Hi, > I'm trying to get a feel. What kind of applications do you have for which > you are changing the default network namespace aka chvrf? > No problem to detail a bit more. We are working on products for telephony operators that generally need both a classical 'user' access to the internet and a priviledged 'services' access to the operator network. My first example is a cable modem (CM), IP phone (eMTA) and router. The DOCSIS and PacketCable standards require this product to have separate networks for each of these features, bridged together at the MAC level, so that it behaves exactly as three separate boxes from the operator's network point of view. So we have: - default network namespace '0' for the router and standard Linux applications that need internet access. - network namespace '1' for the CM - network namespace '2' for the eMTA - a bridge connecting the CM interface, eMTA interface and router WAN-side interface together Basically, the CM application is run in a chvrf context and performs its DHCP and TFTP requests on the operator network using the CM MAC address. The same way, the eMTA application is run in its own network for its DHCP, TFTP and all the VOIP related traffic (MGCP signaling and RTP voice traffic) using the eMTA MAC address. The CM network is also used for firmware upgrade. A second example is a product mixing an internet browser and a set top box-like access to the operator's TV network. In this case, the operator's network for internet and TV use separate VLANs and DHCP requests on each network may provide IP addresses in the same subnet. So in this case, one DHCP client and the TV player are run in chvrf context. I hope it clarifies our use case a bit more and why we need and use the VRF feature. regards, Vivien. _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers