From: Matt Ayres (matta_at_tektonic.net)
Date: Fri 27 Feb 2004 - 08:37:23 GMT
On Fri, 2004-02-27 at 03:34, Thomas Gelf wrote:
> Am Fre, den 27.02.2004 schrieb Alex Lyashkov um 09:11:
> > ÷ ðÔÎ, 27.02.2004, × 10:03, Thomas Gelf ÐÉÛÅÔ:
> > > is it possible to realize this?
> > > how much work would it be?
> > >
> > > the first part (tun/tap interface == virtual eth0 inside the vserver,
> > > bridge them to real eth0, allow CAP_NET_ADMIN for the visible interfaces
> > > only) should be no problem, what about per-context routing/firewalling?
> > >
> > VServer not have it.
>
> that's the reason why I posted this - something like that should be
> developed. my questions are:
>
> - is it realizable?
> - if not: why not?
> - how much work would it be?
FreeVPS (VServer branch) has this, so it is definitely possible. I
believe it took Alex quite a bit of work, but we could learn from his
implementation and perhaps improve upon it.
>
> probably stable vs shouldn't be modified that way, but what about kernel
> 2.6? a usable networking support is in my opinion an essential
> requirement for a vserver project - and at the moment the network
> inside a vserver "works", but there is still no real networking support.
I 100% agree, that's why it's on my wishlist :)
-- Matt Ayres <matta_at_tektonic.net> TekTonic_______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver