tun - tunnel software network interface


device tun


The tun interface is a software loopback mechanism that can
be loosely
described as the network interface analog of the pty(4),
that is, tun
does for network interfaces what the pty(4) driver does for
The tun driver, like the pty(4) driver, provides two inter
faces: an
interface like the usual facility it is simulating (a net
work interface
in the case of tun, or a terminal for pty(4)), and a charac
device ``control'' interface.
The network interfaces are named ``tun0'', ``tun1'', etc.,
one for each
control device that has been opened. These network inter
faces persist
until the if_tun.ko module is unloaded (if tun is built into
your kernel,
the network interfaces cannot be removed).
The tun interface permits opens on the special control de
vice /dev/tun.
When this device is opened, tun will return a handle for the
unused tun device (use devname(3) to determine which). Con
trol devices
(once successfully opened) persist until if_tun.ko is un
loaded in the
same way that network interfaces persist (see above).
Each interface supports the usual network-interface
ioctl(2)s, such as
SIOCSIFADDR and SIOCSIFNETMASK, and thus can be used with
like any other interface. At boot time, they are POINTO
POINT interfaces,
but this can be changed; see the description of the control
below. When the system chooses to transmit a packet on the
interface, the packet can be read from the control device
(it appears as
``input'' there); writing a packet to the control device
generates an
input packet on the network interface, as if the (non-exis
tent) hardware
had just received it.
The tunnel device (/dev/tunN) is exclusive-open (it cannot
be opened if
it is already open). A read(2) call will return an error
the interface is not ``ready'' (which means that the control
device is
open and the interface's address has been set).
Once the interface is ready, read(2) will return a packet if
one is
available; if not, it will either block until one is or re
EWOULDBLOCK, depending on whether non-blocking I/O has been
enabled. If
the packet is longer than is allowed for in the buffer
passed to read(2),
the extra data will be silently dropped.
If the TUNSLMODE ioctl has been set, packets read from the
control device
will be prepended with the destination address as presented
to the network interface output routine, tunoutput(). The destination
address is
in struct sockaddr format. The actual length of the
prepended address is
in the member sa_len. If the TUNSIFHEAD ioctl has been set,
packets will
be prepended with a four byte address family in network byte
TUNSLMODE and TUNSIFHEAD are mutually exclusive. In any
case, the packet
data follows immediately.
A write(2) call passes a packet in to be ``received'' on the
pseudointerface. If the TUNSIFHEAD ioctl has been set, the ad
dress family must
be prepended, otherwise the packet is assumed to be of type
Each write(2) call supplies exactly one packet; the packet
length is
taken from the amount of data provided to write(2) (minus
any supplied
address family). Writes will not block; if the packet can
not be accepted
for a transient reason (e.g., no buffer space available), it
is silently
dropped; if the reason is not transient (e.g., packet too
large), an
error is returned.
The following ioctl(2) calls are supported (defined in
TUNSDEBUG The argument should be a pointer to an int;
this sets the
internal debugging variable to that value.
What, if anything, this variable controls is not docu
mented here; see
the source code.
TUNGDEBUG The argument should be a pointer to an int;
this stores
the internal debugging variable's value into
TUNSIFINFO The argument should be a pointer to an
struct tuninfo and
allows setting the MTU, the type, and the
baudrate of the
tunnel device. The struct tuninfo is de
clared in
The use of this ioctl is restricted to the
TUNGIFINFO The argument should be a pointer to an
struct tuninfo,
where the current MTU, type, and baudrate
will be stored.
TUNSIFMODE The argument should be a pointer to an int;
its value
CAST and
should have IFF_MULTICAST OR'd into the val
ue if multicast support is required. The type of the
``tunN'' interface is set to the supplied
type. If the
value is outside the above range, an EINVAL
error is
returned. The interface must be down at the
time; if it
is up, an EBUSY error is returned.
TUNSLMODE The argument should be a pointer to an int;
a non-zero
value turns off ``multi-af'' mode and turns
``link-layer'' mode, causing packets read
from the tunnel
device to be prepended with the network des
address (see above).
TUNSIFPID Will set the pid owning the tunnel device to
the current
process's pid.
TUNSIFHEAD The argument should be a pointer to an int;
a non-zero
value turns off ``link-layer'' mode, and en
``multi-af'' mode, where every packet is
preceded with a
four byte address family.
TUNGIFHEAD The argument should be a pointer to an int;
the ioctl
sets the value to one if the device is in
mode, and zero otherwise.
FIONBIO Turn non-blocking I/O for reads off or on,
according as
the argument int's value is or is not zero.
(Writes are
always non-blocking.)
FIOASYNC Turn asynchronous I/O for reads (i.e., gen
eration of
SIGIO when data is available to be read) off
or on,
according as the argument int's value is or
is not zero.
FIONREAD If any packets are queued to be read, store
the size of
the first one into the argument int; other
wise, store
TIOCSPGRP Set the process group to receive SIGIO sig
nals, when
asynchronous I/O is enabled, to the argument
int value.
TIOCGPGRP Retrieve the process group value for SIGIO
signals into
the argument int value.
The control device also supports select(2) for read; select
ing for write
is pointless, and always succeeds, since writes are always
On the last close of the data device, by default, the inter
face is
brought down (as if with ifconfig tunN down). All queued
packets are
thrown away. If the interface is up when the data device is
not open
output packets are always thrown away rather than letting
them pile up.


ioctl(2), read(2), select(2), write(2), devname(3), inet(4),
pty(4), ifconfig(8)


This manual page was originally obtained from NetBSD.
BSD June 5, 2001
Copyright © 2010-2022 Platon Technologies, s.r.o.           Home | Man pages | tLDP | Documents | Utilities | About
Design by styleshout