Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to use the TUN/TAP virtual network card in the Linux system". The content in the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "how to use the TUN/TAP virtual network card in the Linux system".

In the computer network, TUN and TAP are the virtual network devices in the operating system kernel. Different from the ordinary devices realized by hardware network cards, these virtual network devices are all implemented by software and provide the same functions as the hardware network devices to the software running on the operating system.

TAP is equivalent to an Ethernet device that operates layer 2 packets such as Ethernet data frames. TUN simulates network layer devices, operating layer 3 packets such as IP data packets.

The operating system sends data to the user space program bound to the device through the TUN/TAP device. Conversely, the user space program can also send data through the TUN/TAP device in the same way as the hardware network device. In the latter case, the TUN/TAP device delivers (or "injects") packets to the operating system's network stack, simulating the process of receiving data from the outside.

If the server has a TUN/TAP module, it can turn on the VPN proxy function.

The design principle of virtual network card TUN/TAP driver:

Tun/tap driver implements the function of virtual network card, tun means virtual point-to-point device, tap means virtual Ethernet device, these two devices implement different encapsulation for network packets.

Using the tun/tap driver, the network packets processed by the tcp/ip stack can be transmitted to any process using the tun/tap driver, which will be reprocessed by the process and then sent to the physical link.

Open source projects openvpn (http://openvpn.sourceforge.net) and Vtun (http://vtun.sourceforge.net)) are tunnel encapsulation using tun/tap drivers.

When testing the network startup service with the virtualbox virtual machine, because the network interface of the host obtains the ip address through DHCP, it is necessary to change the configuration file of dhcp after restarting the machine.

It is very troublesome, so I want to use virtual network card (TUN/TAP) to generate a virtual network card, set static ip, set virtualbox network to bridge mode, and can be relatively isolated from host network (different network segments)

Let's take fedora13 as an example to see how to create a virtual network card device.

1. Confirm whether the kernel supports tun/tap

Confirm if the kernel has a tun module

The code is as follows:

[root@hunterfu] # modinfo tun

Filename: / lib/modules/2.6.34.7-56.fc13.i686.PAE/kernel/drivers/net/tun.ko

Alias: char-major-10-200

License: GPL

Author: (C) 1999-2004 Max Krasnyansky

Description: Universal TUN/TAP device driver

Srcversion: 880DE258930FE60D765B735

Depends:

Vermagic: 2.6.34.7-56.fc13.i686.PAE SMP mod_unload 686

Load kernel modules-

The code is as follows:

[root@hunterfu ~] # modprobe tun

[root@hunterfu ~] # lsmod | grep tun

Tun 10548 1

After executing the above command, the output appears as above, indicating that the module is loaded successfully

two。 Create and configure a virtual network card

Confirm if there is a tunctl command, if it is not installed through yum

The code is as follows:

[root@hunterfu ~] # yum install tunctl

Create a virtual network card device

The code is as follows:

[root@hunterfu] # tunctl-t tap0-u root

Set up a virtual network card

The code is as follows:

[root@hunterfu ~] # ifconfig tap0 192.168.0.1 netmask 255.255.255.0 promisc

After the above operation, the virtual network card has been established and configured.

3. As a system service, create a virtual network card automatically with the system.

Write configuration scripts (in accordance with the chkconfig specification)

The code is as follows:

[root@hunterfu ~] # cat / etc/init.d/config_tap

#! / bin/bash

#

# config_tap Start up the tun/tap virtual nic

#

# chkconfig: 2345 55 25

USER= "root"

TAP_NETWORK= "192.168.0.1"

TAP_DEV_NUM=0

DESC= "TAP config"

Do_start () {

If [!-x / usr/sbin/tunctl]; then

Echo "/ usr/sbin/tunctl was NOT found!"

Exit 1

Fi

Tunctl-t tap$TAP_DEV_NUM-u root

Ifconfig tap$TAP_DEV_NUM ${TAP_NETWORK} netmask 255.255.255.0 promisc

Ifconfig tap$TAP_DEV_NUM

}

Do_stop () {

Ifconfig tap$TAP_DEV_NUM down

}

Do_restart () {

Do_stop

Do_start

}

Check_status () {

Ifconfig tap$TAP_DEV_NUM

}

Case $1 in

Start) do_start

Stop) do_stop

Restart) do_restart

Status)

Echo "Status of $DESC:"

Check_status

Exit "$?"

*)

Echo "Usage: $0 {start | stop | restart | status}"

Exit 1

Esac

You can modify this script according to your specific needs

Add to the system service

The code is as follows:

[root@hunterfu] # chkconfig-- add config_tap

[root@hunterfu] # chkconfig-- level 345 config_tap on

After the operation is completed, you can create and start the operation through service config_tap start, just like other standard services.

Thank you for your reading, the above is the content of "how to use the TUN/TAP virtual network card under the Linux system". After the study of this article, I believe you have a deeper understanding of how to use the TUN/TAP virtual network card under the Linux system. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.