Quoting Krishna Vamsi-B22174 (avamsi@xxxxxxxxxxxxx): > > > Hi, > > I am a newbie to this list. Here is my use case , we have Loadable > Kernel Module which applies security to > the packets arriving from 1000 networks with overlap addresses. There > are 3 different user space process which handles > control traffic from these 1000 networks . > > Please let me know > > 1)How to create a Network Namespace Object ? clone(CLONE_NEWNET) > 2)How to delete a Network Namespace Object ? exit > 3)Can these 3 user space process see all the Network Namespace objects > created in the kernel ? No, network namespaces are fully isolated. A virtual nic can only exist in one network namespace, and physical nics can only exist in the initial network namespace. > If so, how can they access these objects? > 4)How to group 2-3 interfaces under a particular Network Namespace ? I don't understand the question, but you pass a veth endpoint into a network namespace using /sbin/ip link set veth1 netns $pid_in_other_netns > Is there any patch available to achieve the above use case ? You can use liblxc (available from lxc.sf.net) or libvirt-lxc (libvirt.org). -serge _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
