1. Overview
As system administrators working with Linux systems, it’s important to understand the different types of network interfaces that exist. This knowledge is crucial for troubleshooting connectivity issues, optimizing network performance, and making sure the network runs smoothly.
In this tutorial, we’ll begin by discussing the unique characteristics of each interface type, and dive into detailed steps on how to create them. Lastly, we’ll show how to check for the types of network interfaces we have on our system.
2. Network Interface Types
In Linux, a network interface is a software component that provides access to a physical network. A network interface can be a physical device, such as an ethernet card or wireless adapter, or a virtual device, such as a TUN or TAP interface.
Linux supports a wide variety of network interface types – TUN, TAP, bridge, and physical – each with its own characteristics and uses cases.
3. Creating Network Interfaces
Now that we’ve introduced the different types of network interfaces in Linux, let’s take a closer look at each interface type and learn how to create them.
3.1. TUN Network Interface
The TUN interface is a virtual point-to-point interface in Linux for VPN connections. It creates secure tunnels between two networks over an insecure network, such as the Internet.
Creating a TUN interface is a simple process. Software applications create TUN interfaces to encrypt all traffic passing through them. Additionally, the TUN interface operates at the network layer of the OSI model, which allows traffic to be sent between hosts as if they were directly connected.
In Linux, we can create a TUN interface using the tunctl command with the -t flag. This command is typically available as part of the uml-utilities package. To use this command, we need to specify the name of the interface as an argument.
For example, let’s create a TUN interface named tun0:
$ sudo tunctl -t tun0
Set 'tun0' persistent and owned by uid 0
Then, we configure it like any other network interface using the ip command.
For instance**, let’s assign an IP address to the tun0 interface**:
$ sudo ip addr add 10.0.0.1/24 dev tun0
$ ip addr show tun0
5: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 500
link/none
inet 10.0.0.1/24 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::d6d0:9ac7:7828:698d/64 scope link stable-privacy
valid_lft forever preferred_lft forever
This command sets the IP address of the tun0 interface to 10.0.0.1 with a netmask of 24 bits and brings it up. The output includes some additional information about the interface, such as its mtu and qlen values, and an inet6 address. Now that the interface is up and running, we can use it for communication between two endpoints.
3.2. TAP Network Interface
The TAP interface is another type of virtual network interface in Linux useful for emulating a layer 2 device. It allows Virtual Machines (VMs) to communicate with the host and other VMs on the same network.
Creating a TAP interface involves creating a virtual switch that connects the host and VMs on the same network. When a VM sends a packet, the TAP interface receives the packet, which forwards the packet to the host operating system for processing. Then, the host operating system forwards the packet to the appropriate network interface or to another VM on the same network.
We can use the tunctl command with the -b and -t flags to create a TAP interface:
$ sudo tunctl -b -t tap0
Set 'tap0' persistent and owned by uid 0
Here, the command creates a TAP interface named tap0.
Alternatively, we can also use the ip tuntap command, which is available by default in most modern Linux distributions:
$ sudo ip tuntap add dev tap0 mode tap
In this case, the add subcommand creates a new interface, and the dev parameter specifies the name of the new interface. The mode parameter specifies the mode of the interface, which can be either tun for a TUN interface or tap for a TAP interface.
If this command completes without any output, it indicates that the process is successful. Otherwise, if there are any errors or issues in the creation, the command line displays the error message.
Now, we’ve created a TAP interface named tap0. We can also assign an IP address and a netmask to this TAP interface:
$ sudo ip addr add 10.0.0.2/24 dev tap0
Our output is similar to our previous interaction, indicating that the tap0 interface is now up and running with the specified IP address of 10.0.0.2 and netmask of 24 bits.
3.3. Bridge Network Interface
The bridge interface is a virtual network device that connects multiple network interfaces together at the data link layer. It’s common in virtualization environments to allow multiple VMs to share a single physical network interface.
This interface works by creating a virtual switch that connects multiple network interfaces concurrently. When one network interface receives a packet, it forwards it to all other interfaces that are connected to the bridge. This allows all devices on the network to communicate with each other as if they were directly connected.
However, to create a bridge interface, we need to install the brctl command on our system via the bridge-utils package:
$ sudo apt-get install bridge-utils
Afterward, we can now use the brctl command to create a bridge interface:
$ sudo brctl addbr br0
Here, we create a new bridge interface named br0.
Then, we can add network interfaces to the bridge using the brctl addif command:
$ sudo brctl addif br0 tap0
$ sudo brctl addif br0 tun0
Lastly, we set the bridge interface to be up and running using the ip link set command:
$ sudo ip link set br0 up
With this, our bridge interface is up and running. We should note that these commands generally do not produce any output unless there is an error or issue. The absence of output, in this case, indicates that the processes are successful.
3.4. Physical Network Interface
Lastly, a physical interface, also known as a network adapter or network interface card (NIC), is a hardware device that connects a computer to a physical network. It provides the physical connection between the computer and the network to facilitate the transmission and retrieval of data.
Physical interfaces can be either built into the motherboard or added to the computer as an expansion card. They connect to the network using an ethernet cable and operate at the data link layer of the OSI model.
Generally, we can use the ip addr command to configure a physical interface:
$ sudo ip addr add 192.168.0.2/24 dev eth0
Here, we use the command to set the IP address of the eth0 interface to 192.168.0.2 with a netmask of 24 bits. We can also use this command for other network settings for the physical interface.
4. Checking Network Interface Types
Now that we have an understanding of network interfaces, their types, and how to create them, let’s discuss how to check for the type of network interface on our Linux system.
4.1. Using the ethtool Command
ethtool is a command-line tool that allows us to view and modify network interface settings. For example, to check the type of a TUN or TAP interface, we can use the ethtool command with the -i option.
Let’s check for the tun0 interface we created earlier:
$ sudo ethtool -i tun0
driver: e1000e
version: 3.2.6-k
firmware-version: 0.13-4
bus-info: tun
supports-statistics: no
supports-test: no
supports-eeprom-access: no
supports-register-dump: no
supports-priv-flags: no
As we can see from our output, the bus-info field shows tun, meaning it is a TUN interface. Otherwise, if it shows tap, then the interface is a TAP interface. This applies to every checked interface.
4.2. Checking the /sys/class/net/ Directory
The /sys/class/net directory contains a list of all the network interfaces on our system. By looking at the files and directories inside this directory, we can determine the network interface types on our system.
Let’s start by checking for TUN and TAP interfaces. We can identify them by the presence of a tun_flags file in their directory. For example, the TAP interface tap0 has a file at /sys/class/net/tap0/tun_flags.
Similarly, the presence of a bridge directory in the interface directory indicates a bridge interface. For instance, the bridge br0 we created earlier can be identified as a bridge by the presence of a directory /sys/class/net/br0/bridge.
On the other hand, loopback interfaces are identified by the presence of an all-zero MAC address in their /sys/class/net/
Lastly, physical interfaces are known by the presence of a device symlink in their directory. For instance, the interface eth0 identifies as a physical interface by the presence of a symlink at the /sys/class/net/eth0/device directory.
However, checking these individual files and directories can be tedious, but fortunately, we can automate these long checks and processes with a simple bash script that looks for the presence of the respective file in the sys/class/net/ directory:
#!/bin/bash
# Set the interface name
interface_name="$1"
# Set the interface path based on the interface name
interface_path="/sys/class/net/$interface_name"
# Check if the interface is a TAP or TUN interface
if [ -f "$interface_path/tun_flags" ]; then
echo "$interface_name is a TUN or TAP interface"
# Check if the interface is a bridge interface
elif [ -d "$interface_path/bridge" ]; then
echo "$interface_name is a bridge interface"
# Check if the interface is a loopback interface
elif [ "$(cat "$interface_path/address")" = "00:00:00:00:00:00" ]; then
echo "$interface_name is a loopback interface"
# Check if the interface is a physical interface
elif [ -L "$interface_path/device" ]; then
echo "$interface_name is a physical interface"
else
echo "Could not determine interface type for $interface_name"
fi
This script contains the combined code for checking all interface types (TAP, bridge, loopback, and physical) and takes one argument – the interface we want to check. It does this by checking the /sys/class/net/ directory, thus if we don’t provide an argument, it will give us an error message.
Let’s now save the script as check_interface_type.sh and execute it with an argument:
$ ./check_interface_type.sh tap0
tap0 is a is a TUN or TAP interface
Here, we pass tap0 as an argument to the script to check whether it is a TUN/TAP, bridge, loopback, or physical interface. The output of the script shows that it is a TUN/TAP interface.
There we go! Similarly, we can pass any network interface on our system as an argument to this script and determine the type of network interface it is.
4.3. Using the ip Command
We can also use the ip command with the -d option in a Bash script to check for the TUN or TAP interface:
#!/bin/bash
interface_name="$1"
interface_type="$(ip -d link show $interface_name | awk '/link\/tun/ {print "TUN"} /link\/tap/ {print "TAP"}')"
if [[ -n "$interface_type" ]]; then
echo "$interface_name is a $interface_type interface"
else
echo "$interface_name is not a TUN or TAP interface"
fi
In this script, we check whether tap0 is a TUN or TAP network interface using the ip command with the -d option. This displays the type of interface if it’s a TUN or TAP. Then, the awk command extracts the interface type from the ip output and prints a message indicating whether the interface is a TUN or TAP interface:
$ ./script.sh tun0
tun0 is a TUN interface
As we can see, our output indicates that the tun0 interface is a TUN interface.
Alternatively, we can use the ip tuntap command in this script:
#!/bin/bash
interface_name="$1"
interface_type="$(ip tuntap show $interface_name | awk '{print $2}')"
if [[ "$interface_type" == "tap" || "$interface_type" == "tun" ]]; then
echo "$interface_name is a $interface_type interface"
else
echo "$interface_name is not a TUN or TAP interface"
fi
Similar to the -d option, but in this case, we use the ip tuntap command, which also displays the type of the interface if it’s a TUN or TAP interface.
Let’s use this to check for the tap0 interface:
$ ./script.sh tap0
tap0 is a TAP interface
This output also indicates that the tap0 interface is a TAP interface.
4.4. Using the nmcli Command
Finally, the nmcli command is a command-line tool for controlling and monitoring network settings in NetworkManager, a widely used network configuration tool in Linux systems. We can use it to configure various network interfaces, connections, and devices through the command line, making it a powerful tool for managing network settings.
In our context of checking the type of a network interface, we can use the nmcli device show command to display detailed information about a specific network interface, including the interface type, MAC address, IP address, and other network-related details.
However, by parsing the output of this command with a script, we can determine the type of network interface, whether it’s a physical, TUN or TAP interface:
#!/bin/bash
interface_name="$1"
interface_type="$(nmcli device show $interface_name | awk -F ': ' '/GENERAL.TYPE/ {print $2}')"
if [[ -n "$interface_type" ]]; then
echo "$interface_name is a $interface_type interface"
else
echo "$interface_name is not a network interface"
fi
Here, we check the type of interface_name network interface, which is a variable – in this case, eth0 – by using the nmcli command. This displays the type of interface in the GENERAL.TYPE field. Then, the awk command extracts the interface type from the nmcli output, and the script prints a message indicating the type of interface.
Let’s now save the script as check_interface_type_2.sh and execute it:
$ bash check_interface_type_2.sh eth0
eth0 is a ethernet interface
As we can see, our output indicates the type of the eth0 network interface as an ethernet (physical) interface. If the interface name is set to a different interface, or the interface is not a TUN, TAP, or physical interface, the script will output a different message accordingly.
5. Conclusion
As system administrators, understanding the different types of network interfaces in Linux is crucial for managing network connections and troubleshooting network-related issues. In this article, we covered four different types of interfaces: TUN, TAP, bridge, and physical.
We started by learning how to create them, and then, we discussed how to check the type of interface using several commands. By mastering the concepts covered in this article, we can better manage our network connections, troubleshoot connection issues, and configure network settings accordingly.