afonso/core-extra
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

notes on kernel features

Browse source
This commit is contained in:
ahrenholz@gmail.com 2012-03-22 15:17:08 +00:00
parent 183e7f45b9
commit 240490f478
1 changed files with 15 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

17
wiki/CustomKernels.wiki
View file

@ -2,11 +2,24 @@
= Linux Network Namespaces = = Linux Network Namespaces =
== Network Namespace Supported Features ==
Even with the latest Linux kernels, not all networking features may be ready for use with network namespaces. Generally, the newer the kernel, the better the support for netns. Here are notes organized by feature.
* IPsec - patch available, see below.
* netfilter queuing - patch available, see below.
* interface index - patch available, see below.
* Linux bridging - works on Linux 3.0.0, but not on some earlier kernels
* multicast routing - TBD
* QoS with tc queuing - TBD
* GRE tunneling - TBD
== CORE kernel patches == == CORE kernel patches ==
Even with the latest Linux kernels, not all networking features may be ready for use with network namespaces. Some kernel patches are available from the CORE team, check a source tarball under the `kernels/` directory. Some kernel patches are available from the CORE team, check a source tarball under the `kernels/` directory.
For example, CORE 4.2 includes a 2.6.38 kernel patch that addresses the following: For example, CORE 4.3 includes a 2.6.38 kernel patch that addresses the following:
* virtualize the netfilter queue mechanism (allows iptables NFQUEUE targets) * virtualize the netfilter queue mechanism (allows iptables NFQUEUE targets)
* disable the flow cache (allows using IPsec between namespaces) * disable the flow cache (allows using IPsec between namespaces)
* virtualize network interface index numbers * virtualize network interface index numbers