Basic tutorial on using TUN/TAP Virtual network card under CentOS

Source: Internet
Author: User



In the computer network, Tun and tap are virtual network devices in the operating system kernel. Different from the common hardware network card implementation of the device, these virtual network devices are all software implementation, and running on the operating system of the software to provide the hardware and network equipment exactly the same function.
TAP equates to an Ethernet device that operates on a second layer of packets such as an Ethernet data frame. The Tun simulates a network-layer device, operating a third-tier packet such as an IP data packet.
The operating system sends data to the program that binds the user space of the device through the TUN/TAP device, whereas the user-space program can send data through the TUN/TAP device as if it were a hardware network device. In the latter case, the TUN/TAP device delivers (or "injects") packets to the operating system's network stack, simulating the process of accepting data from the outside.
If the server has a TUN/TAP module, it can turn on the VPN proxy function.
Virtual network card TUN/TAP driver design principle:
650) this.width=650; "alt=" 20151120120604752.jpg (553x396) "src=" http://files.jb51.net/file_images/article/201511/ 20151120120604752.jpg?2015102012612 "style=" border:1px solid rgb (204,204,204); vertical-align:bottom;padding:1px; " />



The Tun/tap driver implements the function of the virtual network card, Tun that the virtual is a point-to-point device, tap represents the virtual Ethernet device, both of which implement different encapsulation for the network packet.
With the Tun/tap driver, the TCP/IP protocol stack-handled network subcontracting can be transmitted to any process using TUN/TAP driver, which is re-processed by the process and then sent to the physical link.
Open source Projects OpenVPN (http://openvpn.sourceforge.net) and Vtun (http://vtun.sourceforge.net) are all tunnel packages implemented with TUN/TAP drivers.



1. Confirm if the kernel supports TUN/TAP
Confirm if kernel has tun module



[Email protected]_196_26_centos ~]# Modinfo Tun



FileName:/lib/modules/3.10.0-327.el7.x86_64/kernel/drivers/net/tun.ko



Alias:devname:net/tun



alias:char-major-10-200



License:gpl



Author: (C) 1999-2004 Max Krasnyansky <[email protected]>



Description:universal Tun/tap Device Driver



rhelversion:7.2



Srcversion:b59bcb1255a36fbc7557fc3



Depends



Intree:y



vermagic:3.10.0-327.el7.x86_64 SMP mod_unload modversions



Signer:centos Linux Kernel signing key



Sig_key:79:ad:88:6a:11:3c:a0:22:35:26:33:6c:0f:82:5b:8a:94:29:6a:b3



sig_hashalgo:sha256



Loading kernel modules



[Email protected]_196_26_centos ~]# Modprobe Tun



[[Email protected]_196_26_centos ~]# lsmod | grep Tun



Tun 27141 0



After executing the above command, it appears as above output, indicating that the module was loaded successfully



2. Create and configure a virtual network card
Confirm if there is a tunctl command, if it is not installed via Yum



CENTOS6 by direct through Yum Install tunctl-y installation



(the above reference http://www.jb51.net/LINUXjishu/401735.html )



Centos7 need to add a Yum source before installation (refer to https://pkgs.org/centos-7/nux-misc-x86_64/tunctl-1.5-12.el7.nux.x86_64.rpm.html )



Install Howto


    1. Create The repository config File/etc/yum.repos.d/nux-misc.repo:

      [Nux-misc]name=nux miscbaseurl=http://li.nux.ro/download/nux/misc/el7/x86_64/enabled=0gpgcheck=1gpgkey=http:// li.nux.ro/download/nux/rpm-gpg-key-nux.ro
    2. Install Tunctl RPM Package:

      # Yum--enablerepo=nux-misc Install Tunctl


Create a virtual network card device






[Email Protected]_196_26_centos ~]# tunctl-t tap0-u Root



Set ' tap0 ' persistent and owned by UID 0



[Email protected]_196_26_centos ~]# ifconfig tap0 192.168.0.1 netmask 255.255.255.0 promisc



[Email protected]_196_26_centos ~]# ifconfig tap0



Tap0:flags=4355<up,broadcast,promisc,multicast> MTU 1500



inet 192.168.0.1 netmask 255.255.255.0 broadcast 192.168.0.255



Ether 5e:04:f6:78:9a:01 Txqueuelen (Ethernet)



RX Packets 0 Bytes 0 (0.0 B)



RX errors 0 dropped 0 overruns 0 frame 0



TX Packets 0 Bytes 0 (0.0 B)



TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0



After the above operation, the virtual network card has been established and configured.



Next, add a tap1 with another command (see https://www.mylinuxplace.com/create-taptun-device-centos-7/)






[[Email Protected]_196_26_centos ~]# IP tuntap add tap1 mode tap



[Email protected]_196_26_centos ~]# ifconfig tap1 10.0.0.1/30



[Email protected]_196_26_centos ~]# ifconfig tap1



Tap1:flags=4099<up,broadcast,multicast> MTU 1500



inet 10.0.0.1 netmask 255.255.255.252 broadcast 10.0.0.3



Ether 2e:69:ab:20:0d:a7 Txqueuelen (Ethernet)



RX Packets 0 Bytes 0 (0.0 B)



RX errors 0 dropped 0 overruns 0 frame 0



TX Packets 0 Bytes 0 (0.0 B)



TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0






< Strong style= "Padding:0px;margin:0px;color:rgb (85,85,85); Font-family:tahoma, Arial, ' song-body '; font-size:14px; Line-height:25.2px;white-space:normal;background-color:rgb (255,255,255); " >3. < Strong style= "Padding:0px;margin:0px;color:rgb (85,85,85); Font-family:tahoma, Arial, ' song-body '; font-size:14px; Line-height:25.2px;white-space:normal;background-color:rgb (255,255,255); " > finally how to delete tap0, Tap1? (refer to http://blog.csdn.net/zhaihaifei/article/details/23168621 )



[Email protected]_196_26_centos ~]# tunctl-d tap0



Set ' Tap0 ' nonpersistent



[Email protected]_196_26_centos ~]# tunctl-d Tap1



Set ' Tap1 ' nonpersistent



650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/8A/12/wKioL1glt42AtAaXAAB3KlT59k8433.png "title=" Delete tap0 Tap1.png "alt=" Wkiol1glt42ataaxaab3klt59k8433.png "/>






Basic tutorial on using TUN/TAP Virtual network card under CentOS


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.