 18:43 ` Eric W. Biederman
2009-03-25 18:21 ` Bruce Jones
-- strict thread matches above, loose matches on Subject: below --
2009-04-15 3:14 Krishna Vamsi-B22174
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081030150304.GC15099@us.ibm.com \
--to=serue-r/jw6+rmf7hqt0dzr+alfa@public.gmane.org \
--cc=andreas.aaen-546VmZ+UeKYX2WXlbB3fKg@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox