Hello.
In the spectrum OS, as far as I know, all appvms will connect to outside through netvm. And each appvm has different subnet. However, sometimes, a app should be able to access the host network by bridging. For example, an P2P app needs to send and receive multicast or broadcast to find other peers.
I wonder if it(bridging to host network) is possible in spectrum OS model, and if possible, I want to know how to do it. And if there is no such feature, I want to know the plan or opinion to support such app in spectrum OS.
Thanks.
On Wed, Nov 23, 2022 at 07:41:00AM +0000, Juha Park wrote:
Hello.
In the spectrum OS, as far as I know, all appvms will connect to outside through netvm. And each appvm has different subnet. However, sometimes, a app should be able to access the host network by bridging. For example, an P2P app needs to send and receive multicast or broadcast to find other peers.
I wonder if it(bridging to host network) is possible in spectrum OS model, and if possible, I want to know how to do it. And if there is no such feature, I want to know the plan or opinion to support such app in spectrum OS.
Hi, thanks for your question!
First, to clarify, in Spectrum, the goal is to avoid having any networking on the host at all, by passing network adapters through to VMs. That's immaterial to your question about multicast, etc., just something important to be aware of.
Bridged networking is definitely on the agenda. I don't know yet exactly how it will work — networking isn't my area of expertise. As I understand it, one possibility would be to run an NDP proxy in the network VM, so each VM would get its own IPv6 address on the host network — as I recall, that's how Chrome OS does it. But what exactly we end up doing will depend on how people who understand networking better than me (possibly such as yourself) think it should be done.
In general, I'm not too happy with the current state of Spectrum's networking — I did it in the way that was easiest to get basic functionality up and running, especially because a key technology for doing it better (virtio-vhost-user) wasn't mature enough at the time. Revisiting it is definitely on the cards, so it's really useful to hear about use cases like this.