logo

Network Interfaces

Network Interface Names

Naming conventions (what you may see in ip a):

  • if it has firmware or BIOS-provided index numbers for onboard devices. => eno1
  • else if it has firmware or BIOS-provided PCI Express (PCIe) hot plug slot index numbers => ens1
  • else if it has the physical location of the connector of the hardware => enp1s0, enp2s0
  • else => eth0 (The traditional unpredictable kernel naming scheme.)

to config:

/usr/lib/systemd/network/99-default.link => NamePolicy

veth

Virtual Ethernet interfaces (veth) always come in pairs, and they are connected like a tube—whatever comes in one veth interface will come out the other peer veth interface.

use veth interfaces to connect a network namespace to the outside world via the default or global namespace where physical interfaces exist.

# Create the veth pair
$ ip link add veth0 type veth peer name veth1

# Move one of the veth interfaces to another network namespace
$ ip link set veth1 netns foo

Combine the 2 steps:

$ ip link add veth0 type veth peer name veth1 netns foo

Verify

$ ip netns exec foo ip link list

tun/tap

  • tun lets a user-space process send/receive Layer 3 IP packets.
  • tap lets a user-space process send/receive Layer 2 Ethernet frames.

Ethernet is a layer below IP, it cares about MAC addresses but it doesn't care about IP addresses; so does L2 switches.

When to use taps:

  • if you want to do virtual switching.
  • if you need to deal with a protocol that needs to use Ethernet broadcasts, like DHCP.

tap can be user accessible, it just needs to be part of a bridge. The entire bridge consisting of one or more NICs will have an IP, and the individual interfaces of the bridge function like a switch.

macvtap

A macvtap device is a newer device driver that enables Network bridge-like networking, but with a much simpler set up process. This is most useful for virtualization.

For most purposes, the only disadvantage compared to a network bridge is that the host will not be able to communicate with the guests via this network.

Each virtual interface has its own MAC address and is attached to the physical interface.

MACVTAP is a relatively new replacement for TAP interface, but also use /dev/tapXY as classic TAP.

Since MACVTAP can be connected directly to the physical network card (same as bridge), so it can replace the combination of the tun/tap + bridge drivers.

  • old: LAN(NIC) + BRIDGE + TAP
  • new: LAN(NIC) + MACVTAP
logo
PRIVACY POLICYABOUT中文