feat: Allow specifying vmnet network UUID to disable DHCP

[pallotron]

What

This commit introduces a new --vmnet-network-uuid command-line option to allow setting the vmnet_network_identifier_key for vmnet.

This property is only applicable to a vmnet_interface in VMNET_HOST_MODE.

If this property is set, the vmnet_interface is added to an isolated network with the specified identifier.

No DHCP service is provided on this network.

Why

This is useful for certain applications where the users need an isolated network and are running their own dhcp to assign IPs in such network.

See issue #139

Testing

Printed new --help

❯ make
cc -O3 -Wall -Wextra -pedantic -DVERSION=\"a7cc880.m\" -c cli.c -o cli.o
cc -O3 -Wall -Wextra -pedantic -DVERSION=\"a7cc880.m\" -o socket_vmnet  -framework vmnet cli.o main.o
❯ ./socket_vmnet --help
Usage: ./socket_vmnet [OPTION]... SOCKET
vmnet.framework support for rootless QEMU.
socket_vmnet does not require QEMU to run as the root user, but socket_vmnet itself has to run as the root, in most cases.

--socket-group=GROUP                socket group name (default: "staff")
--vmnet-mode=(host|shared|bridged)  vmnet mode (default: "shared")
--vmnet-interface=INTERFACE         interface used for --vmnet=bridged, e.g., "en0"
--vmnet-gateway=IP                  gateway used for --vmnet=(host|shared), e.g., "192.168.105.1" (default: decided by macOS)
                                    the next IP (e.g., "192.168.105.2") is used as the first DHCP address
--vmnet-dhcp-end=IP                 end of the DHCP range (default: XXX.XXX.XXX.254)
                                    requires --vmnet-gateway to be specified
--vmnet-mask=MASK                   subnet mask (default: "255.255.255.0")
                                    requires --vmnet-gateway to be specified
--vmnet-interface-id=UUID           vmnet interface ID (default: random)
--vmnet-network-uuid=UUID           vmnet network UUID, if provided in "host" vmnet mode the
                                    internal DHCP will be disabled (default: random)
--vmnet-nat66-prefix=PREFIX::       The IPv6 prefix to use with shared mode.
                                    The prefix must be a ULA i.e. start with fd00::/8.
                                    (default: random)
-p, --pidfile=PIDFILE               save pid to PIDFILE
-h, --help                          display this help and exit
-v, --version                       display version information and exit

version: a7cc880.m

Ran locally in host mode and network UUID provided:

❯ sudo ./socket_vmnet "/opt/homebrew/var/run/socket_vmnet" --vmnet-mode=host
INFO | Initializing vmnet.framework (mode 1000)
INFO | Using network identifier "EAAE7252-D205-4D97-A9DA-5B7A02808BE2" and no vmnet gateway -> NO DHCP will be enabled on this vmnet
INFO | * vmnet_write_max_packets: 256
INFO | * vmnet_read_max_packets: 256
INFO | * vmnet_subnet_mask: 0.0.0.0
INFO | * vmnet_mtu: 1500
INFO | * vmnet_end_address: 255.255.255.254
INFO | * vmnet_start_address: 0.0.0.0
INFO | * vmnet_interface_id: B5D1817C-D455-4EDF-B329-E484C4115195
INFO | * vmnet_max_packet_size: 1514
INFO | * vmnet_mac_address: 4a:d0:f8:94:9b:b3

I could run my LAB vms, I saw no DHCP been handed over by MacOS/bootp, my Lab runs a special VM with DHCPD and I saw that not colliding.

Ran locally in shared mode:

❯ sudo ./socket_vmnet "/opt/homebrew/var/run/socket_vmnet" --vmnet-gateway=192.168.111.1
Password:
INFO | Initializing vmnet.framework (mode 1001)
INFO | * vmnet_write_max_packets: 256
INFO | * vmnet_read_max_packets: 256
INFO | * vmnet_subnet_mask: 255.255.255.0
INFO | * vmnet_mtu: 1500
INFO | * vmnet_end_address: 192.168.111.254
INFO | * vmnet_start_address: 192.168.111.1
INFO | * vmnet_interface_id: 92C36810-BDCC-4B03-BF6F-CAFB66D0D354
INFO | * vmnet_max_packet_size: 1514
INFO | * vmnet_nat66_prefix: fd86:9a96:2682:1344::
INFO | * vmnet_mac_address: 96:62:0c:d6:b4:91

Ran local in host mode + deafault gw (show dhcp should be enabled)

❯ sudo ./socket_vmnet "/opt/homebrew/var/run/socket_vmnet" --vmnet-mode=host --vmnet-gateway=192.168.111.1
INFO | Initializing vmnet.framework (mode 1000)
INFO | * vmnet_write_max_packets: 256
INFO | * vmnet_read_max_packets: 256
INFO | * vmnet_subnet_mask: 255.255.255.0
INFO | * vmnet_mtu: 1500
INFO | * vmnet_end_address: 192.168.111.254
INFO | * vmnet_start_address: 192.168.111.1
INFO | * vmnet_interface_id: 52F9E326-9D2B-4F82-B695-39071E9C1A7F
INFO | * vmnet_max_packet_size: 1514
INFO | * vmnet_mac_address: f6:a1:bd:dd:39:23

[pallotron]

let me know if you want to create a correspondent io.github.lima-vm.socket_vmnet.host_dhcp.plist in launchd/ and relative modications to the Makefile.

[pallotron]

@AkihiroSuda hey can you guys let me know what you think of this when you get a chance? :)

[AkihiroSuda]

Thanks, but please sign the commit for DCO
https://github.com/apps/dco

(run git commit -a -s --amend, and make sure that the Signed-off-by: NAME <EMAIL> line with your real name is included in the commit message)

[AkihiroSuda]

Ia this a breaking change or just an explanation of the existing behavior?

[pallotron]

it's an explanation of what happens when you do that, as I explained in #139.
From vmnet.framework/Headers/vmnet.h:

/*!
 * @constant vmnet_network_identifier_key
 * The identifier (uuid) to uniquely identify the network.
 *
 * This property is only applicable to a vmnet_interface in
 * VMNET_HOST_MODE.
 *
 * If this property is set, the vmnet_interface is added to
 * an isolated network with the specified identifier.
 *
 * No DHCP service is provided on this network.
 */
extern const char * const
vmnet_network_identifier_key API_AVAILABLE(macos(11.0)) API_UNAVAILABLE(ios, watchos, tvos);

[AkihiroSuda]

So, this is a breaking change, right?

[AkihiroSuda]

Can we just keep the behavior of v1.2.1 for compatibility, and require explicitly setting --vmnet-network-identifier (UUID string, "random", or "")?

[pallotron]

I do not think it is breaking change because by default your launchd/.plist config always specifies --vmnet-gateway and that keeps dhcp on:

❯ sudo ./socket_vmnet "/opt/homebrew/var/run/socket_vmnet" --vmnet-mode=host --vmnet-gateway=192.168.111.1
INFO | Initializing vmnet.framework (mode 1000)
INFO | * vmnet_write_max_packets: 256
INFO | * vmnet_read_max_packets: 256
INFO | * vmnet_subnet_mask: 255.255.255.0
INFO | * vmnet_mtu: 1500
INFO | * vmnet_end_address: 192.168.111.254
INFO | * vmnet_start_address: 192.168.111.1
INFO | * vmnet_interface_id: 52F9E326-9D2B-4F82-B695-39071E9C1A7F
INFO | * vmnet_max_packet_size: 1514
INFO | * vmnet_mac_address: f6:a1:bd:dd:39:23

vs running w/o other options:

❯ sudo ./socket_vmnet "/opt/homebrew/var/run/socket_vmnet" --vmnet-mode=host
INFO | Initializing vmnet.framework (mode 1000)
INFO | Using network identifier "EAAE7252-D205-4D97-A9DA-5B7A02808BE2" and no vmnet gateway -> NO DHCP will be enabled on this vmnet
INFO | * vmnet_write_max_packets: 256
INFO | * vmnet_read_max_packets: 256
INFO | * vmnet_subnet_mask: 0.0.0.0
INFO | * vmnet_mtu: 1500
INFO | * vmnet_end_address: 255.255.255.254
INFO | * vmnet_start_address: 0.0.0.0
INFO | * vmnet_interface_id: B5D1817C-D455-4EDF-B329-E484C4115195
INFO | * vmnet_max_packet_size: 1514
INFO | * vmnet_mac_address: 4a:d0:f8:94:9b:b3

that said, I can make the change you propose if you think it's better for backward compatibility and users :)
I was wondering at this point if we shuoldn't just have a --no-dhcp option that only works when --vmnet-mode=host is provided and conflicts with --vmnet-gateway?

[pallotron]

thanks for the comments, and sorry about the signature mishap.
I was using my corporate laptop and the setup there is a bit messy. Will fix.

[pallotron]

Thanks, but please sign the commit for DCO https://github.com/apps/dco

(run git commit -a -s --amend, and make sure that the Signed-off-by: NAME <EMAIL> line with your real name is included in the commit message)

I think my commits are all good yet but I dunno why DCO is failing now :(

[pallotron]

my last commit has the sign-off but I dunno why DCO is failing... :(
do I need to squash all commits?

commit f7bdb95a66ed3093ac5893e41a373a357bb945fc (HEAD -> feature/no_dhcp_issue_139, origin/feature/no_dhcp_issue_139)
Good "git" signature for [email protected] with ED25519 key SHA256:bCGybCKH6mAgRuXgyjQSoTKIlRJOyIxRny1Gmg/3MmI
Author: Angelo Failla <[email protected]>
Date:   Fri Oct 10 10:26:15 2025 +0100

    fix comment as per review

    Signed-off-by: Angelo Failla <[email protected]>

commit f912515d2d431d939f5a77afcf073cdfd99ef4ec
Good "git" signature for [email protected] with ED25519 key SHA256:bCGybCKH6mAgRuXgyjQSoTKIlRJOyIxRny1Gmg/3MmI
Author: Angelo Failla <[email protected]>
Date:   Thu Oct 9 08:27:13 2025 +0100

    Better logic + esplicitely printing when DHCP is going to be disabled

commit 20d8ee1e7aac111c6329f90bfa876ffe26488769
Good "git" signature for [email protected] with ED25519 key SHA256:bCGybCKH6mAgRuXgyjQSoTKIlRJOyIxRny1Gmg/3MmI
Author: Angelo Failla <[email protected]>
Date:   Wed Oct 8 16:22:03 2025 +0100

    README.md: add some explanation

[AkihiroSuda]

squash

Yes, please
https://lima-vm.io/docs/dev/git/#squashing-commits

[pallotron]

ok I fixed DCO, squashes all commits and made sure there is sign off.

[AkihiroSuda]

Why not consistently call this vmnet_network_identifier?

[AkihiroSuda]

Looks like a breaking change

#140 (comment)