[lxc-users] How are network interfaces implemented in LXC?
Brian Allen Vanderburg II
brianvanderburg2 at aim.com
Mon Feb 2 19:29:14 UTC 2015
I've played around a little with veth interfaces and iptables. From
what I can tell, the best way to think of a veth pair is as if you had
two extra NICs installed on your computer connected together with a
crossover cable. I was having some trouble until I realized this.
The firewall rules apply once for traffic leaving one end, and once for
traffic entering the other end, as if the veth driver simply takes any
frames sent to one of its interfaces and sends then to the other
interface for the kernel to process again.
Brian Allen Vanderburg II
On 02/01/2015 10:36 PM, Anjali Kulkarni wrote:
> Thanks Serge!
> What I was wondering is how this veth (tunnel or endpoints) is implemented
> in code? Is it like a TCP/IP socket connection over which packets are sent
> from one endpoint to other? Can you point me to this code?
>
> On 1/31/15, 11:26 PM, "Serge Hallyn" <serge.hallyn at ubuntu.com> wrote:
>
>> Quoting Anjali Kulkarni (anjali at juniper.net):
>>> Since there is no real device emulation, I am wondering how network
>> You can pass in real or fake nics, including eth0, macvlan, or veth
>> devices. veth devices are a tunnel device exactly for this use case.
>> When you create a veth you get two endpoints. One goes into the
>> container, the other goes onto the bridge in another namespace. Packets
>> go in one end and out the other.
>>
>> veths can be attached to an ovs bridge.
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150202/3863064d/attachment.sig>
More information about the lxc-users
mailing list