In the computer network, Tun and tap are virtual network devices in the operating system kernel. Different from the common hardware network card implementation of the device, these virtual network devices are all software implementation, and running on the operating system of the software to provide the hardware and network equipment exactly the same function.
TAP equates to an Ethernet device that operates on a second layer of packets such as an Ethernet data frame. The Tun simulates a network-layer device, operating a third-tier packet such as an IP data packet.
The operating system sends data to the program that binds the user space of the device through the TUN/TAP device, whereas the user-space program can send data through the TUN/TAP device as if it were a hardware network device. In the latter case, the TUN/TAP device delivers (or "injects") packets to the operating system's network stack, simulating the process of accepting data from the outside.
If the server has a TUN/TAP module, it can turn on the VPN proxy function.
Virtual network card TUN/TAP driver design principle:
650) this.width=650; "alt=" 20151120120604752.jpg (553x396) "src=" http://files.jb51.net/file_images/article/201511/ 20151120120604752.jpg?2015102012612 "style=" border:1px solid rgb (204,204,204); vertical-align:bottom;padding:1px; " />
The Tun/tap driver implements the function of the virtual network card, Tun that the virtual is a point-to-point device, tap represents the virtual Ethernet device, both of which implement different encapsulation for the network packet.
With the Tun/tap driver, the TCP/IP protocol stack-handled network subcontracting can be transmitted to any process using TUN/TAP driver, which is re-processed by the process and then sent to the physical link.
Open source Projects OpenVPN (http://openvpn.sourceforge.net) and Vtun (http://vtun.sourceforge.net) are all tunnel packages implemented with TUN/TAP drivers.
1. Confirm if the kernel supports TUN/TAP
Confirm if kernel has tun module
[Email protected]_196_26_centos ~]# Modinfo Tun
FileName:/lib/modules/3.10.0-327.el7.x86_64/kernel/drivers/net/tun.ko
Alias:devname:net/tun
alias:char-major-10-200
License:gpl
Author: (C) 1999-2004 Max Krasnyansky <[email protected]>
Description:universal Tun/tap Device Driver
rhelversion:7.2
Srcversion:b59bcb1255a36fbc7557fc3
Depends
Intree:y
vermagic:3.10.0-327.el7.x86_64 SMP mod_unload modversions
Signer:centos Linux Kernel signing key
Sig_key:79:ad:88:6a:11:3c:a0:22:35:26:33:6c:0f:82:5b:8a:94:29:6a:b3
sig_hashalgo:sha256
Loading kernel modules
[Email protected]_196_26_centos ~]# Modprobe Tun
[[Email protected]_196_26_centos ~]# lsmod | grep Tun
Tun 27141 0
After executing the above command, it appears as above output, indicating that the module was loaded successfully
2. Create and configure a virtual network card
Confirm if there is a tunctl command, if it is not installed via Yum
CENTOS6 by direct through Yum Install tunctl-y installation
(the above reference http://www.jb51.net/LINUXjishu/401735.html )
Centos7 need to add a Yum source before installation (refer to https://pkgs.org/centos-7/nux-misc-x86_64/tunctl-1.5-12.el7.nux.x86_64.rpm.html )
Install Howto
-
Create The repository config File/etc/yum.repos.d/nux-misc.repo:
[Nux-misc]name=nux miscbaseurl=http://li.nux.ro/download/nux/misc/el7/x86_64/enabled=0gpgcheck=1gpgkey=http:// li.nux.ro/download/nux/rpm-gpg-key-nux.ro
-
Install Tunctl RPM Package:
# Yum--enablerepo=nux-misc Install Tunctl
Create a virtual network card device
[Email Protected]_196_26_centos ~]# tunctl-t tap0-u Root
Set ' tap0 ' persistent and owned by UID 0
[Email protected]_196_26_centos ~]# ifconfig tap0 192.168.0.1 netmask 255.255.255.0 promisc
[Email protected]_196_26_centos ~]# ifconfig tap0
Tap0:flags=4355<up,broadcast,promisc,multicast> MTU 1500
inet 192.168.0.1 netmask 255.255.255.0 broadcast 192.168.0.255
Ether 5e:04:f6:78:9a:01 Txqueuelen (Ethernet)
RX Packets 0 Bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX Packets 0 Bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
After the above operation, the virtual network card has been established and configured.
Next, add a tap1 with another command (see https://www.mylinuxplace.com/create-taptun-device-centos-7/)
[[Email Protected]_196_26_centos ~]# IP tuntap add tap1 mode tap
[Email protected]_196_26_centos ~]# ifconfig tap1 10.0.0.1/30
[Email protected]_196_26_centos ~]# ifconfig tap1
Tap1:flags=4099<up,broadcast,multicast> MTU 1500
inet 10.0.0.1 netmask 255.255.255.252 broadcast 10.0.0.3
Ether 2e:69:ab:20:0d:a7 Txqueuelen (Ethernet)
RX Packets 0 Bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX Packets 0 Bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
< Strong style= "Padding:0px;margin:0px;color:rgb (85,85,85); Font-family:tahoma, Arial, ' song-body '; font-size:14px; Line-height:25.2px;white-space:normal;background-color:rgb (255,255,255); " >3. < Strong style= "Padding:0px;margin:0px;color:rgb (85,85,85); Font-family:tahoma, Arial, ' song-body '; font-size:14px; Line-height:25.2px;white-space:normal;background-color:rgb (255,255,255); " > finally how to delete tap0, Tap1? (refer to http://blog.csdn.net/zhaihaifei/article/details/23168621 )
[Email protected]_196_26_centos ~]# tunctl-d tap0
Set ' Tap0 ' nonpersistent
[Email protected]_196_26_centos ~]# tunctl-d Tap1
Set ' Tap1 ' nonpersistent
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/8A/12/wKioL1glt42AtAaXAAB3KlT59k8433.png "title=" Delete tap0 Tap1.png "alt=" Wkiol1glt42ataaxaab3klt59k8433.png "/>
Basic tutorial on using TUN/TAP Virtual network card under CentOS