[Users] virtual networking inside containers

Tom D. Davidson me at tomdavidson.org
Fri Nov 13 17:56:46 EST 2009


>
> http://wiki.openvz.org/VPN_via_the_TUN/TAP_device
>
The wiki does not address configuration of the TUN/TAP device.  I have used
such on non-containers with out problems, but my container's
/etc/network/interfaces file is auto generated and there is a comment to use
an interfaces.template file. No file exist and when i created one it broke
the networking.


If you don't have root access to the host node, you'll need to get help from
> your provider... assuming they'd allow it in the first place.
>
The provider claims it is enabled and will not provide support. One tech did
tell me to go a head and make the changes in /etc/network/interfaces ... but
that didnt work.

Im switching VPS providers if anyone cares to see the reason and support
ticket notes or is thinking of doing business with burst.net, check out
http://pastebin.com/f71183c17 But I still need to find out if my next
provider can be use OpenVZ or not.

By the wiki page I would assume that configuring a TAP device would be
virtually identical as on any other GNU/Linux machine? Outside of need host
root to enable TAP/TUN is their anything else that would deviate from a
non-virtualized host?

Regarding running QEMU, that's another form of virtualization and I'm not
> sure how difficult that would be to run inside of a container.
>  Conceptually, you'd not want to run another form of virtualization inside
> of a container...

I am aware of the implications. Thank yo for making sure. I just want to run
an openwrt vm as my personal vpn service and what not... 3-5 megs of traffic
max with 32 megs ram....


> but it might work unless qemu needs special devices or direct device
> access.

One can use Qemu with out kernel drivers. Does not preform as well, but
works fine, again, my performance need is small. On my local host, i created
a TAP device and a bridge. When I run the qemu vm attached to the bridge
with TAP i can get a routeable IP address off my network. It sounds like I
will have to do this with out a bridge, but first I want to fig out the
configuration issues I am having with TAP/TUN in my container.

-tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://openvz.org/pipermail/users/attachments/20091113/9446ee0d/attachment.html


More information about the Users mailing list