David Ahern <lxhacker68@xxxxxxxxx> writes: > On 9/26/14, 7:40 AM, Nicolas Dichtel wrote: >>> >>> >>> No, I don't want to monitor anything. Even if I wanted, I would just >>> start one >>> daemon in each netns instead of one for all. >> Ok you don't want, but some other people (not only me) want it! And >> having one >> daemon per netns does not scale: there are scenarii with thousand netns >> which >> are dynamically created and deleted. > > An example of the scaling problem using quagga (old but still seems to be a > relevant data point): > > > https://lists.quagga.net/pipermail/quagga-users/2010-February/011351.html > > "2k VRFs that would be 2.6G" > > And that does not include the overhead of each namespace -- roughly > 200kB/namespace on one kernel I checked (v3.10). So that's a ballpark of 3G of > memory. Resetting the conversation just a little bit. When I wrote the "ip netns" support I never expected that all applications would want to run in a specific network namespace. All that is needed is one socket per network namespace. Furthermore one socket or one procesess per network namespaces is completely orthogonal to the patches presented. I do not see a identifying where the far end of a veth pair or similar set of networking objects as anything that even closely resembles a path to a using only a single socket. So I think this whole subthread is quite silly and grossly off track. Eric -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
