Date: Mon, 28 Dec 2015 23:07:42 +0000 From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Ryan Stone <rysto32@gmail.com> Cc: freebsd-transport@freebsd.org Subject: Re: Extending FIBs to support multi-tenancy Message-ID: <5175FE80-32FE-4D5D-9065-1C52EBD49409@lists.zabbadoz.net> In-Reply-To: <CAFMmRNxVUDNQ-H=r24iOQOAbnvXi17s77HC-ap%2B4_K1AHEbSvA@mail.gmail.com> References: <CAFMmRNxVUDNQ-H=r24iOQOAbnvXi17s77HC-ap%2B4_K1AHEbSvA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 18 Dec 2015, at 22:26 , Ryan Stone <rysto32@gmail.com> wrote: >=20 > My employer is going through the process of extending our product to > support multi-tenant networking. The details of what are product does > isn't really relevant to the discussion -- it's enough to know that we = have > a number of daemons acting as servers for various network protocols. > Multi-tenacy, as we've defined the feature, imposes the requirement = that > our network services be able to communicate with clients from = completely > independent networks. This has imposed the following new requirements = on us: Stupid question: if we=E2=80=99d bring back the original feature that = processes could attached to different VNET/VIMAGE stacks would that = solve some more of your problems without making the list of problems (a = lot [thinking of ifp management]) longer and be a way cleaner solution? It=E2=80=99s something that=E2=80=99s been in the back of some of our = heads and probably help a lot more people. We=E2=80=99d need to be = careful to be able to support both modes (jail with the =E2=80=9Csecurity=E2= =80=9D view) and the other mode with the multi-tenancy-single-daemon in = mind (think of routers as well for example). /bz=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5175FE80-32FE-4D5D-9065-1C52EBD49409>