Thank you for your reply. A key of com.apple.security.temporary-exception.mach-lookup.global-name I tried this and it works. It does not hang anymore. If i make this changes whether the app will pass the app review? Thanks

Thank you very much for detailed info about the entitlement key. I have made the changes to app and submitted for app review with the radar info in review notes and appsandbox info. Fingers crossed till the review complete. I will come back once i have some info from app review team.

I have the feedback from the app review team. The app did not pass the review becuase of the com.apple.storagekitd entitlement usage. They are asking me to find another workaround. I dont know what to do to fix this bug. The bug still exist in Tahoe 26.4 Beta 2 also. It is not fixed in Tahoe 26.4 beta.

I recommend that you continue to explore App Review options. See here. Thanks. I have submitted an appeal. I will update here once i have some answer.

It seems to be that the bug is fixed in Tahoe 26.4 beta 3 release. I heard back from review and they have denied it with the temporary entitlement. I found that the waitforexit hangs but the disk was created so temporary workaround i wait for 5 to 10seconds and if the file was created i terminate the process and continue with my virtual machine creation. this temporarily fixes the problem. submitted for the review.

I am also facing the same issue. Able to install the previous version of testflight app. Today i updated a new version and cant install the same with testflight.

Thank you for the reply. Is there any example with code on how to do this?

never mind i managed to get the sample code from apple container github repository. now i can reserve a pool of ip address and assign ip address to guest from that. thanks for the heads up. it seem to be that VZVmnetNetworkDeviceAttachment is only avaialble for mac os 26 how can accomplist this with 14 and 15. any idea? And aslo after doing this i would like to do the port forwarding. Any idea how can i accomplish this.

my code looks likes this import Virtualization import vmnet import Darwin @available(macOS 26.0, *) public class SharedVMNetManager { public static let shared = SharedVMNetManager() private var activeNetwork: vmnet_network_ref? private var activeConfig: vmnet_network_configuration_ref? // Track which MACs we have already told the kernel about private var registeredMacs: Set<String> = [] private let lock = NSLock() private init() {} public func getAttachment(macAddress: String, reservedIP: String) -> VZVmnetNetworkDeviceAttachment? { lock.lock() defer { lock.unlock() } var status: vmnet_return_t = .VMNET_SUCCESS // 1. Check if we've already initialized the hardware switch if let config = activeConfig, let network = activeNetwork { // ONLY add the reservation if we haven't done it for this MAC yet if !registeredMacs.contains(macAddress) { addReservation(to: config, mac: macAddress, ip: reservedIP) registeredMacs.insert(macAddress) } return VZVmnetNetworkDeviceAttachment(network: network) } // 2. First-time initialization let mode: vmnet.operating_modes_t = .VMNET_SHARED_MODE guard let config = vmnet_network_configuration_create(mode, &status), status == .VMNET_SUCCESS else { return nil } // Define Subnet var subnet = in_addr(), mask = in_addr() inet_pton(AF_INET, "192.168.142.1", &subnet) inet_pton(AF_INET, "255.255.255.0", &mask) vmnet_network_configuration_set_ipv4_subnet(config, &subnet, &mask) // Define the Pool (Make sure your reserved IP is INSIDE this range) /*var start = in_addr(), end = in_addr() inet_pton(AF_INET, "192.168.142.10", &start) inet_pton(AF_INET, "192.168.142.50", &end) vmnet_network_configuration_set_ipv4_pool(config, &start, &end)*/ // 3. Register the first MAC before the network starts addReservation(to: config, mac: macAddress, ip: reservedIP) registeredMacs.insert(macAddress) // 4. Commit and Create Network guard let network = vmnet_network_create(config, &status), status == .VMNET_SUCCESS else { return nil } self.activeConfig = config self.activeNetwork = network return VZVmnetNetworkDeviceAttachment(network: network) } private func addReservation(to config: vmnet_network_configuration_ref, mac: String, ip: String) { var macAddr = ether_addr() guard let macPtr = ether_aton(mac) else { return } macAddr = macPtr.pointee var ipAddr = in_addr() inet_pton(AF_INET, ip, &ipAddr) // This tells the kernel's DHCP server: "If you see this MAC, give it this IP" let status = vmnet_network_configuration_add_dhcp_reservation(config, &macAddr, &ipAddr) if status != .VMNET_SUCCESS { print("dhcp faliure \(status.rawValue)") } } } For the first virtual machine the ip address is getting reserved but from second vm onwards ip is not getting reserved it gets from dhcp server. this makes me not able to assign ip address to second virtual machine onwards thus we cant determine the ipadddress of second vm onwards. is there a way we can ask vmnet to refresh the config. is it possible? Or the only way is to create the network config with all the ip address on start of the app and take it from there. what if the user creates a new vm. how to handle this kind of situation. thanks in advance

Ok now i found how to do port forwarding also i used this code var ipAddr = in_addr() // 1. Convert String to in_addr inet_pton(AF_INET, guestIP, &ipAddr) let status = vmnet_network_configuration_add_port_forwarding_rule( config, UInt8(IPPROTO_TCP), // TCP protocol sa_family_t(AF_INET), // address family guestPort, // internal port (guest) externalPort, // external port (host) &ipAddr // internal address (guest IP) ) if status == .VMNET_SUCCESS { print("✅ Port Forwarding set: Mac:\(externalPort) -> VM(\(guestIP)):\(guestPort)") } else { print("❌ Port Forwarding failed for \(guestIP): \(status.rawValue)") } } for port forwding it is returning success but when i test it it does not work. Is there anything i am doing wrong? Please help me also in fixing this problem

[quote='884231022, DTS Engineer, /thread/822025?answerId=884231022#884231022'] Coming back to your IP address issue, [/quote] Sorry i was confused between network and interface how to create a new interface should i use this https://developer.apple.com/documentation/vmnet/vmnet_interface_start_with_network(::::) ?

I tried creating new vmnet config and vmnet network for the second vm with same subnet and it failed. It seems to be we cant use the same subnet for new vmnet network. if i provide different subnet it is working fine. But i dont want to have a different subnet for each vm. I think we cant use vmnet_interfce_start_with_network because this is being taken care by the mac os virtuliaztion framewoth with the network we provide. any how i tried this it crashes with bad acces

[quote='884369022, DTS Engineer, /thread/822025?answerId=884369022#884369022'] Why is that? [/quote] Let me explain i present a settings screen where the user can define their own networks with their own subnet. After that the user can pick up the desired network in vm creation. So i allow the user to share the same network for various virtual machine. It is a user choice who decide which netwotk the vm belong to.

[quote='884370022, DTS Engineer, /thread/822658?answerId=884370022#884370022'] ard to say without more context. Specifically: [/quote] The guest acquiring the ip address correct for test i have created web server on the guest listen on port 5264 when i try to acces the port directly with the ip address of the guest it is working. i can reach the guest ip from the host with the port 5264. so i forward port 8000 of host as external port in the sample code what i have provided and i access http://localhost:8000 on the host and it does not work. Hope i have give enough details.

Is that a realistic user scenario that you’re trying to support? You are correct—this is exactly the scenario I am trying to implement. The primary challenge is that the network configuration cannot be modified while it is active. Currently, when a user attempts to change the network settings while it is in use, I prompt them either to restart the application or to stop any virtual machines using the network. This allows me to properly clean up and recreate the network with the updated configuration. At this stage, I have chosen to require an application restart for network modifications, as I have not found a reliable method to fully release the vmnet network. The documentation suggests using CFRelease, but this is not directly compatible with ARC. I did identify a workaround that appears to function correctly; however, the limitation remains that the network configuration cannot be changed while it is active. Additionally, it is not possible to hot-plug or remove network attachments from a running virtual machine, which further constrains dynamic reconfiguration. Given this, my current focus has shifted to resolving the port forwarding issue. Even when the configuration is predefined, port forwarding is not functioning as expected, despite the API call returning success. I am investigating why this discrepancy is occurring. This is where i need help. Instead of ip discovery i asked the user to set static ip which i can get it work with dhcp reservation with the network.