[Devel] Re: VRF-like use of Network Namespaces
Mathieu Peresse
mathieu.peresse at gmail.com
Tue Jun 8 14:49:18 PDT 2010
I want to be able to type say: "ip vrf add vrf_name" to create a persisting
network namespace, and then be able to add a net device to this namespace
"ip link add dev tun0 vrf vrf_name" and then add a route to a subnet in this
namespace using e.g. "ip route add 192.168.1.0/24 dev tun0 vrf vrf_name"
I believe i can patch iproute2 (providing the 'ip' config utility) to use
setns() and unshare() to add new namespaces and configure interfaces and
routing in namespace ?
I will look more into it tomorrow :)
Thanks a lot for this awesome work anyways !
mathieu.
On Tue, Jun 8, 2010 at 11:06 PM, Daniel Lezcano <daniel.lezcano at free.fr>wrote:
> On 06/08/2010 07:12 PM, Mathieu Peresse wrote:
>
>> Looks good, thanks ! Has anyone worked to make 'ip' use these facilities ?
>>
>> If I understand correctly, from a network resource configuration
>> perspective:
>>
>> - Creating a persisting namespace ('VRF') is equivalent to: create a
>> namespace (using clone()), which creates a proc entry for that namespace,
>> and then bind mount the file so that it stays open.
>>
>>
>
> From the same process, unshare (using unshare()), open /proc/self/ns/net,
> store the fd, unshare again, open /proc/self/ns/net, store the fd, ...
> A single process handles by this way several network namespaces.
>
> To switch from one namespace to another, just use the setns syscall.
>
> Well this is one example to use it, AFAIK you are looking for this very
> specific usage no ?
>
> Thanks
> -- Daniel
>
>
>
--
a+
mathieu
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list