Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Difference between a loopback device and tun/tap device.
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
dE_logics
Advocate
Advocate


Joined: 02 Jan 2009
Posts: 2178
Location: $TERM

PostPosted: Mon Sep 09, 2013 6:42 am    Post subject: Difference between a loopback device and tun/tap device. Reply with quote

One requires a module and one does not? I can have many tun/tap devices and just one loopback?

Another question -- on the tun/tap device, the server/daemon/kernel will listen for incoming connections on an IP which the virtual interface. The client will connect from the same interface and have the same source IP? e.g.

A packet is received by the kernel from a userspace application, it's source = 192.168.2.1 and destination = 192.168.2.1.

Am I missing something?
_________________
Buy from companies supporting opensource -- IBM, Dell, HP, Hitachi, Google etc...
Disfavor companies supporting only Win -- Logitech, Epson, Adobe, Autodesk, Pioneer, Kingston, WD, Yahoo, MSI, XFX
My blog
Back to top
View user's profile Send private message
eccerr0r
Advocate
Advocate


Joined: 01 Jul 2004
Posts: 4010
Location: USA

PostPosted: Mon Sep 09, 2013 5:35 pm    Post subject: Reply with quote

Not sure what you're asking here, they are kind of different...

Loopback points back to the same machine you're on...

TUNnel/TAP "wires into" a network interface so you can add/extract packets into the interface, and they can lead out of the machine (but not always necessary)...

You can have many taps/tunnels. But you can only be yourself (though 127.x.x.x all are loopback, so you have 16 million loopback addresses minus broadcast...)

I had a UML virtual machine using tun/tap (creating a tap). It had an external IP address. People could connect to it from the outside world and connections from with the VM shows up as the external address. If I connect from it to the machine the VM is hosted on, it shows up as its own IP address.

This isn't the only use for tun/tap, can create software tunnels for VPNs as well so packets going through will go through software before sent back...

Maybe this is more confusing now. hmm.
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed to be advocating?
Back to top
View user's profile Send private message
dE_logics
Advocate
Advocate


Joined: 02 Jan 2009
Posts: 2178
Location: $TERM

PostPosted: Tue Sep 10, 2013 3:39 am    Post subject: Reply with quote

Ok, so the main thing is bridging to a real interface which cannot happen (?) with a loopback device. But bridging requires tap exclusively.
_________________
Buy from companies supporting opensource -- IBM, Dell, HP, Hitachi, Google etc...
Disfavor companies supporting only Win -- Logitech, Epson, Adobe, Autodesk, Pioneer, Kingston, WD, Yahoo, MSI, XFX
My blog
Back to top
View user's profile Send private message
666threesixes666
Veteran
Veteran


Joined: 31 May 2011
Posts: 1241
Location: 42.68n 85.41w

PostPosted: Tue Sep 10, 2013 3:55 am    Post subject: Reply with quote

out of curiosity, what tap/tun method are you using, openvpn?
_________________
cat /etc/*-release
Funtoo Linux - baselayout 2.2.0
consider this warning no. 1
https://wiki.gentoo.org/index.php?title=Special:Contributions/666threesixes666&offset=&limit=500&target=666threesixes666
Back to top
View user's profile Send private message
eccerr0r
Advocate
Advocate


Joined: 01 Jul 2004
Posts: 4010
Location: USA

PostPosted: Tue Sep 10, 2013 3:11 pm    Post subject: Reply with quote

You can bridge interfaces together but a tap is associated with an interface.

What are you trying to do here, I guess that'd be interesting information.

Currently for me:

I use virtual network interfaces for my virtual machines and bridge them together. You make a bridge and then attach the physical/virtual interfaces to it.

On another machine I use tun/tap with openvpn that opens software tunnel interfaces that will encrypt and send out packets...
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed to be advocating?
Back to top
View user's profile Send private message
dE_logics
Advocate
Advocate


Joined: 02 Jan 2009
Posts: 2178
Location: $TERM

PostPosted: Wed Sep 11, 2013 4:12 am    Post subject: Reply with quote

"Method"? I'm using ip command (iproute2) to create the interfaces.

@eccerr0r
Purpose is same as yours -- Advanced networking with Qemu -- I'm learning that right now.

But tun device doesn't have level 2, and bridging requires handling of frames and ARP.
_________________
Buy from companies supporting opensource -- IBM, Dell, HP, Hitachi, Google etc...
Disfavor companies supporting only Win -- Logitech, Epson, Adobe, Autodesk, Pioneer, Kingston, WD, Yahoo, MSI, XFX
My blog
Back to top
View user's profile Send private message
eccerr0r
Advocate
Advocate


Joined: 01 Jul 2004
Posts: 4010
Location: USA

PostPosted: Wed Sep 11, 2013 5:43 am    Post subject: Reply with quote

Apparently QEMU virt-manager made it really easy, except networkmanager does not support bridges.

This is what I did:

I got rid of networkmanager.

I setup enp4s0 (my onboard ethernet) to be enabled but not get an ip address
I setup br0 with a bridge connection to enp4s0
I setup br0 to get an IP address.
/etc/conf.d/net
Code:
config_enp4s0="null"
brctl_br0="stp off"
bridge_br0="enp4s0"
config_br0="dhcp"
rc_net_br0_need="net.enp4s0"


/etc/init.d/net.enp4s0 and /etc/init.d/net.br0 link to net.lo like the usual Gentoo setup.

At this point virt-manager let me select my bridge br0 as the network device, and automatically configures a macvlan for each VM and hooks it into your bridge. Very simple setup IMHO....

It seems to just "work" for me, the only downside is that for some reason NFS is really slow. I'm using the virtio driver between VM and host, and not emulating real hardware.
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed to be advocating?
Back to top
View user's profile Send private message
dE_logics
Advocate
Advocate


Joined: 02 Jan 2009
Posts: 2178
Location: $TERM

PostPosted: Thu Sep 12, 2013 11:33 am    Post subject: Reply with quote

Thanks. In Qemu networking I'll take this into reference.
_________________
Buy from companies supporting opensource -- IBM, Dell, HP, Hitachi, Google etc...
Disfavor companies supporting only Win -- Logitech, Epson, Adobe, Autodesk, Pioneer, Kingston, WD, Yahoo, MSI, XFX
My blog
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum