1.\" $NetBSD: tun.4,v 1.2 1997/09/25 13:14:46 matt Exp $ 2.\" Based on PR#2411 3.\" 4.Dd March 10, 1996 5.Dt TUN 4 6.Os NetBSD 1.1 7.Sh NAME 8.Nm tun 9.Nd tunnel software network interface 10.Sh SYNOPSIS 11.Cd pseudo-device tun Op Ar count 12.Sh DESCRIPTION 13The 14.Nm tun 15interface is a software loopback mechanism that can be loosely 16described as the network interface analog of the 17.Xr pty 4 , 18that is, 19.Nm tun 20does for network interfaces what the 21.Nm pty 22driver does for terminals. 23.Pp 24The 25.Nm tun 26driver, like the 27.Nm pty 28driver, provides two interfaces: an interface like the usual facility 29it is simulating 30.Po 31a network interface in the case of 32.Nm tun , 33or a terminal for 34.Nm pty Pc , 35and a character-special device 36.Dq control 37interface. 38.Pp 39The network interfaces are named 40.Sy tun Ns Ar 0 , 41.Sy tun Ns Ar 1 , 42etc, as many in all as the 43.Ar count 44figure given on the 45.Sy pseudo-device 46line. Each one supports the usual network-interface 47.Xr ioctl 2 Ns s , 48such as 49.Dv SIOCSIFADDR 50and 51.Dv SIOCSIFNETMASK , 52and thus can be used with 53.Xr ifconfig 8 54like any other interface. At boot time, they are 55.Dv POINTOPOINT 56interfaces, but this can be changed; see the description of the control 57device, below. When the system chooses to transmit a packet on the 58network interface, the packet can be read from the control device 59.Po 60it appears as 61.Dq input 62there 63.Pc ; 64writing a packet to the control device generates an input 65packet on the network interface, as if the 66.Pq non-existent 67hardware had just received it. 68.Pp 69The tunnel device, normally 70.Pa /dev/tun Ns Sy N , 71is exclusive-open 72.Po 73it cannot be opened if it is already open 74.Pc 75and is restricted to the super-user. A 76.Fn read 77call will return an error 78.Pq Er EHOSTDOWN 79if the interface is not 80.Dq ready 81.Po 82which means that the control device is open and the interface's 83address has been set 84.Pc . 85Once the interface is ready, 86.Fn read 87will return a packet if one is available; if not, it will either block 88until one is or return 89.Er EWOULDBLOCK , 90depending on whether non-blocking I/O has been enabled. If the packet 91is longer than is allowed for in the buffer passed to 92.Fn read , 93the extra data will be silently dropped. 94.Pp 95Packets can be optionally prepended with the destination address as presented 96to the network interface output routine 97.Pq Sq Li tunoutput . 98The destination address is in 99.Sq Li struct sockaddr 100format. The actual length of the prepended address is in the member 101.Sq Li sa_len . 102The packet data follows immediately. 103A 104.Xr write 2 105call passes a packet in to be 106.Dq received 107on the pseudo-interface. Each 108.Fn write 109call supplies exactly one packet; the packet length is taken from the 110amount of data provided to 111.Fn write . 112Writes will not block; if the packet cannot be accepted for a 113transient reason 114.Pq e.g., no buffer space available , 115it is silently dropped; if the reason is not transient 116.Pq e.g., packet too large , 117an error is returned. 118If 119.Dq link-layer mode 120is on 121.Pq see Dv TUNSLMODE No below , 122the actual packet data must be preceded by a 123.Sq Li struct sockaddr . 124The driver currently only inspects the 125.Sq Li sa_family 126field. 127The following 128.Xr ioctl 2 129calls are supported 130.Pq defined in Aq Pa net/if_tun.h Ns : 131.Bl -tag -width TUNSIFMODE 132.It Dv TUNSDEBUG 133The argument should be a pointer to an 134.Va int ; 135this sets the internal debugging variable to that value. What, if 136anything, this variable controls is not documented here; see the source 137code. 138.It Dv TUNGDEBUG 139The argument should be a pointer to an 140.Va int ; 141this stores the internal debugging variable's value into it. 142.It Dv TUNSIFMODE 143The argument should be a pointer to an 144.Va int ; 145its value must be either 146.Dv IFF_POINTOPOINT 147or 148.Dv IFF_BROADCAST 149(optionally 150.Dv IFF_MULTICAST 151may be or'ed into the value). The type of the corresponding 152.Em tun Ns Sy n 153interface is set to the supplied type. If the value is anything else, 154an 155.Er EINVAL 156error occurs. The interface must be down at the time; if it is up, an 157.Er EBUSY 158error occurs. 159.It Dv TUNSLMODE 160The argument should be a pointer to an 161.Va int ; 162a non-zero value turns on 163.Dq link-layer 164mode, causing packets read from the tunnel device to be prepended with 165network destination address. 166.It Dv FIONBIO 167Turn non-blocking I/O for reads off or on, according as the argument 168.Va int Ns 's 169value is or isn't zero 170.Pq Writes are always nonblocking . 171.It Dv FIOASYNC 172Turn asynchronous I/O for reads 173.Po 174i.e., generation of 175.Dv SIGIO 176when data is available to be read 177.Pc off or on, according as the argument 178.Va int Ns 's 179value is or isn't zero. 180.It Dv FIONREAD 181If any packets are queued to be read, store the size of the first one 182into the argument 183.Va int ; 184otherwise, store zero. 185.It Dv TIOCSPGRP 186Set the process group to receive 187.Dv SIGIO 188signals, when asynchronous I/O is enabled, to the argument 189.Va int 190value. 191.It Dv TIOCGPGRP 192Retrieve the process group value for 193.Dv SIGIO 194signals into the argument 195.Va int 196value. 197.El 198.Pp 199The control device also supports 200.Xr select 2 201for read; selecting for write is pointless, and always succeeds, since 202writes are always non-blocking. 203.Pp 204On the last close of the data device, by default, the interface is 205brought down 206.Po as if with 207.Dq ifconfig tun Ns Sy n No down 208.Pc . 209All queued packets are thrown away. 210.Po If the interface is up when the data device is not open 211output packets are always 212thrown away rather than letting them pile up 213.Pc . 214.Sh SEE ALSO 215.Xr intro 4 , 216.Xr inet 4 217.Sh BUGS 218Currently is IP-only. 219