On Wed, Sep 20, 2017 at 8:29 PM, Cong Wang <xiyou.wangc...@gmail.com> wrote: > Sounds like we should set NETIF_F_NETNS_LOCAL for tun > device.
Absolutely do not do this under any circumstances. This would be a regression and would break API compatibility. As I wrote in my first email, it's already possible to sleep-loop for that information using the tun device's fd; I'm just looking for a better event-based approach. > What is your legitimate use case of send/receive packet to/from > a tun device in a different netns? Because sometimes it's very nice to be able to move network interfaces that use tun devices into different namespaces, for some xnamespace proxying. What Dan described in the email he just sent is exactly this use case. In WireGuard (a kernel thing), I have facilities for this -- https://www.wireguard.com/netns/ . Now I'm working on the userspace version and would like to expose the same utility. Anyway, the purpose of me sending this message to the list was not to question the "legitimacy" of my application usage, but rather to elicit feedback on two specific things: 1. to determine if there's already a mechanism in place for this that I've overlooked; and 2. to determine particularities of me implementing a mechanism, if it's not already there. I'm slightly more convinced that there isn't currently a mechanism for this. It seems like the easiest way, therefore, would be some kind of control message that could be poll'd for, using the existing per-process fd. That way there wouldn't be any violations of the current namespace situation, yet processes could still get event notifications as needed.
