GR> I have tried something similar, only with GR> CLONE_FILES|CLONE_FS|CLONE_VM|CLONE_NEWNET, and actually creating GR> a virtual interface and controlling socket or thread in each new GR> network namespace. My initial test was to create a veth pair and move one end into the namespace during create. That failed in the same way, so I took the veth's out of the equation with the posted test. GR> This scales to a couple of thousand interfaces, though interface GR> creation takes a long time if more than 1,000 interfaces or so are GR> created. Yeah, just creating a bunch of pairs starts to slow down after a hundred veth's or so. I think that for thousands of network namespaces, things would be pretty painful. GR> I can send you the code if you like. I'd like to see it. Thanks! -- Dan Smith IBM Linux Technology Center email: danms@xxxxxxxxxx _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
