On Mon, 2010-02-22 at 12:46 -0800, Eric W. Biederman wrote: > jamal <hadi@xxxxxxxxxx> writes: > > This is one of the long standing issues that we have always known > we needed to solve, but have not taken the time to do it. Now that > the need is more real it looks about time to solve this one. > > There are currently two problems. > 1) A process is needed to hold a reference to the network namespace. > 2) We use pids which are an awkward way of talking about network > namespaces. > > The solution I have been playing with involves. > - Using a file descriptor to refer to a network namespace. > - Using a trivial virtual filesystem to persistently hold onto > a namespace without the need of a process. > - Have a convention of mounting the fs at something like > /var/run/netns/<name> > I didnt quiet follow how i could use the above to do: "ip ns <name/id> route add blah" from namespace0. I tend to think in packets and wires instead of files; How about just allowing a "control" channel from which i could discover the namespace? Example, assuming i have the right permissions: 1) listen to async events example on a multicast bus when a namespace is created or destroyed. Provide me a little more info on the created namespace such as its pid, name(?), types of namespace, etc 2) send a query to dump existing namespace or query by name, id etc. I get the same details as above. using genetlink should provide you with sufficient ability to do this. cheers, jamal -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
