A) Overview =========== The ORe network switch provides network virtualization to L4 applications. However, in some cases we do not want to share a single network interface between all clients. Use cases are: 1. Communication control: ------------------------- We want to control, which local applications (such as multiple instances of L4Linux) communicate using local network devices. ORe does not provide any kind of communication control. 2. Packet filtering: -------------------- We want to control data travelling to and from our applications to the outside world. ORe itself does not provide packet filtering at the moment. A solution to these problems is to run multiple instances of ORe in parallel. Problem 1) can be solved by connecting applications that must not communicate to different instances of ORe: A <---> ORe1 <---> B C <---> ORe2 <---> D Thus, A and D cannot communicate, as don't C and B. Problem 2) can be solved by exploiting Linux' means of packet filtering: L4Linux1 <--\ +---> ORe1 <---> L4Linux3 (w. packet filter) <--> ORe2 <--> NIC L4Linux2 <--/ The provided patches - ore_instances.diff - l4lx_ore.diff add the possibility to run multiple instances of the ORe network switch in parallel. This is achieved by registering the instances with different names and telling client applications which ORe name to use for their purposes. B) Running multiple instances of ORe ==================================== You can now start ORe with the --name option like this: module (nd)/tftpboot/doebel/l4v2/bin/ore --name OreInst1 This will cause ORe to register itself under the name OreInst1. Currently, names can be up to 15 characters long. Still only one ORe instance can drive the network interfaces directly. Other instances can be forced to only provide a local loopback interface using the --loopback-only command line parameter. C) Connecting to an ORe instance ================================ Client applications connect to an ORe instance using the l4ore_open() call. The config data structure sent by this call now contains a ro_orename field in which you can insert an arbitrary name. The client will then be connected to the ORe instance with the name given. The arping example in pkg/ore/examples/arping demonstrates this by providing a "--orename" option. D) L4Linux and ORe instances ============================ The ORe stub for L4Linux is now able to provide multiple network interfaces. In the kernel command line you can provide a list of ORe instances to connect to using the l4ore.instances parameter. The list contains a number of strings of the form :. INST is the name of the ORe instance to connect to, DEVICE is the device to open at this instance (e.g., "eth0"). Example: l4ore.instances=OreInst1:eth0,OReInst2:lo,OReInst3:eth1 will establish 3 interfaces in this L4Linux instance: eth0, eth1, and eth2. eth0 will be connected to eth0 at OReInst1, eth1 will be connected to lo at OReInst2, and eth2 will be connected to eth1 at OReInst3. The parameter l4ore.oredev is no longer available.