I am working on a service unit for a DHT crawler. For some reason, it doesn't work well with the default network settings because it seems to use a huge amount of traffic for a very small amount of findings. The same program works fine via docker, but I want to package it as a hardened systemd unit. A difference between the network layout in Docker and the host is that Docker only exposes the "lo" interface and an upstream one, and the host exposes everything and I think it's causing some kind of conflict. How can I implement this Docker behaviour in systemd? I tried using PrivateNetwork but it kills any Internet access because only localhost is available. Is there any not so well known feature to implement this? I am running systemd 251.7 on NixOS. I already have experience converting systemd stuff to the way the NixOS module system understands. Thanks in advance
[Question] How to make services only see only one external network interface and loopback
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: [Question] How to make services only see only one external network interface and loopback
- From: Lucas Eduardo <lucas59356@xxxxxxxxx>
- Date: Tue, 17 Jan 2023 17:03:42 -0300
- Follow-Ups:
- Prev by Date: networkd: Link local static IP address behind NAT
- Next by Date: mkosi Unable to locate embedded .linux section: Load Error
- Previous by thread: networkd: Link local static IP address behind NAT
- Next by thread: Re: [Question] How to make services only see only one external network interface and loopback
- Index(es):
 |