Can we put the networking/TCP stack into user-space?

• (REG) The short answer is no, because this would slow it down (see the monolithic versus microkernel debate for reasons why). The longer answer involves the motivations behind the question. Some people want to inspect every packet, and think it's easier to do in user-space. In fact, the kernel has a network packet filtering API (Linux Socket Filter (LSF), which is an easier-to-use implementation of the Berkeley Packet Filter (BPF)). The LSF allows you to capture some or all packets and pass them to user-space. This yields the advantages of a kernel-based networking stack, but still allows you to inspect packets in user-space if needed. One reason people want to inspect packets is to perform firewalling. In this case, a far superior solution is available, using the Netfilter infrastructure. This is a kernel-level firewalling/NAT solution which is fast and reliable. You may create both stateful and stateless firewalling configurations. This infrastructure was introduced during the 2.3. ... more