[Devel] Re: strict isolation of net interfaces
Daniel Lezcano
dlezcano at fr.ibm.com
Tue Jul 4 05:29:28 PDT 2006
Andrey Savochkin wrote:
>
> I still can't completely understand your direction of thoughts.
> Could you elaborate on IP address assignment in your diagram, please? For
> example, guest0 wants 127.0.0.1 and 192.168.0.1 addresses on its lo
> interface, and 10.1.1.1 on its eth0 interface.
> Does this diagram assume any local IP addresses on v* interfaces in the
> "host"?
>
> And the second question.
> Are vlo0, veth0, etc. devices supposed to have hard_xmit routines?
Andrey,
some people are interested by a network full isolation/virtualization
like you did with the layer 2 isolation and some other people are
interested by a light network isolation done at the layer 3. This one is
intended to implement "application container" aka "lightweight container".
In the case of a layer 3 isolation, the network interface is not totally
isolated and the debate here is to find a way to have something
intuitive to manage the network devices.
IHMO, all the discussion we had convinced me of the needs to have the
possibility to choose between a layer 2 or a layer 3 isolation.
If it is ok for you, we can collaborate to merge the two solutions in
one. I will focus on layer 3 isolation and you on the layer 2.
Regards
- Daniel
More information about the Devel
mailing list