Understanding tun0 addresses

network-interfaceopenvpntunnelingvpn

I have already done some searching and more or less understand what a tun0 interface does. I got the following from various sources,

Packets sent by an operating system via a tun/tap device are delivered
to a user-space program which attaches itself to the device. A
user-space program may also pass packets into a tun/tap device. In
this case the tun/tap device delivers (or “injects”) these packets to
the operating-system network stack thus emulating their reception from
an external source. tun/tap interfaces are software-only interfaces,
meaning that they exist only in the kernel and, unlike regular network
interfaces, they have no physical hardware component (and so there’s
no physical wire connected to them).

You can think of a tun/tap interface as a regular network interface
that, when the kernel decides that the moment has come to send data
“on the wire”, instead sends data to some userspace program that is
attached to the interface.

Now, if I compare outputs for eth0 and tun0, I see something like this.

ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:14:22:50:78:71  
          inet addr:172.16.210.32  Bcast:172.16.255.255  Mask:255.255.0.0
...
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
<snipped>

ifconfig tun0
tun0      Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1

Now, if we try to compare the two, we find these differences,

  1. eth0 does have a MAC address, and understandably tun0 does not.

  2. eth0 is working in broadcast mode, and tun0 is working in point-to-point mode.

I have the following points I do not understand.

  1. What is the role of address P-t-P:10.8.0.2 in this scenario?

  2. Why is the subnet mask of tun0 set to 255.255.255.255?

Best Answer

Hardware network links can be either point to point or point to multipoint. ppp links are point to point, ethernet is point to multipoint. tun can act as either, in your case it is acting as a point to point link. a point to multipoint interface has four addresses associated with it, specifically ip address (the address of the interface), network address, broadcast address, and netmask. A point to point link has two addresses associated with it, specifically ip address (the near address) and the point to point peer address (the far address). Since the point to point link will only work with the two addresses, the broadcast, and network addresses and the netmask do not have useful data or have flag values.

A final point tun interfaces can have mac addresses, they just don't have default mac addresses.

Related Question