Softnet is a software networking for Tart which provides better network isolation and alleviates DHCP shortage on production systems. Please check out this blog post for backstory.
Softnet solves two problems:
- VM network isolation
VZNATNetworkDeviceAttachment(the default networking in Tart) enables vmnet's bridge isolation by default and prevents cross-VM traffic, however it's still possible for any VM to spoof the host's ARP-table and capture other VMs traffic by using tools that enable conducting the ARP spoofing attacks (e.g. arpspoof, arpoison and so on)
- DHCP exhaustion
- macOS built-in DHCP-server allocates a
/24subnet with 86400 seconds lease time by default, which only allows for ~253 VMs a day (or 1 VM every ~6 minutes) to be spawned without causing a denial-of-service, which is pretty limiting for CI services like Cirrus CI
- macOS built-in DHCP-server allocates a
And assumes that:
- Tart gives it's VMs unique MAC-addresses
- macOS built-in DHCP-server won't re-use the IP-addresses from it's pool until their lease expire
...otherwise it's possible for two VMs to receive an identical IP-address from the macOS built-in DHCP-server (even in the presence of Softnet's packet filtering) and thus bypass the protections offered by Softnet.
For proper functioning, Softnet binary requires two things:
- a SUID-bit to be set on the binary or a passwordless sudo to be configured, which effectively gives the binary
rootprivileges- these privileges are needed to create
vmnet.frameworkinterface and perform DHCP-related system tweaks - the privileges will be dropped automatically to that of the calling user (or those represented by the
--userand--groupcommand-line arguments) once all of the initialization is completed
- these privileges are needed to create
- the binary to be available in
PATH- so that the Tart will be able to find it
Softnet is started and managed automatically by Tart if --net-softnet flag is provided when calling tart run.