iocage: To VNET or Not To VNET

[ewhac]

All the examples I've seen so far for setting up iocage jails enable VNET. The man page for iocage says:

Code:

	 vnet=[on | off]
				   Controls whether the jail is started with a VNET or a
				   shared IP configuration.  Set to on if a fully virtualized
				   per-jail network stack is required.

Further, the iocage documentation says in part:

The Shared IP networking option is rock solid, with over a decade of heavy use and testing.

It has no specific system requirements, as everything needed is built directly into the default GENERIC kernel.
[ ... ]
VNET is considered experimental. Unexpected system crashes can occur. More details about issues with VNET are available in the Known Issues section of this documentation.

All well and good, but it doesn't offer any hints as to why one might select one over the other (and VNET's list of known issues make me want to avoid it). Under what broad circumstances is VNET the appropriate choice?

 

[m0nkey_]

VNET gives the jail a full networking stack, useful if you have something that needs to do any kind of network broadcast or discovery, one example is the UBNT UniFi Controller software.

 

[ewhac]

VNET gives the jail a full networking stack, useful if you have something that needs to do any kind of network broadcast or discovery, one example is the UBNT UniFi Controller software.

So anything relying on more than simple TCP/UDP sockets should get a VNET? (I'm inclined to think DLNA/UPnP servers fall into this category.)