On Fri, Jan 09, 2009 at 10:12:24AM -0800, Dan Smith wrote: > GR> I have tried something similar, only with > GR> CLONE_FILES|CLONE_FS|CLONE_VM|CLONE_NEWNET, and actually creating > GR> a virtual interface and controlling socket or thread in each new > GR> network namespace. > > My initial test was to create a veth pair and move one end into the > namespace during create. That failed in the same way, so I took the > veth's out of the equation with the posted test. > > GR> This scales to a couple of thousand interfaces, though interface > GR> creation takes a long time if more than 1,000 interfaces or so are > GR> created. > This is at least to some degree due to the problems I mentioned earlier. Enhancing the kernel name hash and the sysfs implementation improves performance a lot. > Yeah, just creating a bunch of pairs starts to slow down after a > hundred veth's or so. I think that for thousands of network > namespaces, things would be pretty painful. > > GR> I can send you the code if you like. > > I'd like to see it. > See attached. I used the "ctx" module in the attached code to create interfaces, so you'll have to compile and insmod it if you want to create interfaces. Guenter
Attachment:
netclone.tar.gz
Description: Binary data
_______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
