Hello Jacques, Wednesday, December 04, 2002, 8:08:21 AM, you wrote:
JG> Yes. An application making a connection is allowed to use bind before the connect JG> to select the source IP and the source port. Otherwise, it is selected on the fly JG> by connect() based on the routing table. >> > It would be possible for the kernel to select on IP in the IPROOT based on >> > netmask and find the closest to the target address, so if you kind of bind >> >> Hmm, isn't this how it normally works, using the routing tables? If so, >> can't vserver just use that, and therefore just do the Right Thing? JG> Yes, this is the idea. But a vserver is tied to a precise IP list and is not allowed to JG> use anything else. So what will be found using the routing table may or may not JG> be usable, in which case, the vserver will default to use its first IPROOT address. For correctly work not need per context routing table enough make field ctx_id in current key routing table. It way is better because VPS box have many routings entries but (src/dst) has unique value. For strong check, I also control context identifier for routing entry. In that case net_device and socket`s structures be have "context id" member for select context for use. It's first part. But user if put interface in promic mode can see all packets in that interface. Other alternative write "dump" network driver similar vlan driver but not insert vlan id in packets. It's second part my plan. Jacobs: may be merge 2 projects? In that month I planning make virtually interfaces and routing tables, but problem per context loopback no examination my. -- Best regards, Lyashkov mailto:[EMAIL PROTECTED]
