【轉】Linux虛擬網絡基礎——tap

原文：https://blog.csdn.net/chengqiuming/article/details/80071073

-------------------------------------------------------------------

一 介紹
Linux中談到tap，經常會和tun並列談論。兩者都是操作系統內核中的虛擬網絡設備。tap位於二層，tun位於三層。需要說明的是，這里所說的設備是Linux的概念，並不是我們平時生活中所說的設備。比如，生活中，我們常常把一台物理路由器稱為一台設備。
而Linux所說的設備，其背后指的是一個類似於數據結構、內核模塊或設備驅動着樣的含義。像tap/tun這樣的設備，它的數據結構如下：
struct tun_struct {
char name[8]; //設備名
unsigned long flags; //區分tun和tap設備
struct fasync_struct *fasync; //文件異步通知結構
wait_queue_head_t read_wait; //等待隊列
struct net_device dev; //linux 抽象網絡設備結構
struct sk_buff_head txq; //網絡緩沖區隊列
struct net_device_stats stats; //網卡狀態信息結構
};
我們看到，甚至連數據結構，tap和tun的定義都是一個，兩者僅僅是通過一個Flag來區分。不過從背后所承載的功能而言，兩者還是有比較大的區別：tap位於網絡OSI模型的二層（數據鏈路層），tun位於網絡的三層。
本篇只介紹tap。
tap從功能上講，位於數據鏈路層，數據鏈路層的主要協議有：
1 點對點協議（Point-to-Point Protocol）
2 以太網（Ethernet）
3 高級數據鏈路協議（High-Level Data Link Protocol）
4 幀中繼（Frame Relay）
5 異步傳輸模式（Asynchronous Transfer Mode）
但是tap只是與其中一種協議以太網（Ethernet）協議對應。所以，tap有時也稱為“虛擬以太設備”。

二 實戰
#要想使用Linux命令行操作一個tap，首先得有tun模塊（Linux使用tun模塊實現了tun/tap）,檢查方法如下：
[root@centos ~]# modinfo tun
filename: /lib/modules/3.10.0-327.el7.x86_64/kernel/drivers/net/tun.ko
alias: devname:net/tun
alias: char-major-10-200
license: GPL
author: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
description: Universal TUN/TAP device driver
rhelversion: 7.2
srcversion: B59BCB1255A36FBC7557FC3
depends:
intree: Y
vermagic: 3.10.0-327.el7.x86_64 SMP mod_unload modversions
signer: CentOS Linux kernel signing key
sig_key: 79:AD:88:6A:11:3C:A0:22:35:26:33:6C:0F:82:5B:8A:94:29:6A:B3
sig_hashalgo: sha256
#當Linux版本具有tun模塊時，還得看看其已經加載，檢查方法如下：
[root@centos ~]# lsmod|grep tun
tun 27141 1
#如果已經加載，則會出現上述的“tun ***”那一行。如果沒有加載，則使用如下命令進行加載：
[root@centos ~]# modprobe tun
#當我們確認Linux加載了tun模塊以后，我們需要確認Linux是否有操作tun/tap的命令行工具tunctl。在Linux命令行中輸入以下命令
[root@centos ~]# tunctl help
#輸入這個命令后，如果Linux有輸入，則說明OK，否則下面網站進行安裝
#https://blog.csdn.net/lopng/article/details/72821438
#具備了tun和tunctl以后，我們就可以創建一個tap設備，命令行如下：
[root@centos yum.repos.d]# tunctl -t tap_test
Set 'tap_test' persistent and owned by uid 0
#我們通過如下命令查看剛剛創建的tep（tap_test）
[root@centos yum.repos.d]# ip link list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 08:00:27:12:f4:ac brd ff:ff:ff:ff:ff:ff
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 500
link/ether 52:54:00:1b:2a:d5 brd ff:ff:ff:ff:ff:ff
5: tap_test: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 500
link/ether 36:c3:5e:1a:6d:f7 brd ff:ff:ff:ff:ff:ff
#我們也可以通過如下命令查看
[root@centos yum.repos.d]# ifconfig -a
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.101 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::a00:27ff:fe12:f4ac prefixlen 64 scopeid 0x20<link>
ether 08:00:27:12:f4:ac txqueuelen 1000 (Ethernet)
RX packets 6364 bytes 8271654 (7.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1770 bytes 172967 (168.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 8 bytes 1104 (1.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 1104 (1.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tap_test: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether 36:c3:5e:1a:6d:f7 txqueuelen 500 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 00:00:00:00:00:00 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0-nic: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether 52:54:00:1b:2a:d5 txqueuelen 500 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#通過上面的命令行的輸出，我們看到，這個tap_test還沒有綁定IP地址。執行如下命令，給其綁定IP地址：
[root@centos yum.repos.d]# ip addr add local 192.168.100.1/24 dev tap_test
#使用ifconfig -a命令再查看一下
[root@centos yum.repos.d]# ifconfig -a
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.101 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::a00:27ff:fe12:f4ac prefixlen 64 scopeid 0x20<link>
ether 08:00:27:12:f4:ac txqueuelen 1000 (Ethernet)
RX packets 6500 bytes 8282430 (7.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1845 bytes 183755 (179.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 8 bytes 1104 (1.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 1104 (1.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tap_test: flags=4098<BROADCAST,MULTICAST> mtu 1500
inet 192.168.100.1 netmask 255.255.255.0 broadcast 0.0.0.0
ether 36:c3:5e:1a:6d:f7 txqueuelen 500 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 00:00:00:00:00:00 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0-nic: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether 52:54:00:1b:2a:d5 txqueuelen 500 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#到此，一個tap設備就創建完了
————————————————
版權聲明：本文為CSDN博主「cakincqm」的原創文章，遵循 CC 4.0 BY-SA 版權協議，轉載請附上原文出處鏈接及本聲明。
原文鏈接：https://blog.csdn.net/chengqiuming/article/details/80071073