From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Thu 02 Dec 2004 - 17:22:39 GMT
It took a while (and we did a lot of other useful
stuff in the meantime) until the next step in linux
vserver networking has reached a point where it
can be considered a path into the future ...
what it needs now is various help with testing and
fixing issues (which will be there, no doubt), so
everyone who is interested in helping out, please
let us know ...
here are some changes which are already part of
(or at least prepared) for the next generation
networking (NGNET) code ...
- virtual and isolated interfaces
- loopback virtualization and isolation
- separated routing tables and routes
- improved local address recognition
- iptables supported vnet matching
- hot network redirection (failsafe)
- isolated ppp and tun devices
- support for ipv6 on host and vservers
It took some time to figure methods to make it
possible _without_ sacrificing performance, and
it probably will take some time until it can be
considered stable at all ...
how you can help:
- there is a 'legacy' config (at compiletime)
it needs some testing with current setups
(to ensure that nothing is broken with it)
- testing the ngnet stuff and reporting issues
and of course requesting new features ;)
planned for later is:
- a solution for iptables inside vservers
- network and bandwidth quotas
what will be the benefit, when it is done and
working as expected?
- distros will be allowed to up/down their
- network 'debugging' from inside the vserver
should be possible
- ipv6 and vpn inside vservers
what are the drawbacks?
- will probably need some changes in existing
vservers to work properly (maybe this can be
handled by util-vserver similar to the legacy
- new code, new tools, new bugs ...
Vserver mailing list