On 08/15/2011 10:58 PM, Matthijs Kooijman wrote: > Hey folks, > > Here's a small patch series that allows setting up a gateway inside a > container. Two modes are supported: Defining a static address in > lxc.conf, or taking the configured address from the bridge (link) > interface and using that as a gateway. > > The latter is usefule when a number of containers are bridged together > without being bridged into a physical network (instead relying on the > host to do routing or NAT for the containers). > > The first patch enables the static gateway setup and should be pretty > straightforward. > > The second patch enables automatic gateway setup. To get this working, > I needed to get the IP address from the bridge interface. This uses the > netlink interface, but unlike all other netlink code so far actually > uses the reply. Furthermore, netlink does not support filtering at the > kernel end, so the RTM_GETADDR message requests _all_ configured > addresses. The addresses are returned one per reply message, which are > then filtered to find the right address. > > This requires some complicated code to loop over the reply messages and > repeatedly receive more messages in case the buffer wasn't big enough > the first time (emperical evidence suggests a second receive is needed > when aroudn 100 ipv4 addresses are configured). > > I suspect that the code could be made a bit more elegant if the > functions in nl.c would support returning multiple messsages and/or > multiple receives for a single request. In particular, I found a piece > of code in netlink_rcv, for which I couldn't figure out what it was > supposed to do, or how it would interact with a multiple reply and/or > multipe receive scenario: > > if (msg.msg_flags & MSG_TRUNC && > ret == answer->nlmsghdr.nlmsg_len) > return -EMSGSIZE; > > Any hints?
Matthis, that's excellent ! Good work ! Yeah, I think I did not take care of supporting multiple messages with netlink as it was not needed. But in your case, I think that would be worth to support it now :) Thanks ! -- Daniel ------------------------------------------------------------------------------ uberSVN's rich system and user administration capabilities and model configuration take the hassle out of deploying and managing Subversion and the tools developers use with it. Learn more about uberSVN and get a free download at: http://p.sf.net/sfu/wandisco-dev2dev _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
