Hi Ludo, Ludovic Courtès writes: > Maybe we could, but I must confess I’m totally clueless on this veth > thing. :-) > > What would this entail? Hopefully guile-netlink can help? So, a veth (Virtual Ethernet) device is basically a pipe but for network devices: they're created in pairs, and any packet going through one end is instantly received on the other end. You can then transmit packets between network namespaces. One problem that totally slipped by me is that you need to be root to create a veth device in the original namespace... Rootless containers use slirp4netns, which is basically a userspace TCP/IP stack communicating with a special network device in the new namespace (over which you have complete rights). The situation might thus be a bit more complicated, since we'd need another library/program as a dependency to achieve this. I guess there's no best solution for now then :/ Best, -- Josselin Poiret