Comment by lizknope

I just think this sounds very elegant

https://en.wikipedia.org/wiki/Plan_9_from_Bell_Labs#/net

> Plan 9 does not have specialised system calls or ioctls for accessing the networking stack or networking hardware. Instead, the /net file system is used. Network connections are controlled by reading and writing control messages to control files. Sub-directories such as /net/tcp and /net/udp are used as an interface to their respective protocols.

> Combining the design concepts

> Though interesting on their own, the design concepts of Plan 9 were supposed to be most useful when combined. For example, to implement a network address translation (NAT) server, a union directory can be created, overlaying the router's /net directory tree with its own /net. Similarly, a virtual private network (VPN) can be implemented by overlaying in a union directory a /net hierarchy from a remote gateway, using secured 9P over the public Internet. A union directory with the /net hierarchy and filters can be used to sandbox an untrusted application or to implement a firewall.[43] In the same manner, a distributed computing network can be composed with a union directory of /proc hierarchies from remote hosts, which allows interacting with them as if they are local.

> When used together, these features allow for assembling a complex distributed computing environment by reusing the existing hierarchical name system

I remember first setting up NAT or IP masquerading around 1998. It seemed like an ugly hack and some custom protocols did not work.

I use a bunch of VPNs now and it still seems like a hack.

The Plan 9 way just seems very clean although you now have to secure the server more strongly because you are exporting filesystems from it and others are mounting it.