git.proxmox.com Git - mirror_iproute2.git/commit

author	Eric W. Biederman <ebiederm@xmission.com>
	Wed, 13 Jul 2011 16:48:26 +0000 (09:48 -0700)
committer	Stephen Hemminger <shemminger@vyatta.com>
	Wed, 13 Jul 2011 16:48:26 +0000 (09:48 -0700)
commit	0dc34c7713bb7055378fe5cbc720d63d0db572a1
tree	751677d054224f36231f35e8b36be1207fcf4e33	tree
parent	21a85d3becf45e02985c466764ae19433d907c40	commit \| diff

iproute2: Add processless network namespace support

The goal of this code change is to implement a mechanism such that it is
simple to work with a kernel that is using multiple network namespaces
at once.

This comes in handy for interacting with vpns where there may be rfc1918
address overlaps, and different policies default routes, name servers
and the like.

Configuration specific to a network namespace that would ordinarily be
stored under /etc/ is stored under /etc/netns/<name>. For example if
the dns server configuration is different for your vpn you would create
a file /etc/netns/myvpn/resolv.conf.

File descriptors that can be used to manipulate a network namespace can
be created by opening /var/run/netns/<NAME>.

This adds the following commands to iproute.
ip netns add NAME
ip netns delete NAME
ip netns monitor
ip netns list
ip netns exec NAME cmd ....
ip link set DEV netns NAME

ip netns exec exists to cater the vast majority of programs that only
know how to operate in a single network namespace. ip netns exec
changes the default network namespace, creates a new mount namespace,
remounts /sys and bind mounts netns specific configuration files to
their standard locations.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>

ip/Makefile		diff \| blob \| blame \| history
ip/ip.c		diff \| blob \| blame \| history
ip/ip_common.h		diff \| blob \| blame \| history
ip/iplink.c		diff \| blob \| blame \| history
ip/ipnetns.c	[new file with mode: 0644]	blob
man/man8/ip.8		diff \| blob \| blame \| history