[Lxc-users] LXC a feature complete replacement of OpenVZ?
Ahrenholz, Jeffrey M
jeffrey.m.ahrenholz at boeing.com
Fri May 14 21:28:08 UTC 2010
> > 3) Is there support for tun/tap device
>
> The drivers are ready to be used in the container but not
> sysfs and that
> unfortunately prevent to create a tun/tap in a container.
>
> sysfs per namespace is on the way to be merged upstream.
The workaround here is to create a TUN/TAP on the host and install it into the container using something like 'ip link set tap0 netns nnnn'. The app running in the container may not complain (from my experience) and can open and use the tap0.
Another option (which cannot be done with OpenVZ) is creating a TUN/TAP on the host, opening the socket end from a host process, then pushing it into the namespace container. Once in the namespace you can rename it to anything you'd like. Processes in the namespace may read/write as a normal device, and you get all of the packets in the host system. This is useful for connecting together containers with simulators such as ns-3.
-Jeff
More information about the lxc-users
mailing list