What exactly happens to packets written to a TUN/TAP device?

linux networking iptables tap tun
5,698

The tun tap device appears the same to the kernel in that it can't tell whether the data comes from a wire connected to an ethernet interfaces or from a userland application. When data is written it is forwarded to the userland application rather than a physical interface device eg. eth0

The interface a packet is forwarded to will be based on the routing table as usual which you can view with ip route or netstat -r. This will apply to packets addressed for the localhost also.

Additionally, TUN/TAP interface can also be used as the interface for a route which appears in the routing table.

Share:
5,698

Related videos on Youtube

user3467349
Author by

user3467349

Updated on September 18, 2022

Comments

  • user3467349
    user3467349 almost 2 years

    I'm trying to send packets to an application listening on eth0 from machine's user-space as if they were coming from a remote machine.

    What I can't seem to find good documentation for is the exact way a TUN/TAP device interacts with the rest of the network stack? Are packets forwarded to eth0 if they are bound for a remote host? Will packets addressed for the localhost be forwarded to the userspace application by default? At what stages do the packets appear in the kernel relative to the Netfilter stack?

    The behaviour doesn't appear well documented (http://openvpn.net/archive/openvpn-users/2005-05/msg00224.html, https://www.kernel.org/doc/Documentation/networking/tuntap.txt)).

  • Martin
    Martin over 9 years
    If the userland app writes to the tuntap, if there is a matching route for the remote address it will be forwarded to the interface associated with that route, which may be eth0 or if there is no matching route (or default route) it will be discarded. The kernel treats it the same as a physical interface in this regard, if it is written to the tuntap device with a UDP wrapper, it will be read from the device by the userland app with the same UDP wrapper.
  • user3467349
    user3467349 over 9 years
    So if I understand correctly - a packet destined to a remote machine written to tap will be the same as one written to eth0? Likewise a packet destined for the local machine written to tap will be treated the same as one received over the wire? Can I distinguish them at all in Netfilter rules?
  • Martin
    Martin over 9 years
    Correct. Yes, you can use the same criteria as you would if there were no tun/tap interfaces.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Why are incoming packets on a TAP interface seen with tcpdump but not with iptables?
Cannot open TUN/TAP dev
Tap interfaces and /dev/net/tun device, using ip tuntap command
How to make all outgoing RST drop
Allow ssh incoming/outgoing and blocking all outgoing besides specific ports
Interfacing with TUN\TAP for MAC OSX (Lion) using Python
tc on bridge port
TCP connect: No route to host
Mirror all traffic from one port to another on localhost using iptables
iptables - how to keep source IP after forwarding?