On Wed, Jul 02, 2025 at 10:31:32PM +0200, Rhialto wrote:
> On Wed 02 Jul 2025 at 20:09:08 -0000, Michael van Elst wrote:
> > You can also configure a vether interface and add that. This
> > creates a more isolated guest network together with the host.
> > This can then be routed to the host network (with or without NAT).
>
> The vether(4) manual page is totally insufficient for knowing why I
> would use vether rather than tap; what the differences and similarities
> are. It doesn't even say how to get packets into or out of it as a
> userland program.
Originally you would use tap for two purposes. As a method for
userland to read and write packets, or as a "private" network
interface (by configuring some IP address on it) accessed with
regular network sockets.
This used to be ambiguous regarding the 'carrier' state of the
interface and confuses dhcpcd.
The behaviour was changed, so tap is only usuable for the first purpose,
and for the second there is vether (which has no device side).
So, for reading/writing packets, use tap and for a private interface
use vether.
Greetings,
--
Michael van Elst
Internet: mlel...@serpens.de
"A potential Snark may lurk in every tree."
