The Problem
Currently, it is impossible to access services running on the host machine (e.g., a local Ollama instance on port 11434) or other private LAN IPs from inside a microsandbox via the CLI.
Even when configuring the host service to listen on 0.0.0.0 and using the host's actual local IP (e.g., 192.168.x.x), the connection instantly fails. This appears to be because the CLI enforces NetworkPolicy::public_only() by default, which drops all packets destined for private subnets.
While --no-dns-rebind-protection allows DNS to resolve to local IPs, the underlying packet filter still blocks the traffic.
Use Case
Running local AI development environments inside msb where the sandbox needs to communicate with large, resource-heavy services running on the host machine (like an LLM inference server).
Currently, the only local workaround is to use a clunky file-system bypass (using socat to pipe traffic through a Unix socket in a shared volume).
Proposed Solution
Provide a flag in the msb create CLI to override the default network policy and allow traffic to private IP addresses.
For example, an --allow-private-ips or --network-policy allow_all flag that passes NetworkPolicy::allow_all() to the underlying sandbox configuration.
Expected CLI Usage:
msb run --allow-private-ips ubuntu
Environment Context
- Host Service: Ollama bound to
0.0.0.0:11434
- Command:
msb exec dev -- curl http://<HOST_LAN_IP>:11434/v1
- Result:
curl: (7) Failed to connect ... after 0 ms: Could not connect to server
The Problem
Currently, it is impossible to access services running on the host machine (e.g., a local Ollama instance on port 11434) or other private LAN IPs from inside a microsandbox via the CLI.
Even when configuring the host service to listen on
0.0.0.0and using the host's actual local IP (e.g.,192.168.x.x), the connection instantly fails. This appears to be because the CLI enforcesNetworkPolicy::public_only()by default, which drops all packets destined for private subnets.While
--no-dns-rebind-protectionallows DNS to resolve to local IPs, the underlying packet filter still blocks the traffic.Use Case
Running local AI development environments inside
msbwhere the sandbox needs to communicate with large, resource-heavy services running on the host machine (like an LLM inference server).Currently, the only local workaround is to use a clunky file-system bypass (using
socatto pipe traffic through a Unix socket in a shared volume).Proposed Solution
Provide a flag in the
msb createCLI to override the default network policy and allow traffic to private IP addresses.For example, an
--allow-private-ipsor--network-policy allow_allflag that passesNetworkPolicy::allow_all()to the underlying sandbox configuration.Expected CLI Usage:
Environment Context
0.0.0.0:11434msb exec dev -- curl http://<HOST_LAN_IP>:11434/v1curl: (7) Failed to connect ... after 0 ms: Could not connect to server