I came across this discussion while searching for an example showing how to use VZFileHandleNetworkDeviceAttachment. I'm hacking on GUILinuxVirtualMachineSampleApp with the aspiration of using it to run a Linux guest which I can use to develop a stateful firewall / router, and I'd like the guest to have isolated network interfaces. I dropped in your example code above which uses socketpair() to create a pair of connected network interfaces, and it does indeed work.
I'm using Xcode 14.2 on macOS 13.3.1(a), and the guest is running Rocky Linux 9.1 for aarch64 on an M2 Pro MacBook Pro.
Linux sees the pair of interfaces as enp0s2 and enp0s3.. I haven't yet tried anything as fancy as netcat, but I can see that the interfaces are connected with ping and tcpdump, although they're a little tricky to use.
$ sudo ip a add 10.100.0.1/24 dev enp0s2
$ sudo ip a add 10.200.0.1/24 dev enp0s3
To send on enp0s3, I choose an arbitrary destination on the same /24, e.g. 10.200.0.2.
[me@localhost ~]$ ping 10.200.0.2
PING 10.200.0.2 (10.200.0.2) 56(84) bytes of data.
From 10.200.0.1 icmp_seq=1 Destination Host Unreachable
From 10.200.0.1 icmp_seq=2 Destination Host Unreachable
From 10.200.0.1 icmp_seq=3 Destination Host Unreachable
Now, somewhat un-intuitively, I can see outgoing ARP requests for 10.200.0.2 by running tcpdump on enp0s2.
[me@localhost ~]$ sudo tcpdump -i enp0s3
[sudo] password for me:
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on enp0s3, link-type EN10MB (Ethernet), snapshot length 262144 bytes
22:33:19.029019 ARP, Request who-has 10.200.0.2 tell localhost.localdomain, length 28
22:33:20.097415 ARP, Request who-has 10.200.0.2 tell localhost.localdomain, length 28
22:33:21.134351 ARP, Request who-has 10.200.0.2 tell localhost.localdomain, length 28
cwicklein
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
User for
Post
Replies
Boosts
Views
Activity
FWIW, the Virtualization framework ran out of steam. I further modified your example to create interface pairs with consecutive MAC addresses (interfaces with addresses differing only in their low-order bit are paired), but once I started to create the interfaces I needed for my work, I very quickly ran into a three-interface limit. I've switched to using UTM which is built on QEMU.