From owner-freebsd-stable@FreeBSD.ORG Wed Oct 29 07:45:08 2008 Return-Path: Delivered-To: stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 27BBB1065676; Wed, 29 Oct 2008 07:45:08 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id CC6298FC16; Wed, 29 Oct 2008 07:45:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.str.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 2DABE41C63C; Wed, 29 Oct 2008 08:45:06 +0100 (CET) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([62.111.66.27]) by localhost (amavis.str.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id 8OXdOnRFXvR1; Wed, 29 Oct 2008 08:45:05 +0100 (CET) Received: by mail.cksoft.de (Postfix, from userid 66) id BFF9741C615; Wed, 29 Oct 2008 08:45:05 +0100 (CET) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 6931644487F; Wed, 29 Oct 2008 07:42:23 +0000 (UTC) Date: Wed, 29 Oct 2008 07:42:22 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Chris St Denis In-Reply-To: <49078377.2090807@smartt.com> Message-ID: <20081029072821.S2978@maildrop.int.zabbadoz.net> References: <487086DA-4514-44E7-AB9F-F1D98C652980@yellowspace.net> <49078377.2090807@smartt.com> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: stable@freebsd.org, freebsd-jail@freebsd.org Subject: Re: 7.x and multiple IPs in jails X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-jail@freebsd.org List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Oct 2008 07:45:08 -0000 On Tue, 28 Oct 2008, Chris St Denis wrote: Hi, [ jail patches ] > Serious question here (not trolling). > > These patches have been around for years, why have they never been committed > to trunk/stable? Well, the multi-ipv4 patch has been for a while - what we are talking about at the moment is more. If you look at older status reports they said soemthing like "there is the need for this at the moment but it's not considered to be the right thing". There are multiple reasons for that, that I can think of: 1) some larger parts (of the network stack|kernel) get plastered with all kinds of if (this) if (that) checks complicating code, making it unreadbale, having to be maintained, not ignored for security, ... It's important to really catch all the places, .. which it seems we had been doing well though not 100% well as I just found out currerntly preparing more if (this) if (that) checks for something not really important but still being a problem - since the first day it turns out. 2) there is questionable logic in them and while we had been living with it up to now, it came up during review process for the commit to HEAD (so it could be merged to stable) and it turns out that properly solving it isn't a easy or simple task and multiple people have been pondering over this for days now. Even after removing some optional code paths for simplicity things are still not always definite in what would happen. 3) Nonetheless they are very helpful and very usable (else I wouldn't have worked on it). The plan as the status report will say is to get this in, merge it to stable/7 before 7.2 and keep it in 8. 8 will also have vimages and ideally I'd like to see this entire jail IP hacks be gone for 9, when vimage will provide the infrastructure, etc. This means that 8 would be the transition period. But that's just me and my ideas - we'll see how it'll go. /bz -- Bjoern A. Zeeb Stop bit received. Insert coin for new game.