On Sat, Apr 14, 2007 at 10:51:31AM +0200, Benny Amorsen wrote: > >>>>> "DHZ" == Daniel Hokka Zakrisson <[EMAIL PROTECTED]> writes: > > DHZ> Albert Mak (almak) wrote: > >> Is there any work done to make Vserver work with VRF? -Albert > > DHZ> Meaning multiple routing tables? That's already the recommended > DHZ> way to set different default routes for the guests. Works the > DHZ> same way they do in Linux. > > It would be very useful to be able to say that traffic from a > particular vserver needs to go through a particular routing table.
> Right now you have to match on IP address. that is what IP level isolation is about, separating networking by IPs ... > OpenVZ is nicer for this, because each guest gets its own routing > table which can be manipulated with the normal ip route ... commands. and as it uses a separate network stack for each guest, it also adds roughly twice the overhead to networking, and consumes more than twice the amount of resources ... > Even policy routing is supported. not everybody wants/needs virtualized network stacks, actually only a few, non ip based apps require it to work properly, but mainline will provide layer 2 virtualization (in addition to the layer 3 isolation Linux-VServer does) soon, and of course we will support that too ... so in the near future you can decide if you prefer to have a virtual network stack with significant overhead or just IP isolation with no measureable overhead ... best, Herbert > /Benny > > > _______________________________________________ > Vserver mailing list > [EMAIL PROTECTED] > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
