3
I'm new to using LXC and I couldn't find an answer to this question. In a scenario where we have multiple containers running on the same host, and they're connected to a bridge which connects them to the LAN. Does the host still manage the sockets created within the containers? or they are only managed by the container? in the case of TCP, does the host handle retransmissions for examples?
KLD
Posted 2017-01-01T17:45:51.563
Reputation: 33
1
Containers do not have a separate kernel, therefore they also do not have a separate TCP/IP stack. LXC only uses a network namespace – interfaces, routes, sockets tagged with a specific netns are only visible to processes within the same namespace, but are still managed by the same host kernel. (Similar to PID namespaces, which merely hide processes between different containers.) You can see this from the host at /proc/<pid>/net.
user1686
Posted 2017-01-01T17:45:51.563
Reputation: 283 655