6,534
edits
Changes
created
There are several approaches of how to virtualize networking for containers. Those are desribed below.
__TOC__
== Layer 3 virtualized network interface ==
This one is employed by OpenVZ's venet. See [[venet]].
== Layer 2 virtualized network interface ==
This one is employed by OpenVZ's veth. See [[veth]].
== Layer 3 isolated network (bind filtering) ==
This one is implemented in Linux-VServer. Basically, when a container calls <code>bind()</code> with <code>INADDR_ANY</code>, kernel actually binds the socket to some specific IP address(es). Some more details (not much) can be found at http://linux-vserver.org/Paper#Network_Separation
== See also ==
* [[Differences between venet and veth]]
__TOC__
== Layer 3 virtualized network interface ==
This one is employed by OpenVZ's venet. See [[venet]].
== Layer 2 virtualized network interface ==
This one is employed by OpenVZ's veth. See [[veth]].
== Layer 3 isolated network (bind filtering) ==
This one is implemented in Linux-VServer. Basically, when a container calls <code>bind()</code> with <code>INADDR_ANY</code>, kernel actually binds the socket to some specific IP address(es). Some more details (not much) can be found at http://linux-vserver.org/Paper#Network_Separation
== See also ==
* [[Differences between venet and veth]]
