tun/tap driver

From Noah.org
Revision as of 09:54, 9 May 2013 by Root (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

There are two ways to create tuntap interfaces. They can be created with ip or with tunctl (part of uml-utilities).

# ip tuntap del tap0 mode tap
# ip tuntap add tun0 mode tun
ip tuntap add tap0 mode tap
ip link set tap0 up
ip addr add dev tap0
brctl addbr br0
ip link set br0 up
brctl addif br0 eth0
brctl addif br0 tap0

enable routing in Linux

The kernel needs to be told to forward IP packets.

# cat /proc/sys/net/ipv4/ip_forward
# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0
# echo 1 > /proc/sys/net/ipv4/ip_forward
# cat /proc/sys/net/ipv4/ip_forward

IPTables needs to be setup to do the actual routing between interfaces.

iptables -A INPUT -i tap0 -j ACCEPT
iptables -A INPUT -i br0 -j ACCEPT
iptables -A FORWARD -i br0 -j ACCEPT