Netnice realizes powerful yet flexible control of the network at an end-host operating system, though "hierarchical virtualization" of network interfaces, integrating most of the traffic control technology proposed thus far.

But have you ever heard the term "hierarchical virtualization" before, and can you imagine how it works?

... probably not, since the term is what we coined in the development process. So, first, please take a look at the figure.

The cylinder at the bottom is an actual network interface that the host owns. On a Netnice-enhanced OS, we are allowed to create our own "children" as we wish. The virtualized interface created in this fashion is called a "hierarchical virtual network interface (VIF)". Processes are allowed to create children VIFs on a VIF that the process is connected to when they are spawned. A process can also connect itself or its associated sockets to the new VIF. In this figure, three processes are connected to 4 VIFs.

A process can set parameters for its own VIFs, such as bandwidth. Furthermore, a VIF has a lot of variations, and the process can choose a type of VIF that matches its own control target. For example, we have VIFs for "fair queuing", "priority queuing", and "packet blocking". Additionally, each VIF has its own "packet filter" with which we can explicitly specify rules for packet forwarding, a "monitoring port" through which we can inspect the details of the flows in the VIF, and a "diverting interface" with which we can divert all the traffic into the userland for a variety of controls, such as NAT and proxy service. We call these features "Netnice Packet Filter" altogether. A VIF is also equipped with statistics mechanisms.

Thanks to these advanced features for network control and its integration, Netnice realizes a variety of controls which has not been possible with existing implementations. This page has a summary of Netnice applications.

