On Wed, Sep 24, 2014 at 2:23 AM, Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx> wrote: > Le 23/09/2014 21:22, Cong Wang a écrit : > >> On Tue, Sep 23, 2014 at 6:20 AM, Nicolas Dichtel >> <nicolas.dichtel@xxxxxxxxx> wrote: >>> >>> >>> Here is a small screenshot to show how it can be used by userland: >>> $ ip netns add foo >>> $ ip netns del foo >>> $ ip netns >>> $ touch /var/run/netns/init_net >>> $ mount --bind /proc/1/ns/net /var/run/netns/init_net >>> $ ip netns add foo >>> $ ip netns >>> foo (id: 3) >>> init_net (id: 1) >>> $ ip netns exec foo ip netns >>> foo (id: 3) >>> init_net (id: 1) >>> $ ip netns exec foo ip link add ipip1 link-netnsid 1 type ipip remote >>> 10.16.0.121 local 10.16.0.249 >>> $ ip netns exec foo ip l ls ipip1 >>> 6: ipip1@NONE: <POINTOPOINT,NOARP> mtu 1480 qdisc noop state DOWN mode >>> DEFAULT group default >>> link/ipip 10.16.0.249 peer 10.16.0.121 link-netnsid 1 >>> >>> The parameter link-netnsid shows us where the interface sends and >>> receives >>> packets (and thus we know where encapsulated addresses are set). >>> >> >> So ipip1 is shown in netns foo but functioning in netns init_net? Getting >> the >> id of init_net in foo depends on your mount namespace, /var/run/netns/ may >> not visible inside foo, in this case, link-netnsid is meaningless. It >> is not your >> fault, network namespace already heavily relies on mount namespace (sysfs >> needs to be remount otherwise you can not create device with the same >> name.) >> >> On the other hand, what's the problem you are trying to solve? AFAIK, >> the ifindex >> issue is purely in output, IOW, the device still functions correctly >> even through >> its link ifindex is not correct after moving to another namespace. If >> not, it is bug >> we need to fix. >> > The problem is explained here: > http://thread.gmane.org/gmane.linux.network/315933/focus=316064 > and here: > http://thread.gmane.org/gmane.linux.kernel.containers/28301/focus=4239 > Please, summarize the discussion in your changelog, instead of pointing to a long thread. And clearly you missed my question above: how do you get netns id without sharing /var/run/netns/ ? -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
