Sam Vilain wrote:
Daniel Lezcano wrote:
If it is ok for you, we can collaborate to merge the two solutions in
one. I will focus on layer 3 isolation and you on the layer 2.
So, you're writing a LSM module or adapting the BSD Jail LSM, right? :)
Sam.
No. I am adapting a prototype of networ
Daniel Lezcano wrote:
>
> If it is ok for you, we can collaborate to merge the two solutions in
> one. I will focus on layer 3 isolation and you on the layer 2.
So, you're writing a LSM module or adapting the BSD Jail LSM, right? :)
Sam.
-
To unsubscribe from this list: send the line "unsubscrib
Andrey Savochkin wrote:
I still can't completely understand your direction of thoughts.
Could you elaborate on IP address assignment in your diagram, please? For
example, guest0 wants 127.0.0.1 and 192.168.0.1 addresses on its lo
interface, and 10.1.1.1 on its eth0 interface.
Does this diagram
Andrey Savochkin wrote:
>> Why special case loopback?
>>
>> Why not:
>>
>> host | guest 0 | guest 1 | guest2
>> --+---+---+--
>> | | | |
>> |-> lo | | |
>
Sam, Serge, Cedric,
On Fri, Jun 30, 2006 at 02:49:05PM +1200, Sam Vilain wrote:
> Serge E. Hallyn wrote:
> > The last one in your diagram confuses me - why foo0:1? I would
> > have thought it'd be
> >
> > host | guest 0 | guest 1 | guest2
> > --+-
On Fri, Jun 30, 2006 at 10:56:13AM +0200, Cedric Le Goater wrote:
> Serge E. Hallyn wrote:
> >
> > The last one in your diagram confuses me - why foo0:1? I would
> > have thought it'd be
>
> just thinking aloud. I thought that any kind/type of interface could be
> mapped from host to guest.
>
>
Daniel Lezcano <[EMAIL PROTECTED]> writes:
> Serge E. Hallyn wrote:
>> Quoting Cedric Le Goater ([EMAIL PROTECTED]):
>>
>>>we could work on virtualizing the net interfaces in the host, map them to
>>>eth0 or something in the guest and let the guest handle upper network layers
>>>?
>>>
>>>lo0 woul
Daniel Lezcano <[EMAIL PROTECTED]> writes:
> Eric W. Biederman wrote:
>> Daniel Lezcano <[EMAIL PROTECTED]> writes:
>>
>>>Serge E. Hallyn wrote:
>>>
Quoting Cedric Le Goater ([EMAIL PROTECTED]):
>we could work on virtualizing the net interfaces in the host, map them to
>eth0
"Serge E. Hallyn" <[EMAIL PROTECTED]> writes:
> Quoting Eric W. Biederman ([EMAIL PROTECTED]):
>> This whole debate on network devices show up in multiple network namespaces
>> is just silly. The only reason for wanting that appears to be better
> management.
>
> A damned good reason.
Better m
Quoting Eric W. Biederman ([EMAIL PROTECTED]):
> This whole debate on network devices show up in multiple network namespaces
> is just silly. The only reason for wanting that appears to be better
> management.
A damned good reason. Clearly we want the parent namespace to be able
to control what
Eric W. Biederman wrote:
Daniel Lezcano <[EMAIL PROTECTED]> writes:
Serge E. Hallyn wrote:
Quoting Cedric Le Goater ([EMAIL PROTECTED]):
we could work on virtualizing the net interfaces in the host, map them to
eth0 or something in the guest and let the guest handle upper network layers ?
Daniel Lezcano <[EMAIL PROTECTED]> writes:
> Serge E. Hallyn wrote:
>> Quoting Cedric Le Goater ([EMAIL PROTECTED]):
>>
>>>we could work on virtualizing the net interfaces in the host, map them to
>>>eth0 or something in the guest and let the guest handle upper network layers
>>>?
>>>
>>>lo0 woul
Serge E. Hallyn wrote:
Quoting Cedric Le Goater ([EMAIL PROTECTED]):
we could work on virtualizing the net interfaces in the host, map them to
eth0 or something in the guest and let the guest handle upper network layers ?
lo0 would just be exposed relying on skbuff tagging to discriminate traf
Serge E. Hallyn wrote:
>
> The last one in your diagram confuses me - why foo0:1? I would
> have thought it'd be
just thinking aloud. I thought that any kind/type of interface could be
mapped from host to guest.
> host | guest 0 | guest 1 | guest2
> --+
Serge E. Hallyn wrote:
> The last one in your diagram confuses me - why foo0:1? I would
> have thought it'd be
>
> host | guest 0 | guest 1 | guest2
> --+---+---+--
> | | | |
> |-> l0
Quoting Cedric Le Goater ([EMAIL PROTECTED]):
> Sam Vilain wrote:
> > jamal wrote:
> >>> note: personally I'm absolutely not against virtualizing
> >>> the device names so that each guest can have a separate
> >>> name space for devices, but there should be a way to
> >>> 'see' _and_ 'identify' the
Sam Vilain wrote:
> jamal wrote:
>>> note: personally I'm absolutely not against virtualizing
>>> the device names so that each guest can have a separate
>>> name space for devices, but there should be a way to
>>> 'see' _and_ 'identify' the interfaces from outside
>>> (i.e. host or spectator conte
17 matches
Mail list logo
