A shared XPC service that manages vmnet networks for apps using the Apple Virtualization framework.

macOS 26 added native vmnet support to the Virtualization framework. vmnet networks can reach up to 120 Gbit/s, up to 2-9 times faster than file-handle based networks.

The catch: vmnet networks are bound to the process that creates them. When the process exits, the network is destroyed, even if VMs are still using it. You can't create a network in your VM launcher because it would disappear when the launcher exits.

The solution is to build an XPC service to hold networks alive. But if every project does this independently:

• Duplicated code for XPC service, lifecycle management, launchd integration
• VMs from different tools can't communicate (separate networks)
• Multiple XPC services running on user machines
• Manual start/stop commands (e.g. container system start/stop)

vmnet-broker is a single shared XPC service for all apps. Instead of each project building its own network service, they all connect to the broker.

The broker provides "shared" and "host" networks out of the box. Apps call acquireNetwork() with a network name. The broker creates the network or returns an existing one if other VMs are already using it. Networks are reference-counted and cleaned up when the last client disconnects.

For developers:

• Acquire a network with a single function call
• Client libraries for C, Go, and Swift
• Networks are created and removed automatically

For users:

• One broker for all tools instead of separate XPC services per project
• VMs from lima, podman, vfkit, minikube can share the same network

To install the latest version run:

curl -fsSL https://github.com/nirs/vmnet-broker/releases/latest/download/install.sh | sudo bash

You can download the install script for inspection and run it locally:

curl -fsSL https://github.com/nirs/vmnet-broker/releases/latest/download/install.sh -o install.sh
less install.sh
sudo bash install.sh

To uninstall:

sudo /Library/Application\ Support/vmnet-broker/uninstall.sh

See Installation details for more information.

To access the broker you can use the C, Swift or Go client libraries:

vmnet_broker_return_t broker_status;
xpc_object_t serialization = vmnet_broker_acquire_network("shared", &broker_status);
if (serialization == NULL) {
    ERRORF("failed to start broker session: (%d) %s",
           broker_status, vmnet_broker_strerror(broker_status));
    exit(EXIT_FAILURE);
}

• client
• example

let serialization: xpc_object_t
do {
    serialization = try VmnetBroker.acquireNetwork(named: "shared")
} catch {
    logger.error("Failed to get network from broker: \(error)")
    exit(EXIT_FAILURE)
}

• client
• example

serialization, err := vmnet_broker.AcquireNetwork("shared")
if err != nil {
    return nil, fmt.Errorf("failed to acquire network: %w", err)
}

• client
• example

macOS Tahoe 26 or later is required.

This project is work in progress. You can play with it and contribute to the project.

• Installation details
• Configuration
• Integrations
• Protocol
• Development

This project is licensed under the Apache License 2.0.