The TUN is Virtual Point-to-Point network device. TUN driver was designed as low level kernel support for IP tunneling. It provides to userland application two interfaces: - /dev/tunX - character device; - tunX - virtual Point-to-Point interface. Userland application can write IP frame to /dev/tunX and kernel will receive this frame from tunX

Platforms with TUN/TAP drivers include: FreeBSD Linux, starting around version 2.1.60 of the Linux kernel mainline iOS (tun driver only) OS X (native support only for TUN ( utun )) NetBSD OpenBSD Android Solaris Windows 2000/XP/Vista/7/8/8.1/10 QNX Apr 19, 2010 · This tutorial will show you on how to create a tunnel interface in Linux (Slackware, Centos, Debian, Ubuntu, Fedora, Redhat, etc) To create a tunnel interface, you need to load/activate the ‘tun’ module first because it is unloaded/inactive by default. To activate it use ‘modprobe’ command as below: modprobe tun So to create the tun interface via commands line: sudo ip tuntap add mode tun dev tun0 ip addr add 10.0.0.0/24 dev tun0 # give it an ip ip link set dev tun0 up # bring the if up ip route get 10.0.0.2 # check that packets to 10.0.0.x are going through tun0 ping 10.0.0.2 # leave this running in another shell to be able to see the effect of the next example May 21, 2018 · A TUN interface is a virtual IP Point-to-Point interface and a TAP interface is a virtual Ethernet interface. That means the user program can only read/write IP packets from/to a TUN interface and Ethernet frames from/to a TAP interface. Use Cases. The typical use case of a TUN interface is IP tunneling. For example, OpenVPN receives packets from a TUN interface such as tun0 and encrypts it before sending to the real ethernet interface eth0. TUN interface internals This is a (very) short introduction to how the Linux TUN device is implemented and how it operates inside the Linux kernel. This is not a guide on how to use TUN devices, nor is it a complete documentation of all code making up the TUN device. The tun interface is a software loopback mechanism that can be loosely described as the network interface analog of the pty (4), that is, tun does for network interfaces what the pty (4) driver does for terminals. This socat documentation page does a good job of showing how they could be used. excerpt from socat doc

TUN Interfaces. TUN devices work at the IP level or layer three level of the network stack and are usually TAP Interfaces. TAP devices, in contrast, work at the Ethernet level or layer two and therefore behave very much like a Managing Virtual Interfaces. The above command creates a new TAP

To the kernel, it would look like the tun/tap interface is receiving data "from the wire". The difference between a tap interface and a tun interface is that a tap interface outputs (and must be given) full ethernet frames, while a tun interface outputs (and must be given) raw IP packets (and no ethernet headers are added by the kernel). TUN/TAP provides packet reception and transmission for user space programs. It can be seen as a simple Point-to-Point or Ethernet device, which, instead of receiving packets from physical media, receives them from user space program and instead of sending packets via physical media writes them to the user space program.

The platforms are supported by TUN/TAP driver are Linux kernels 2.2.x, 2.4.x, FreeBSD 3.x, 4.x, 5.x and Solaris 2.6, 7.0, 8.0. TUN Interfaces. TUN devices work at the IP level or layer three level of the network stack. TUN devices are usually point-to-point connections.

Mar 26, 2010 · Network interfaces in Linux don't appear under /dev; the only thing you'll see there is /dev/net/tun, which is the device that should be opened as the first step to create a tun/tap interface. If you run the sample code, you'll be able to see and configure the interface you create by using "ip link" while the program is running; when the Aug 06, 2009 · Hi all, I'm trying to write a script that will turn off the network interface eth0 on a linux Gentoo machine and then turn it back on, any help? Thanks, Neked | The UNIX and Linux Forums I successfully managed to get Linux VTI (Virtual Tunnel Interface) working with strongSwan. By using VTI it is no longer needed to rely on the routing policy database, making understanding and maintaining routes easier. Also with VTI you can see the cleartext traffic on the VTI interface itself.