Contents
What is TUN TAP Linux?
From the Linux kernel documentation: TUN/TAP provides packet reception and transmission for user space programs. In other words, TUN/TAP interfaces are virtual interfaces that does not have physical devices associated. A user space program can attach to a TUN/TAP interface and handle the traffic sent to the interface.
How does Tun TAP work?
TUN, namely network TUNnel, simulates a network layer device and operates in layer 3 carrying IP packets. TAP can be used to create a user space network bridge. Packets sent by an operating system via a TUN/TAP device are delivered to a user space program which attaches itself to the device.
How does Tun tap work?
What’s the difference between Tun and TAP devices?
It is worth noting that TUN/TAP devices are only used by certain VPN protocols (such as OpenVPN and WireGuard) and not others (such as IKEv2). In practice, TAP devices are used to create a user-space network bridge for which they act as switches. TUN devices, on the other hand, are used to route packets through the VPN tunnel.
How to know if a network interface is tap, Tun, Bridge or physical?
How to know if a network interface is tap, tun, bridge or physical? As far as I know, there are 4 main types of network interfaces in Linux: tun, tap, bridge and physical. When I’m doing sys admin on machines running KVM, I usually come across tap, bridge and physical interfaces on the same machine, without being able to tell them apart.
Is the interfaces that handle protocols or the OS?
I think: A tap or a tun is an interface (in the sense of a port) because it doesn’t manipulate the protocols. When we look at a larger context where we view the tap / tun interface together with the program/OS/VM sitting behind it as a whole thing, we could say this is the “interface” that other systems talk to.
How to create a tap interface with tunctl?
Also I can create a tap interface with tunctl command but how can I create a tun interface with the same command (the command is called TUNctl not TAPctl…)?