Download
netstack is a userspace TCP/IP networking stack written in Go that implements core IPv4/IPv6 protocols with a focus on correctness, isolation, and testability. By running entirely in user space, it avoids kernel dependencies and can be embedded into sandboxes, virtualized environments, or custom appliances. Its architecture models NICs, link endpoints, route tables, and protocol engines as composable interfaces, enabling precise control over packet flow and easy mocking in tests. The stack implements TCP, UDP, ICMP, neighbor discovery, and common socket behaviors, including options like MSS/MTU handling and congestion control hooks. Because it’s written in a memory-safe language with extensive unit tests, it is easier to audit and evolve than many kernel-bound alternatives. netstack is frequently used as the networking core for systems that need strict isolation guarantees and deterministic behavior without privileged code.
Features
- Full userspace IPv4/IPv6 with TCP, UDP, and ICMP
- Composable NIC, endpoint, and routing abstractions
- Deterministic, easily testable packet processing in Go
- Socket semantics with options for tuning and congestion hooks
- Safe isolation for sandboxes and lightweight VMs
- Rich unit and conformance tests for protocol behavior
Project Samples
