Network Stack Cloning Updates on FreeBSD

Dan writes "Network stack cloning patches on FreeBSD allow for multiple fully independent network stacks to simultaneously coexist in a single FreeBSD kernel. Marko Zec has prepared a latest snapshot of the patches (against 4.8-RELEASE). The latest snapshot includes (a) internal restructuring - - struct vimage is now separated in resource-specific containers, and (b) Kernel message buffers - each vimage / vprocg now has a private kernel message buffer instance. Julian Elischer gave a talk on this subject at the USENIX Annual Technical Conference (FreeNIX track) in San Antonio, TX, June 2003. Marko's slides were presented at BSDCon Europe 2002 in Amsterdam."

Very nice, but can it use another machine's nic?

[DrSkwid]

Like many of the new ideas in the BSDs (private namespaces as chroot for instance), the idea of separate networks stacks is taken from plan9.

It is even possible in plan9 to use the network stack of a remote machine as your own.

Using sshnet one can do "sshnet remote_host" then all subsequent network activity for the current process group and any children will use the remote hosts' network stack as though it were local.

In this way one can run tcp listeners on a remote machine (on IP N) that deny requests from anything but the IP N and leave SSH as the only external listener. No special tunnelling hoops to jump through.

Monolithic kernels are dying.