From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Mon 06 Dec 2004 - 22:22:02 GMT
On Mon, Dec 06, 2004 at 05:17:09PM -0600, Serge Hallyn wrote:
> I've been looking at the linux-vserver (1.90+) implementation of network
> controls. I really like it, and would like to implement that part as a
> patch to do network namespaces, akin to the fs namespaces which
> currently exist. If this were accepted into the kernel, vservers could
> still use them, but they could simply be set up at clone(2) time by any
> process with the right privileges.
hmm, I guess you are referring to the 'limitations'
imposed on the network 'bind' (and friends) operations
(which limits them to a subset of the ip ranges)
> Do you guys have any comments on this?
> Does it seem like a bad idea in general?
well, it has certain limitations, and the current
linux-vserver ngnet (next generation networking) is
trying to overcome those limitation, by basically
providing high (ideally full speed) virtualized
network interfaces ...
> Herbert, this is your code (I believe), and while I realize
while the current code is 80% mine the basic idea
for the networking stuff goes back to Jackques ..
> the license says I can use it, would you be offended by something like
I would say everybody is fine with using that code
for other projects, as long as the GPL is honored
> There is also the linux-vrf project, which does something similar. But
> it actually seems a bit more limited, ie a network device can't be
> shared by multiple vrf's.
as usual, it would make sense to share resources
and combine effords ... so if there is really
interest in 'mainline' virtualized networking then
this would be definitely a way to go ...
> Let me know what you think,
please keep me updated
> Serge Hallyn <serue_at_us.ibm.com>
Vserver mailing list