Date: Wed, 29 Oct 2008 07:42:22 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Chris St Denis <chris@smartt.com> Cc: stable@freebsd.org, freebsd-jail@freebsd.org Subject: Re: 7.x and multiple IPs in jails Message-ID: <20081029072821.S2978@maildrop.int.zabbadoz.net> In-Reply-To: <49078377.2090807@smartt.com> References: <Pine.OSX.4.64.0810280227350.4630@toasty.nat.fasttrackmonkey.com> <487086DA-4514-44E7-AB9F-F1D98C652980@yellowspace.net> <49078377.2090807@smartt.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 28 Oct 2008, Chris St Denis wrote:
Hi,
[ jail patches ]
> Serious question here (not trolling).
>
> These patches have been around for years, why have they never been committed
> to trunk/stable?
Well, the multi-ipv4 patch has been for a while - what we are talking
about at the moment is more.
If you look at older status reports they said soemthing like "there is
the need for this at the moment but it's not considered to be the
right thing".
There are multiple reasons for that, that I can think of:
1) some larger parts (of the network stack|kernel) get plastered with
all kinds of if (this) if (that) checks complicating code, making
it unreadbale, having to be maintained, not ignored for security, ...
It's important to really catch all the places, .. which it seems we
had been doing well though not 100% well as I just found out
currerntly preparing more if (this) if (that) checks for something
not really important but still being a problem - since the first
day it turns out.
2) there is questionable logic in them and while we had been living
with it up to now, it came up during review process for the commit
to HEAD (so it could be merged to stable) and it turns out that
properly solving it isn't a easy or simple task and multiple people
have been pondering over this for days now. Even after removing
some optional code paths for simplicity things are still not always
definite in what would happen.
3) <just insert more other stuff here>
Nonetheless they are very helpful and very usable (else I wouldn't
have worked on it).
The plan as the status report will say is to get this in, merge it to
stable/7 before 7.2 and keep it in 8.
8 will also have vimages and ideally I'd like to see this entire jail
IP hacks be gone for 9, when vimage will provide the infrastructure,
etc. This means that 8 would be the transition period. But that's
just me and my ideas - we'll see how it'll go.
/bz
--
Bjoern A. Zeeb Stop bit received. Insert coin for new game.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081029072821.S2978>