5

I'm not clear about how the tun/tap interface is working. From Wikipedia, I got this:

Packets sent by an operating system via a TUN/TAP device are delivered to a user-space program that attaches itself to the device. A user-space program may also pass packets into a TUN/TAP device. In this case TUN/TAP device delivers (or "injects") these packets to the operating system network stack thus emulating their reception from an external source.

Now, let's suppose that I create a tun with IP 12.12.12.1. If on this machine I have two NICs, will I be able to communicate with this tun (on 12.12.12.1 IP) from an external machine(let's say 12.12.12.2) no matter what NIC device the second machine is connected to (let's say eth0 or eth1)?

With other words, are the tun and NICs independent one of each other, or you need to communicate with the tun through a specific NIC?

N.B. Links on topic are welcome!

artaxerxe
  • 6,281
  • 21
  • 68
  • 106

1 Answers1

8

If you set up a virtual network e.g. 12.12.12.0/24 that is reachable via your virtual interface and you send a packet to this network from your machine, the kernel module implementing tun/tap will send this packet from the kernel via a character device to your application. It is up to your application that what it does with this packet. It can be transmitted to some other application (e.g. VPN server). Your application can also feed packets back via this character device, and the OS network stack will see these packets as ingress network traffic.

If the machine acts as a router it can just use a tun/tap virtual interface as a regular one and forward traffic via it, but it is always the application handling the device that manages packets. Outgoing traffic via the virtual interface is always delivered to your application, and incoming traffic via the virtual interface always originates from your application.

ldx
  • 3,984
  • 23
  • 28
  • @Idx, what if i want to redirect Tap interface traffic to physical ethernet and vice versa, how to do that? (without bridging them together offcourse) – Space Rocker Feb 18 '13 at 14:32
  • It depends what you mean on 'redirect'. You can do routing on your box, but then you need to enable IP forwarding, set up the necessary routes and the packets should have a destination address that is reached via a route via your ethernet interface. But, again, depends on what you mean by 'redirecting'. – ldx Feb 18 '13 at 16:38
  • @Idx, so you mean on virtual interface i assing an IP Address whose gateway should be the physical interface IP and then use source based policy routing to do that?? – Space Rocker Feb 18 '13 at 18:05
  • Can you recap what you'd like to do in more detail? – ldx Feb 18 '13 at 22:22
  • here is what i want to do, but can't figure out, iv'e spend hrs scratching my head: http://unix.stackexchange.com/questions/62392/redirect-packets-from-ppp0-interface-to-ethernet-interface-in-linux – Space Rocker Feb 19 '13 at 11:28
  • @Idx I have two NIC's installed on my linux machine, and I have created two tuntaps. I want to achieve the udp datagrams to be sent from one tuntap and to be received to another tuntap. Any possible way to achieve this....??? At a time, if I am creating one tun interface, I am unable to create another tun interface....can u guide me what is going wrong in this??? – frp farhan Mar 08 '16 at 18:44