Virtual networking devices in Linux Virtual networking devices in Linux linux linux

Virtual networking devices in Linux


linux networking virtual tap

Linux tap interfaces created with ip tuntap cannot be used to attach network namespaces to linuxbridges or the openvswitch so we need to depend upon veth pair.

Virtual Ethernet interfaces come in pairs, and they are connected like a tube—whatever comes in one veth interface will come out the other peer veth interface.As a result, you can use veth interfaces to connect a network namespace to the outside world via the “default” or “global” namespace where physical interfaces exist.

A TAP device, such as vnet0 is how hypervisors such as KVM and Xen implement a virtual network interface card (typically called a VIF or vNIC). An Ethernet frame sent to a TAP device is received by the guest operating system.

linux networking virtual tap

The purpose of these virtual networking artifacts are similar. But there are subtle differences and hence they are used in different circumstances:

  1. TAP: The user-space application/VM can read or write an ethernet frame to the tap interface and it would reach the host kernel, where it would be handled like any other ethernet frame that reached the kernel via physical (e.g. eth0) ports. You can potentially add it to a software-bridge (e.g. linux-bridge)

  2. VETH: Typically used when you are trying to connect two entities which would want to "get hold of" (for lack of better phrase) an interface to forward/receive frames. These entities could be containers/bridges/ovs-switch etc. Say you want to connect a docker/lxc container to OVS. You can create a veth pair and push the first interface to the docker/lxc (say, as a phys interface) and push the other interface to OVS. You cannot do this with TAP.

Please note that we should not misconstrue that we need to use VETH and not tap when using the OVS. We can always create the internal ports in OVS which behave exactly like the tap interface. But this is not always possible, for instance when you want to connect to an entity that cannot synthesise a tap-like interface. I.e.:

$ ovs-vsctl add-port ovs-switch-name tap0

Now you can use tap0 like we use the tap interfaces.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last