On Wed, Mar 05, 2025 at 10:30:17AM +0100, Stefano Garzarella wrote: > On Wed, Mar 05, 2025 at 02:27:12AM -0500, Michael S. Tsirkin wrote: > > On Tue, Mar 04, 2025 at 04:39:02PM -0800, Bobby Eshleman wrote: > > > I think it might be a lot of complexity to bring into the picture from > > > netdev, and I'm not sure there is a big win since the vsock device could > > > also have a vsock->net itself? I think the complexity will come from the > > > address translation, which I don't think netdev buys us because there > > > would still be all of the work work to support vsock in netfilter? > > > > Ugh. > > > > Guys, let's remember what vsock is. > > > > It's a replacement for the serial device with an interface > > that's easier for userspace to consume, as you get > > the demultiplexing by the port number. > > > > The whole point of vsock is that people do not want > > any firewalling, filtering, or management on it. > > > > It needs to work with no configuration even if networking is > > misconfigured or blocked. > > I agree with Michael here. > > It's been 5 years and my memory is bad, but using netdev seemed like a mess, > especially because in vsock we don't have anything related to > IP/Ethernet/ARP, etc. > > I see vsock more as AF_UNIX than netdev. > +1, I also agree with this. For reference I added netdev to vsock before [1] to use qdisc and at least from the qdisc perspect the juice wasn't worth the squeeze (tldr: only pfifo_fast worked because vsock can't recover when other qdiscs silently drop packets). [1] https://lore.kernel.org/all/5a93c5aad99d79f028d349cb7e3c128c65d5d7e2.1660362668.git.bobby.eshleman@xxxxxxxxxxxxx/ Best, Bobby
