Thank you for your response. Let me explain my requirements more, and in this context, i would like to know your response. A reverse web and applications proxy is the user space application that we are virtualizing using network namespace and LXC. Local apache server and other apps are accessed through several sockets on 127.0.0.1 now and this has to be virtualized. The proxy under each LXC must handle hundreds of proxied sessions. The socket connections to local web and other apps server are dynamic, and corresponds to the dynamic external proxy sessions, and these can not be created upfront. I posted two other questions also, for which i never got a response from this list. 1. Can i have netfilter/iptables rules corresponding to each container, that has overlapping IP address space? In other words, are netfilter/iptables rules handling virtualized as part of network namespace. Some preliminary tests seem to work. How do i know the development or proper release status on this feature? 2. Can the /dev/tun based PPP interface be part of a container? Like veth or macvlan what is the type for this? Looking forwards for your suggestions and the options i have for these needs using LXC/namespace, as of 2.6.29. Do you still think i can avoid the relay daemon? Your clear answers on these will be appreciated. Thanks in advance. regards, Elwin. On Sat, Apr 25, 2009 at 11:51 AM, Eric W. Biederman <ebiederm@xxxxxxxxxxxx>wrote: > Elwin Stelzer Eliazer <stelzere@xxxxxxxxx> writes: > > > Can you explain your answer more on what you refer as "pass in the > socket"? > > To my understanding, apache listens only on TCP/IP sockets. > > I don't know your entire workflow, and I wasn't talking about modifying > apache. > > However it is possible to pass sockets between network namespaces if you > do the proper things when you set them up at the beginning. So instead > of a relay daemon you could open the socket you will use to talk to > apache and pass it to your application, over a unix domain socket, > or if you can possible at the creation of the network namespace. > > Eric > _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
