Hacker News new | ask | show | jobs
by betaby 515 days ago
Podman Desktop on Mac uses weird user-pace IP stack which does direct socket allocations on the MAcOS host itself.

Additionally, Podman Desktop on Mac always return on ICMP echo, try running `ping 5.5.5.5` or any other non-ping-able IP and see it yourself.
1 comments
rgovostes 515 days ago
Can you elaborate on the direct socket allocations?
link
betaby 515 days ago
You can see `tcp` sessions of the container using `netstat` on the host MacOS if you use Podman Desktop.

That's not the case if podman runs on a Linux VM on UTM for example. Additionally, ICMP behaves correctly in the later case.

link