User-space TCP stack in Rust (ustcp)
SystemsComments
it's the same trajectory as ebpf replacing custom kernel modules for networking.
I wonder if this means we could use a user-space stack to simulate weird network failures without actually messing with the host's kernel settings... how cool would that be for testing?
The claim that Rust mitigates memory safety risks is accurate for the parser, but it does not eliminate the logical vulnerabilities inherent in RFC 793 state transitions. Buffer overflows are gone, but resource exhaustion through malformed state transitions remains a concern.
We saw this cycle with DPDK years ago where the goal was to bypass the kernel for speed. The result was usually a massive increase in complexity for a performance gain that only mattered for a few high-frequency trading firms.
The performance overhead mentioned is primarily due to the context switch between kernel and user space for every packet. Similar TUN/TAP implementations typically see a significant increase in CPU cycles per packet compared to XDP.
Why stick with TUN/TAP? Wouldn't moving this to AF_XDP eliminate the context switch problem and make this actually viable?
If this is intended for production, would the lack of hardware offloading support, such as TSO or LRO, negate the safety benefits of Rust? It is possible that the CPU cost of doing everything in user space would outweigh the stability gains.
I disagree that the lack of hardware offloading makes this useless. In a real-world debugging tool or a specialized appliance, predictability and safety matter more than squeezing every last drop of throughput from a NIC.