[patch 00/12] net namespace : L3 namespace - introduction
Daniel Lezcano
dlezcano at fr.ibm.com
Sat Jan 20 03:42:45 PST 2007
Herbert Poetzl wrote:
> On Fri, Jan 19, 2007 at 04:47:14PM +0100, dlezcano at fr.ibm.com wrote:
>> This patchset provide a network isolation similar at what
>> Linux-Vserver provides. It is based on the L2 namespaces and relies on
>> the mechanisms provided by the namespace. This L3 namespaces does not
>> aim to bring full virtualization for the network, it provides an IP
>> isolation which can be reused for Linux-Vserver, jailed application or
>> application containers.
>>
>> A L3 namespace are always L2 s' childs and they can not create more
>> network namespaces, furthermore, they lose their NET_ADMIN
>> capability. They share their parent's network ressources. From the
>> parent namespace, IP addresses are created and assigned to the
>> different L3 childs. From this point, L3 namespaces can use their
>> assigned IP address and all computed broadcast addresses.
> ~~~~~~~~~~~~~~~~~~~
>
> okay, I conclude that this only handles a single address
> for now. what are your plans to handle entire sets?
>
You can assign more than one IP address to a L3 network namespace.
More information about the Containers
mailing list