I’ve been keeping an eye on nerdctl. While it’s still a little trickier than Docker or Podman for commands to work consistently, there’s fascinating innovation happening under its hood. One such innovation is Bypass4NetNS, the new virtual network framework used by rootless containers that’s *faster* than root kernel networking. Yes, you read that right.

And why shouldn’t it be? Userspace networking shouldn’t need to be complicated, should it? I mean, it’s right in the name: bypass your usual cruft of unnecessary kernel infrastructure by sending packets through a network namespace. It’s as beautiful as it is simple. Gotta hand it to the researchers who finally saw something we couldn’t, but in retrospect should have known all along.

For more on nerdctl, check out this interview with its top contributer Akihiro Suda from NTT published by the RedHat Community – it’s definitely eye-opening!