Comment by bjourne
2 days ago
What is the need for mashing more and more stuff into the kernel? I thought the job of the kernel was to manage memory, hardware, and tasks. Shouldn't protocols built on top of IP be handled by userland?
2 days ago
What is the need for mashing more and more stuff into the kernel? I thought the job of the kernel was to manage memory, hardware, and tasks. Shouldn't protocols built on top of IP be handled by userland?
Having networking, routing, VPN etc all not leave kernel space can be a performance improvement for some use cases.
Similarly, splitting the networking/etc stacks out from the kernel into userspace can also be a performance improvement for some use cases.
Can't you say that about virtually anything? I'm sure having, say, MIDI synthesizers in the kernel would improve performance too, but not many think that is a good idea.
Depends on the workload and scale. There are cases where offloading everything to userspace in order to minimize context switches into kernel space would improve performance, as well.
Yup, context switches between kernelspace and userspace are very expensive in high-performance situations, which is why these types of offloads are used.
At specific workloads (think: load balancers / proxy servers / etc), these things become extremely expensive.
Maybe. Getting stuff into the kernel means (in theory) it’s been hardened, it has a serious LTS, and benefits from… well, the performance of being part of the kernel.
DMA transfers and NIC offloading
No, protocols directly on IP specifically can’t be used in userland because they can’t be multiplexed to multiple processes.
If everything above IP was in userland, only one program at a time could use TCP.
TCP and UDP being intermediated by the kernel allow multiple programs to use the protocols at the same time because the kernel routes based on port to each socket.
QUIC sits a layer even higher because it cruises on UDP, so I think your point still stands, but it’s stuff on top of TCP/UDP, not IP.
How do you think this works on microkernels? Do they have no support for multiple applications using the network?
That is not at all a problem. On a microkernel you just have a userspace TCP/network server that your other programs talk to that manages/multiplexes the shared network connection.
If they don’t have TCP in them, yes. Either each application would need its own IP or another application would be responsible for being the TCP port router.