Re: Isolating two network processes on same machine

[Ole Laursen]

Ross Biro <ross.biro@xxxxxxxxx> writes:

> > The problem is that we need to run several instances of our network
> > application on the same test machine since we have too few machines.
> > But when we create two IP addresses on the same machine with
> 
> The easiest solution is probably to have the FreeBSD box DNAT the
> linux boxes so they don't know they are talking to themselves.  Then
> you only need to use 1 ip address per linux box.

Thanks, DNAT seems to be a good solution.

I think we will let the Linux boxes use DNAT to send the packets to
the FreeBSD box and then let that use DNAT to send them back again.
This way we won't have to change our test program, which would be a
bit complicated because the addresses of the peers is an integral part
of the design.

Though it would have been simpler if the kernel supported blindly
forwarding a packet to another host without messing with the IP
destination address, but that does not seem to be the case. It could
have saved us from the double DNAT.

Thanks again,

-- 
Ole Laursen
http://www.cs.aau.dk/~olau/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/