From: Jacques Gelinas (jack_at_solucorp.qc.ca)
Date: Wed 18 Sep 2002 - 22:24:30 BST

• Next message: Lars Braeuer: "Re: [vserver] SuSE init script problem solved"
• Previous message: Sam Vilain: "Re: [vserver] More that 16 IPs per vserver ?"

On Mon, 16 Sep 2002 22:49:52 -0500, takashi wrote
> Hello
> I have play inside the kernel patch to see if it is possible to unlock the ip restriction
> set to 16.
> I have changed the code to 64and it work but i don't know if there is any security
> that may be perform by doing that.
> Maybe Jack can answer about this subject

No, no security issue. The limit to 16 was simply because 16*4 = 64, which kind
of fit a cpu cache line. But the current implement do not make use of this
information often. Merely for the bind system call, which is seldom used (generally
only when a service starts).

So moving to a larger value is not bad. By playing smart, we could do some
as needed allocation and handle any value.

---------------------------------------------------------
Jacques Gelinas <jack_at_solucorp.qc.ca>
vserver: run general purpose virtual servers on one box, full speed!
http://www.solucorp.qc.ca/miscprj/s_context.hc

• Next message: Lars Braeuer: "Re: [vserver] SuSE init script problem solved"
• Previous message: Sam Vilain: "Re: [vserver] More that 16 IPs per vserver ?"