2002-08-20 19:47:46 +04:00
|
|
|
.\" $NetBSD: tun.4,v 1.13 2002/08/20 15:47:46 wiz Exp $
|
1996-06-26 02:17:37 +04:00
|
|
|
.\" Based on PR#2411
|
|
|
|
.\"
|
|
|
|
.Dd March 10, 1996
|
|
|
|
.Dt TUN 4
|
1999-03-16 04:19:14 +03:00
|
|
|
.Os
|
1996-06-26 02:17:37 +04:00
|
|
|
.Sh NAME
|
|
|
|
.Nm tun
|
|
|
|
.Nd tunnel software network interface
|
|
|
|
.Sh SYNOPSIS
|
|
|
|
.Cd pseudo-device tun Op Ar count
|
|
|
|
.Sh DESCRIPTION
|
|
|
|
The
|
|
|
|
.Nm tun
|
|
|
|
interface is a software loopback mechanism that can be loosely
|
|
|
|
described as the network interface analog of the
|
|
|
|
.Xr pty 4 ,
|
|
|
|
that is,
|
|
|
|
.Nm tun
|
|
|
|
does for network interfaces what the
|
|
|
|
.Nm pty
|
|
|
|
driver does for terminals.
|
|
|
|
.Pp
|
|
|
|
The
|
|
|
|
.Nm tun
|
|
|
|
driver, like the
|
|
|
|
.Nm pty
|
|
|
|
driver, provides two interfaces: an interface like the usual facility
|
|
|
|
it is simulating
|
|
|
|
.Po
|
|
|
|
a network interface in the case of
|
|
|
|
.Nm tun ,
|
|
|
|
or a terminal for
|
2000-08-10 06:34:50 +04:00
|
|
|
.Nm pty
|
|
|
|
.Pc ,
|
1996-06-26 02:17:37 +04:00
|
|
|
and a character-special device
|
|
|
|
.Dq control
|
|
|
|
interface.
|
|
|
|
.Pp
|
2001-10-31 23:08:17 +03:00
|
|
|
To use a
|
|
|
|
.Nm tun
|
|
|
|
device, the administrator must first create the interface. This can
|
|
|
|
be done by using the
|
|
|
|
.Xr ifconfig 8
|
2001-11-01 04:15:42 +03:00
|
|
|
.Sq create
|
|
|
|
command, or via the
|
2001-10-31 23:08:17 +03:00
|
|
|
.Dv SIOCIFCREATE
|
|
|
|
ioctl. Note that an
|
|
|
|
.Fn open
|
|
|
|
call on
|
|
|
|
.Pa /dev/tun Ns Sy N ,
|
|
|
|
will indicate that the device is not configured
|
|
|
|
.Pq Er ENXIO
|
|
|
|
unless the corresponding network interface has been created.
|
|
|
|
.Pp
|
1996-06-26 02:17:37 +04:00
|
|
|
The network interfaces are named
|
|
|
|
.Sy tun Ns Ar 0 ,
|
|
|
|
.Sy tun Ns Ar 1 ,
|
|
|
|
etc, as many in all as the
|
|
|
|
.Ar count
|
|
|
|
figure given on the
|
|
|
|
.Sy pseudo-device
|
|
|
|
line. Each one supports the usual network-interface
|
2001-09-22 20:36:21 +04:00
|
|
|
.Xr ioctl 2 Ns s ,
|
1996-06-26 02:17:37 +04:00
|
|
|
such as
|
|
|
|
.Dv SIOCSIFADDR
|
|
|
|
and
|
|
|
|
.Dv SIOCSIFNETMASK ,
|
|
|
|
and thus can be used with
|
|
|
|
.Xr ifconfig 8
|
|
|
|
like any other interface. At boot time, they are
|
|
|
|
.Dv POINTOPOINT
|
|
|
|
interfaces, but this can be changed; see the description of the control
|
|
|
|
device, below. When the system chooses to transmit a packet on the
|
|
|
|
network interface, the packet can be read from the control device
|
|
|
|
.Po
|
2001-10-31 23:08:17 +03:00
|
|
|
it appears there as
|
|
|
|
.Dq output
|
1996-06-26 02:17:37 +04:00
|
|
|
.Pc ;
|
|
|
|
writing a packet to the control device generates an input
|
|
|
|
packet on the network interface, as if the
|
|
|
|
.Pq non-existent
|
|
|
|
hardware had just received it.
|
|
|
|
.Pp
|
|
|
|
The tunnel device, normally
|
|
|
|
.Pa /dev/tun Ns Sy N ,
|
|
|
|
is exclusive-open
|
|
|
|
.Po
|
|
|
|
it cannot be opened if it is already open
|
|
|
|
.Pc
|
2001-10-31 23:08:17 +03:00
|
|
|
and is restricted to the super-user
|
|
|
|
.Po
|
|
|
|
regardless of file system permissions
|
|
|
|
.Pc . A
|
1996-06-26 02:17:37 +04:00
|
|
|
.Fn read
|
|
|
|
call will return an error
|
|
|
|
.Pq Er EHOSTDOWN
|
|
|
|
if the interface is not
|
|
|
|
.Dq ready
|
2001-10-31 23:08:17 +03:00
|
|
|
(which means that the interface
|
|
|
|
address has not been set).
|
1996-06-26 02:17:37 +04:00
|
|
|
Once the interface is ready,
|
|
|
|
.Fn read
|
|
|
|
will return a packet if one is available; if not, it will either block
|
|
|
|
until one is or return
|
2001-05-19 21:23:39 +04:00
|
|
|
.Er EAGAIN ,
|
1996-06-26 02:17:37 +04:00
|
|
|
depending on whether non-blocking I/O has been enabled. If the packet
|
|
|
|
is longer than is allowed for in the buffer passed to
|
|
|
|
.Fn read ,
|
|
|
|
the extra data will be silently dropped.
|
|
|
|
.Pp
|
|
|
|
Packets can be optionally prepended with the destination address as presented
|
|
|
|
to the network interface output routine
|
|
|
|
.Pq Sq Li tunoutput .
|
|
|
|
The destination address is in
|
|
|
|
.Sq Li struct sockaddr
|
|
|
|
format. The actual length of the prepended address is in the member
|
|
|
|
.Sq Li sa_len .
|
|
|
|
The packet data follows immediately.
|
|
|
|
A
|
|
|
|
.Xr write 2
|
|
|
|
call passes a packet in to be
|
|
|
|
.Dq received
|
|
|
|
on the pseudo-interface. Each
|
|
|
|
.Fn write
|
|
|
|
call supplies exactly one packet; the packet length is taken from the
|
|
|
|
amount of data provided to
|
|
|
|
.Fn write .
|
|
|
|
Writes will not block; if the packet cannot be accepted for a
|
|
|
|
transient reason
|
|
|
|
.Pq e.g., no buffer space available ,
|
|
|
|
it is silently dropped; if the reason is not transient
|
|
|
|
.Pq e.g., packet too large ,
|
|
|
|
an error is returned.
|
|
|
|
If
|
|
|
|
.Dq link-layer mode
|
|
|
|
is on
|
|
|
|
.Pq see Dv TUNSLMODE No below ,
|
|
|
|
the actual packet data must be preceded by a
|
|
|
|
.Sq Li struct sockaddr .
|
|
|
|
The driver currently only inspects the
|
|
|
|
.Sq Li sa_family
|
|
|
|
field.
|
|
|
|
The following
|
|
|
|
.Xr ioctl 2
|
|
|
|
calls are supported
|
2002-08-20 19:47:46 +04:00
|
|
|
.Pq defined in Aq Pa net/if_tun.h :
|
1996-06-26 02:17:37 +04:00
|
|
|
.Bl -tag -width TUNSIFMODE
|
|
|
|
.It Dv TUNSDEBUG
|
|
|
|
The argument should be a pointer to an
|
|
|
|
.Va int ;
|
|
|
|
this sets the internal debugging variable to that value. What, if
|
|
|
|
anything, this variable controls is not documented here; see the source
|
|
|
|
code.
|
|
|
|
.It Dv TUNGDEBUG
|
|
|
|
The argument should be a pointer to an
|
|
|
|
.Va int ;
|
|
|
|
this stores the internal debugging variable's value into it.
|
|
|
|
.It Dv TUNSIFMODE
|
|
|
|
The argument should be a pointer to an
|
|
|
|
.Va int ;
|
1997-09-25 17:14:46 +04:00
|
|
|
its value must be either
|
1996-06-26 02:17:37 +04:00
|
|
|
.Dv IFF_POINTOPOINT
|
|
|
|
or
|
2001-09-12 02:52:52 +04:00
|
|
|
.Dv IFF_BROADCAST
|
1997-09-25 17:14:46 +04:00
|
|
|
(optionally
|
|
|
|
.Dv IFF_MULTICAST
|
|
|
|
may be or'ed into the value). The type of the corresponding
|
1996-06-26 02:17:37 +04:00
|
|
|
.Em tun Ns Sy n
|
|
|
|
interface is set to the supplied type. If the value is anything else,
|
|
|
|
an
|
|
|
|
.Er EINVAL
|
|
|
|
error occurs. The interface must be down at the time; if it is up, an
|
|
|
|
.Er EBUSY
|
|
|
|
error occurs.
|
|
|
|
.It Dv TUNSLMODE
|
|
|
|
The argument should be a pointer to an
|
|
|
|
.Va int ;
|
|
|
|
a non-zero value turns on
|
|
|
|
.Dq link-layer
|
|
|
|
mode, causing packets read from the tunnel device to be prepended with
|
|
|
|
network destination address.
|
|
|
|
.It Dv FIONBIO
|
|
|
|
Turn non-blocking I/O for reads off or on, according as the argument
|
|
|
|
.Va int Ns 's
|
|
|
|
value is or isn't zero
|
|
|
|
.Pq Writes are always nonblocking .
|
|
|
|
.It Dv FIOASYNC
|
|
|
|
Turn asynchronous I/O for reads
|
|
|
|
.Po
|
|
|
|
i.e., generation of
|
|
|
|
.Dv SIGIO
|
|
|
|
when data is available to be read
|
|
|
|
.Pc off or on, according as the argument
|
|
|
|
.Va int Ns 's
|
|
|
|
value is or isn't zero.
|
|
|
|
.It Dv FIONREAD
|
|
|
|
If any packets are queued to be read, store the size of the first one
|
|
|
|
into the argument
|
|
|
|
.Va int ;
|
|
|
|
otherwise, store zero.
|
|
|
|
.It Dv TIOCSPGRP
|
|
|
|
Set the process group to receive
|
|
|
|
.Dv SIGIO
|
|
|
|
signals, when asynchronous I/O is enabled, to the argument
|
|
|
|
.Va int
|
|
|
|
value.
|
|
|
|
.It Dv TIOCGPGRP
|
|
|
|
Retrieve the process group value for
|
|
|
|
.Dv SIGIO
|
|
|
|
signals into the argument
|
|
|
|
.Va int
|
|
|
|
value.
|
|
|
|
.El
|
|
|
|
.Pp
|
|
|
|
The control device also supports
|
|
|
|
.Xr select 2
|
|
|
|
for read; selecting for write is pointless, and always succeeds, since
|
|
|
|
writes are always non-blocking.
|
|
|
|
.Pp
|
|
|
|
On the last close of the data device, by default, the interface is
|
|
|
|
brought down
|
|
|
|
.Po as if with
|
|
|
|
.Dq ifconfig tun Ns Sy n No down
|
|
|
|
.Pc .
|
|
|
|
All queued packets are thrown away.
|
1998-05-06 04:03:02 +04:00
|
|
|
If the interface is up when the data device is not open
|
|
|
|
output packets are always thrown away rather than letting
|
|
|
|
them pile up.
|
1996-06-26 02:17:37 +04:00
|
|
|
.Sh SEE ALSO
|
2001-09-22 20:36:21 +04:00
|
|
|
.Xr inet 4 ,
|
|
|
|
.Xr intro 4
|
1996-06-26 02:17:37 +04:00
|
|
|
.Sh BUGS
|
2000-12-12 21:15:38 +03:00
|
|
|
Currently is IPv4-only.
|