Changes
→Requirements
== Approaches ==
=== Virtualization on the 2nd level (OpenVZ) ===
The main requirement is that containers should have close to standalone servers networking capabilities. In details:
For input packets context switching is performed in netif_receive_skb(), inherited from the device context. For output, context is inherited from the socket one.
=== Virtualization on the 3d level (IBM) ===
# The source address will be filled with the container IP address;
# Keep sockets isolated by namespace;
# have broadcast and multicast working.
For input packets context switching is inherited from the routing entry, for output - inherited from the socket one.
=== Socket Sockets isolation (Linux-VServer) ==='''==== Requirements''':====
# all interfaces and IPs are visible on the host
# routing and iptables is configured on the host
# Guest-Guest and Guest-Host traffic via Loopback
Network Context with 'assigned' set of IPs, which are used for 'collision' checks at bind
== Virtualization table ==
This is a summary table in order to show which core networking objects are virtualized/isolated in the above approaches or and which are not.
{| class="wikitable"