vserver development mailing list: Re: virtual server routing table

Re: virtual server routing table:
vserver development mailing list
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

About this list	Date view	Thread view	Subject view	Author view	Attachment view

From: Rik van Riel (riel_at_conectiva.com.br)
Date: Wed 07 Nov 2001 - 13:35:17 GMT

Next message: Luc Stepniewski: "Question about seeing other bindings"
Previous message: Sam Vilain: "Re: virtual server routing table"
In reply to: Sam Vilain: "Re: virtual server routing table"

On Wed, 7 Nov 2001, Sam Vilain wrote:

> An interesting point.
>
> What you want is something like chroot() for the networking stack.
> Maybe the iptables infrastructure has room for this.
>
> Can't you do what you want by simply using two default routes?

No need for things like that. Linux already supports
multiple routing tables and it is trivial to setup
routing in something like the following way, where
"SCTX" is security context.

HOST: 10.0.1.1 default routing table
SCTX 3: 10.0.1.3 routing table 3

This can be setup in something roughly like the
following way:

ip rule add from 10.0.1.3 table 3
ip route add default via <gateway> table 3

regards,

Rik

-- DMCA, SSSCA, W3C? Who cares? http://thefreeworld.net/

http://www.surriel.com/ http://distro.conectiva.com/

Next message: Luc Stepniewski: "Question about seeing other bindings"
Previous message: Sam Vilain: "Re: virtual server routing table"
In reply to: Sam Vilain: "Re: virtual server routing table"

About this list	Date view	Thread view	Subject view	Author view	Attachment view

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 06 Nov 2002 - 07:03:38 GMT by hypermail 2.1.3