tunctl添加虚拟网卡TUN/TAP与brctl添加网桥

本文主要是介绍tunctl添加虚拟网卡TUN/TAP与brctl添加网桥，希望对大家解决编程问题提供一定的参考价值，需要的开发者们随着小编来一起学习吧！

1 Linux添加虚拟网卡三种方法

方法1: ifconfig命令创建\删除虚拟网卡

ifconfig eth0:0 192.168.1.10 netmask 255.255.255.0 up

删除虚拟网卡:

ifconfig eth0:0 down

重启服务器或者网络后,虚拟网卡就失效. 注意：添加的虚拟网卡和原网卡物理地址是一样的。

方法2: 修改网卡配置文件

在ubuntu下,修改网卡的配置文件/etc/network/interfaces:

cat /etc/network/interfaces
auto eth0
iface eth0 inet dhcp
auto eth0:1
iface eth0:1 inet staticaddress 192.168.11.1netmask 255.255.255.0gateway 192.168.11.1
auto eth0:2
iface eth0:2 inet staticaddress 192.168.12.1netmask 255.255.255.0gateway 192.168.12.1

保存后,重新加载配置文件才会生效,使用如下命令重启网卡:

service networking restart

优点: 重启服务器或者网卡配置不会丢失。

RHEL系统中，网卡IP配置的文件在/etc/sysconfig/network-scripts/下，文件分别为ehtx或ethx:x，执行命令如下：

#cd /etc/sysconfig/network-scripts/  
#cp ifcfg-eth0 ifcfg-eth0:1  
#vi ifcfg-eth0:1  
DEVICE=eth0  
BOOTPROTO=none  
HWADDR=00:19:D1:24:2A:EC  
ONBOOT=yes  
DHCP_HOSTNAME=zhongqg.localdomain  
IPADDR=192.168.1.55  
NETMASK=255.255.252.0  
GATEWAY=192.168.0.1  
TYPE=Ethernet  
USERCTL=no  
IPV6INIT=no  
PEERDNS=yes

修改其中的IPADDR部分为192.168.1.57，然后保存退出并启动该配置文件！

#ifup eth0:1

方法3：创建tap

前两种方法都有一个特点，创建的网卡可有不同的ip地址，但是Mac地址相同，无法用来创建虚拟机。
使用命令tunctl添加虚拟网卡tap。

2 tunctl安装与使用

2.1 安装apt-get install uml-utilities

root@host:~# tunctl
The program 'tunctl' is currently not installed. You can install it by typing:
apt-get install uml-utilities
root@host:~# apt-get install uml-utilities
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:user-mode-linux
The following NEW packages will be installed:uml-utilities
0 upgraded, 1 newly installed, 0 to remove and 105 not upgraded.
Need to get 61.9 kB of archives.
After this operation, 267 kB of additional disk space will be used.
Get:1 http://us.archive.ubuntu.com/ubuntu/ trusty/universe uml-utilities amd64 20070815-1.3ubuntu1 [61.9 kB]
Fetched 61.9 kB in 2s (27.7 kB/s)
Selecting previously unselected package uml-utilities.
(Reading database ... 60223 files and directories currently installed.)
Preparing to unpack .../uml-utilities_20070815-1.3ubuntu1_amd64.deb ...
Unpacking uml-utilities (20070815-1.3ubuntu1) ...
Processing triggers for ureadahead (0.100.0-16) ...
ureadahead will be reprofiled on next reboot
Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
Setting up uml-utilities (20070815-1.3ubuntu1) ...* Starting User-mode networking switch uml_switch                                                                         [ OK ]
Processing triggers for ureadahead (0.100.0-16) ...

2.2 使用tunctl

NAME
tunctl — create and manage persistent TUN/TAP interfaces
SYNOPSIS
tunctl [-f tun-clone-device] [-u owner] [-t device-name]
tunctl [-f tun-clone-device] -d device-name
DESCRIPTION
This manual page documents briefly the tunctl command.
This manual page was written for the Debian GNU/Linux distribution because the original program does not have a manual
page. Instead, it has documentation in HTML format; see below.
tunctl allows the host sysadmin to preconfigure a TUN/TAP device for use by a particular user. That user may open and
use the device, but may not change any aspects of the host side of the interface.
USAGE
To create an interface for use by a particular user, invoke tunctl without the -d option:
tunctl -u someuser #Set 'tap0' persistent and owned by 'someuser'
Then, configure the interface as normal:
ifconfig tap0 192.168.0.254 up
route add -host 192.168.0.253 dev tap0
bash -c 'echo 1 > /proc/sys/net/ipv4/conf/tap0/proxy_arp'
arp -Ds 192.168.0.253 eth0 pub

To delete the interface, use the -d option:
tunctl -d tap0 #Set 'tap0' nonpersistent

3 TUN/TAP

tun/tap 驱动程序实现了虚拟网卡的功能， tun表示虚拟的是点对点设备，tap表示虚拟的是以太网设备，这两种设备针对网络包实施不同的封装。利用tun/tap 驱动，可以将tcp/ip协议栈处理好的网络分包传给任何一个使用tun/tap驱动的进程，由进程重新处理后再发到物理链路中。

3.1 Tun/Tap驱动程序工作原理

做为虚拟网卡驱动，Tun/Tap驱动程序的数据接收和发送并不直接和真实网卡打交道，而是 在Linux内核中添加了一个TUN/TAP虚拟网络设备的驱动程序和一个与之相关连的字符设备 /dev/net/tun，字符设备tun作为用户空间和内核空间交换数据的接口。
当内核将数据包发送到虚拟网络设备时，数据包被保存在设备相关的一个队列中，直到用户空间程序通过打开的字符设备tun的描述符读取时，它才会被拷贝到用户空间的缓冲区中，其效果就相当于，数据包直接发送到了用户空间。通过系统调用write发送数据包时其原理与此类似。
在linux下，要实现内核空间和用户空间数据的交互，有多种方式：可以通用socket创建特殊套接字，利用套接字实现数据交互；通过proc文件系统创建文件来进行数据交互；还可以使用设备文件的方式，访问设备文件会调用设备驱动相应的例程，设备驱动本身就是内核空间和用户空间的一个接口， Tun/tap驱动就是利用设备文件实现用户空间和内核空间的数据交互。

从结构上来说，Tun/tap驱动并不单纯是实现网卡驱动，同时它还实现了字符设备驱动部分。以字符设备的方式连接用户空间和内核空间。
Tun/tap 驱动程序中包含两个部分，一部分是字符设备驱动，还有一部分是网卡驱动部分。利用网卡驱动部分接收来自TCP/IP协议栈的网络分包并发送或者反过来将接收到的网络分包传给协议栈处理，而字符驱动部分则将网络分包在用户空间和内核空间之间传送，模拟物理链路的数据接收和发送。Tun/tap驱动很好的实现了两种驱动的结合。

3.2 设置

3.2.1 确认内核是否支持tun/tap

确认内核是否有tun模块

  [root@hunterfu]# modinfo tunfilename:       /lib/modules/2.6.34.7-56.fc13.i686.PAE/kernel/drivers/net/tun.koalias:          char-major-10-200license:        GPLauthor:         (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>description:    Universal TUN/TAP device driversrcversion:     880DE258930FE60D765B735depends:        vermagic:       2.6.34.7-56.fc13.i686.PAE SMP mod_unload 686

加载内核模块

  [root@hunterfu ~]#  modprobe tun[root@hunterfu ~]# lsmod | grep tuntun                    10548  1

执行以上命令后，出现如上输出，说明模块加载成功

3.2.2 创建和配置虚拟网卡

确认是否有tunctl命令,如果没有通过yum安装即可
apt-get install uml-utilities 或 yum install tunctl
创建虚拟网卡设备
tunctl -t tap0 -u root
设置虚拟网卡
ifconfig tap0 192.168.0.1 netmask 255.255.255.0 promisc
经过如上操作后，虚拟网卡已经建立和配置好了。

3.2.3 作为系统服务随系统自动启动创建虚拟网卡

编写配置脚本(符合chkconfig规范)

[root@hunterfu ~]# cat /etc/init.d/config_tap #!/bin/bash## config_tap          Start up the tun/tap virtual nic## chkconfig: 2345 55 25USER="root"TAP_NETWORK="192.168.0.1"TAP_DEV_NUM=0DESC="TAP config"do_start() {if [ ! -x /usr/sbin/tunctl ]; thenecho "/usr/sbin/tunctl was NOT found!"exit 1fitunctl -t tap$TAP_DEV_NUM -u rootifconfig tap$TAP_DEV_NUM ${TAP_NETWORK}  netmask 255.255.255.0 promiscifconfig tap$TAP_DEV_NUM}do_stop() {ifconfig tap$TAP_DEV_NUM down }do_restart() {do_stopdo_start}check_status() {ifconfig tap$TAP_DEV_NUM }case $1 in start)    do_start;;stop)     do_stop;;restart)  do_restart;;status)echo "Status of $DESC: "check_statusexit "$?";;*)echo "Usage: $0 {start|stop|restart|status}"exit 1 esac

可以根据具体需求修改此脚本
加入到系统服务中

  [root@hunterfu ~]# chkconfig --add config_tap [root@hunterfu ~]# chkconfig --level 345 config_tap on

操作完成后，就可以像其他标准服务一样，通过 service config_tap start 来进行创建和启动操作

4 tunctl添加tap并用brctl添加到网桥

root@host# ifconfig -a
eth0      Link encap:Ethernet  HWaddr fa:16:3e:7b:4e:e1inet addr:192.168.33.24  Bcast:192.168.47.255  Mask:255.255.240.0inet6 addr: fe80::f816:3eff:fe7b:4ee1/64 Scope:LinkUP BROADCAST RUNNING MULTICAST  MTU:1454  Metric:1RX packets:5922 errors:0 dropped:0 overruns:0 frame:0TX packets:2002 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:1000RX bytes:503405 (503.4 KB)  TX bytes:322612 (322.6 KB)lo        Link encap:Local Loopbackinet addr:127.0.0.1  Mask:255.0.0.0inet6 addr: ::1/128 Scope:HostUP LOOPBACK RUNNING  MTU:65536  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)root@host# tunctl
Set 'tap0' persistent and owned by uid 0
root@host# ifconfig -a
eth0      Link encap:Ethernet  HWaddr fa:16:3e:7b:4e:e1inet addr:192.168.33.24  Bcast:192.168.47.255  Mask:255.255.240.0inet6 addr: fe80::f816:3eff:fe7b:4ee1/64 Scope:LinkUP BROADCAST RUNNING MULTICAST  MTU:1454  Metric:1RX packets:6089 errors:0 dropped:0 overruns:0 frame:0TX packets:2057 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:1000RX bytes:514735 (514.7 KB)  TX bytes:339978 (339.9 KB)lo        Link encap:Local Loopbackinet addr:127.0.0.1  Mask:255.0.0.0inet6 addr: ::1/128 Scope:HostUP LOOPBACK RUNNING  MTU:65536  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)tap0      Link encap:Ethernet  HWaddr 7e:13:f1:29:c0:edBROADCAST MULTICAST  MTU:1500  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:500RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)root@host# tunctl
Set 'tap1' persistent and owned by uid 0
root@host# ifconfig -a
eth0      Link encap:Ethernet  HWaddr fa:16:3e:7b:4e:e1inet addr:192.168.33.24  Bcast:192.168.47.255  Mask:255.255.240.0inet6 addr: fe80::f816:3eff:fe7b:4ee1/64 Scope:LinkUP BROADCAST RUNNING MULTICAST  MTU:1454  Metric:1RX packets:6323 errors:0 dropped:0 overruns:0 frame:0TX packets:2116 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:1000RX bytes:530988 (530.9 KB)  TX bytes:347960 (347.9 KB)lo        Link encap:Local Loopbackinet addr:127.0.0.1  Mask:255.0.0.0inet6 addr: ::1/128 Scope:HostUP LOOPBACK RUNNING  MTU:65536  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)tap0      Link encap:Ethernet  HWaddr 7e:13:f1:29:c0:edBROADCAST MULTICAST  MTU:1500  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:500RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)tap1      Link encap:Ethernet  HWaddr 7e:6a:fc:31:18:35BROADCAST MULTICAST  MTU:1500  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:500RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)root@host# brctl show
bridge name     bridge id               STP enabled     interfaces
root@host# ifconfig tap0 0.0.0.0
root@host# ifconfig tap1 0.0.0.0
root@host# ifconfig -a
eth0      Link encap:Ethernet  HWaddr fa:16:3e:7b:4e:e1inet addr:192.168.33.24  Bcast:192.168.47.255  Mask:255.255.240.0inet6 addr: fe80::f816:3eff:fe7b:4ee1/64 Scope:LinkUP BROADCAST RUNNING MULTICAST  MTU:1454  Metric:1RX packets:7246 errors:0 dropped:0 overruns:0 frame:0TX packets:2525 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:1000RX bytes:595705 (595.7 KB)  TX bytes:545518 (545.5 KB)lo        Link encap:Local Loopbackinet addr:127.0.0.1  Mask:255.0.0.0inet6 addr: ::1/128 Scope:HostUP LOOPBACK RUNNING  MTU:65536  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)tap0      Link encap:Ethernet  HWaddr 7e:13:f1:29:c0:edUP BROADCAST MULTICAST  MTU:1500  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:500RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)tap1      Link encap:Ethernet  HWaddr 7e:6a:fc:31:18:35UP BROADCAST MULTICAST  MTU:1500  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:500RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)root@host# brctl addbr br-zhai
root@host# brctl addif br-zhai tap0
root@host# brctl addif br-zhai tap1
root@host# ifconfig -a
br-zhai   Link encap:Ethernet  HWaddr 7e:13:f1:29:c0:edBROADCAST MULTICAST  MTU:1500  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)eth0      Link encap:Ethernet  HWaddr fa:16:3e:7b:4e:e1inet addr:192.168.33.24  Bcast:192.168.47.255  Mask:255.255.240.0inet6 addr: fe80::f816:3eff:fe7b:4ee1/64 Scope:LinkUP BROADCAST RUNNING MULTICAST  MTU:1454  Metric:1RX packets:7515 errors:0 dropped:0 overruns:0 frame:0TX packets:2616 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:1000RX bytes:615539 (615.5 KB)  TX bytes:561216 (561.2 KB)lo        Link encap:Local Loopbackinet addr:127.0.0.1  Mask:255.0.0.0inet6 addr: ::1/128 Scope:HostUP LOOPBACK RUNNING  MTU:65536  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)tap0      Link encap:Ethernet  HWaddr 7e:13:f1:29:c0:edUP BROADCAST MULTICAST  MTU:1500  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:500RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)tap1      Link encap:Ethernet  HWaddr 7e:6a:fc:31:18:35UP BROADCAST MULTICAST  MTU:1500  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:500RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)root@host# brctl show
bridge name     bridge id               STP enabled     interfaces
br-zhai         8000.7e13f129c0ed       no              tap0tap1
root@host# ifconfig br-zhai 192.168.9.1 up
root@host# ifconfig br-zhai
br-zhai   Link encap:Ethernet  HWaddr 7e:13:f1:29:c0:edinet addr:192.168.9.1  Bcast:192.168.9.255  Mask:255.255.255.0UP BROADCAST MULTICAST  MTU:1500  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
root@host# brctl showmacs br-zhai
port no mac addr                is local?       ageing timer1     7e:13:f1:29:c0:ed       yes                0.002     7e:6a:fc:31:18:35       yes                0.00
root@host# brctl
Usage: brctl [commands]
commands:addbr           <bridge>                add bridgedelbr           <bridge>                delete bridgeaddif           <bridge> <device>       add interface to bridgedelif           <bridge> <device>       delete interface from bridgehairpin         <bridge> <port> {on|off}        turn hairpin on/offsetageing       <bridge> <time>         set ageing timesetbridgeprio   <bridge> <prio>         set bridge prioritysetfd           <bridge> <time>         set bridge forward delaysethello        <bridge> <time>         set hello timesetmaxage       <bridge> <time>         set max message agesetpathcost     <bridge> <port> <cost>  set path costsetportprio     <bridge> <port> <prio>  set port priorityshow            [ <bridge> ]            show a list of bridgesshowmacs        <bridge>                show a list of mac addrsshowstp         <bridge>                show bridge stp infostp             <bridge> {on|off}       turn stp on/offroot@host# ifconfig tap0 promisc
root@host# ifconfig
br-zhai   Link encap:Ethernet  HWaddr 7e:13:f1:29:c0:edinet addr:192.168.9.1  Bcast:192.168.9.255  Mask:255.255.255.0UP BROADCAST MULTICAST  MTU:1500  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)eth0      Link encap:Ethernet  HWaddr fa:16:3e:7b:4e:e1inet addr:192.168.33.24  Bcast:192.168.47.255  Mask:255.255.240.0inet6 addr: fe80::f816:3eff:fe7b:4ee1/64 Scope:LinkUP BROADCAST RUNNING MULTICAST  MTU:1454  Metric:1RX packets:115463 errors:0 dropped:0 overruns:0 frame:0TX packets:6834 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:1000RX bytes:11942923 (11.9 MB)  TX bytes:1083602 (1.0 MB)lo        Link encap:Local Loopbackinet addr:127.0.0.1  Mask:255.0.0.0inet6 addr: ::1/128 Scope:HostUP LOOPBACK RUNNING  MTU:65536  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)tap0      Link encap:Ethernet  HWaddr 7e:13:f1:29:c0:edUP BROADCAST PROMISC MULTICAST  MTU:1500  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:500RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)tap1      Link encap:Ethernet  HWaddr 7e:6a:fc:31:18:35UP BROADCAST MULTICAST  MTU:1500  Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:0 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:500RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

参考：
1 Linux操作系统下Virtual Box的网络设置：http://www.51cto.com/art/200709/56461.htm

Linux

多网卡绑定、

别名

2 Linux多网卡绑定、IP别名：https://wenku.baidu.com/view/6a4c0e6f31126edb6f1a10a4.html

这篇关于tunctl添加虚拟网卡TUN/TAP与brctl添加网桥的文章就介绍到这儿，希望我们推荐的文章对编程师们有所帮助！