On Mon, 13.06.16 14:33, Egor M. (dsx+systemd-de...@droidnest.org) wrote: > Hello Lennart. > > I made more tests, it looks like networking controls are indeed properly > namespaced. > > I don't know what's PR means in this context, so can't make it.
I actually meant an issue, not a PR. https://github.com/systemd/systemd/issues/new > > On Fri, Jun 10, 2016 at 03:18:10PM +0200, Lennart Poettering wrote: > > On Thu, 09.06.16 17:11, Egor M. (dsx+systemd-de...@droidnest.org) wrote: > > > > > Hello. > > > > > > How to enable IPv6 forwarding in systemd-nspawn containers? I have a > > > container > > > with network-bridge (--network-bridge=br0). Despite of > > > net.ipv6.conf.all.forwarding value and corresponding interface values, > > > IPv6 > > > forwarding is still disabled inside container, while IPv4 forwarding > > > inherited > > > correctly from host system and works just fine. > > > > Hmm, did I grok this right, you want to enable IPv4 forwarding inside > > the container, so that the container acts as router? > > > > Currently npsawn will mount all of /proc/sys read-only, under the > > assumption that these sysctl are not namespaced. Are you saying the > > networking controls are correctly namespaced, and thus can be set to > > different values from the host without interfering with it? If so, we > > should probably mount /proc/sys/net writable after all. > > > > If so, could you please file a PR about this, and we'll make the > > change in upstream nspawn. > > > > For now though you can just make /proc/sys/net writable manually and > > then set the right sysctl there... > > > > Lennart > > > > -- > > Lennart Poettering, Red Hat > > -- > Egor M. > Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
