[Lxc-users] [lxc-devel] Request for inclusion into mainline LXC utils
Michael H. Warfield
mhw at WittsEnd.com
Mon Jan 25 02:01:20 UTC 2010
On Mon, 2010-01-25 at 02:18 +0100, Michael Holzt wrote:
> > I just find the whole networking model in Debian to be frustrating. It
> > is probably the number 1 primary reason why I don't use Debian more and
> > won't be incorporating it into future projects.
> Now, this is really offtopic on this list, but i feel that you might
> have missed how flexible the debian ifupdown approach is. For all the
> setup it uses scripts which can be changed or extended and you can
> add your own scripts to do all kind of fancy stuff.
It MIGHT be a little OT for the -devel list, very true, but I don't find
it OT at all for the -user list for the simple fact of appliciblity to
our containers. I have examined the Debian ifupdown approach in depth
and found it confining, confusing, and inconsistent. But that's just
me. YMMV. Like I said, I spun an entire custom distro on it and that
was my #1 headache. I've done FreeBSD, OpenBSD, Solaris, AIX, HP/UX,
even old SunOS 4 and SCO. Every one of them have pluses and minuses
but, over the years (going on over 25 years now, long prior to even
Linux) I have found the BSDish approach inferior to the SVr5ish approach
in this particular arena (not in all). Yeah, the Redhat approach is not
exactly SVr5ish either, but the philosophy is still there. I haven't
found anything I could do under the Debian configs that couldn't be done
under the RedHat configs so the "flexibility" question is somewhat moot.
> See for example the bridge-utils package which adds new keywords. You
> might also want to see ifupdown-extra or ifupdown-scripts-zg2 to get
> a feeling how easily you can create very complicated yet flebile
I will look into that. I'm always open to looking at new things and
always open to changing my mind (which quite often happens as often as I
change my shorts).
> I haven't played with ipv6 for some years, but i'm sure that your
> problems can be fixed without much work. For starters i would try
> something like this:
> interface foo inet6 manual
> pre-up ifconfig foo up
Now THAT's worth checking out. I will do that. Thank you sir! I have
a Debian container spun up and hot right now to play with. Just the
thing I needed.
> For the missing routes: Now i feel that when doing autoconfigure,
> all routes should be setup by the autoconfigure process.
I think you misunderstand that process. Autoconf is very specific thing
wrt IPv6 and is a whole IPv6 protocol of neighbor discovery and router
announcements, solicitation, and discovery specified by RFC. It
inherently can NOT do things like configure link local routes or 6to4
routes. Those are the responsibility of the the local system. That the
system "automatically configures" it's interfaces and routes - I agree
with you. But that is NOT IPv6 "autoconf". Think of IPv6 autoconf as
IPv4 ARP on steriods.
> > I had some problems with macvlan that may have been kernel rev related,
> > and I'm going to go back and retest some stuff, where I could ping and
> > connect to a host container from another physical system but nothing
> > worked from the host to the container.
> In my test setup i used macvlan and i can connect to the container from
> the host. I remember having seen that this was a problem with older
> kernel versions and was fixed some time ago.
That's what I'm strongly suspecting. The system in question was a
Fedora 11 system running a 2.6.30 kernel. I wouldn't expect something
like that to remain broken for long.
> > Bridges on Fedora / RedHat are trivial to set up,
> On debian they are trivial as well btw.
I'll check it out. Things may have well improved and I may have to
reassess my opinion! Thank you!
(Too many secrets? Too many MIKES! >;->=> Very confusing...)
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 482 bytes
Desc: This is a digitally signed message part
More information about the lxc-users