[Users] Suggestion for a new parameter: PRIMARY_IP

Marcin Owsiany marcin at owsiany.pl
Sun Dec 14 10:43:47 EST 2008 

Hello,

Any process running in a CT that does not explicitly bind() to a
specific address, will have the local endpoint address set to the first
one in IP_ADDRESS from the CT configuration. [1]

This is fine, but this first address in IP_ADDRESS is also used together
with the value of HOSTNAME, to set up the host's entry in /etc/hosts

The problem is: I would like these two addresses to be different, in
some of my CTs (basically I would like outgoing connections to bind to
an externally-routable address by default if such is available in given
CT, but consistently have an internal unroutable IP in /etc/hosts).
This is currently not possible, barring some nasty, incompatible kludges
to the ip_add script.

My suggestion is to add another optional configuration parameter, called
for example PRIMARY_IP, that, _if_specified_, would be used with
HOSTNAME to set up the /etc/hosts entry. If it's not specified, then the
first address from IP_ADDRESS would be used, as usual.

If you think it's a good idea, I'd be happy to provide a patch to
implement that. Also please let me know if you have any other ideas to
solve this problem.

regards,
-- 
Marcin Owsiany <marcin at owsiany.pl>              http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216  FE67 DA2D 0ACA FC5E 3F75  D6F6 3A0D 8AA0 60F4 1216
 
"Every program in development at MIT expands until it can read mail."
                                                              -- Unknown

Footnotes:
1. This is because when a process calls bind() with INADDR_ANY (or
equivalently does not call bind() at all) before making an outgoing
connection, then during connect() the Linux kernel:
 - chooses the network interface according to the routing table (which
   is usually venet0 in case of a OpenVZ CT)
 - finds the _first_ address on that interface which matches (according
   to the usual addr/netmask semantics) the destination address. This
   rarely happens in a CT, because the netmask is a /32
 - if no address matches, then it simply chooses the first non-secondary
   address - see FIB_RES_PREFSRC macro and inet_select_addr function
 - binds the socket to that address

More information about the Users mailing list