[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Net.Manager




On 22 March 2013 15:43, Vincent Bernardoff <vb@xxxxxxxxxxxxxx> wrote:
On 22/03/2013 13:45, Haris Rotsos wrote:

in order to create a tuntap interface you need to open an fd to a
/dev/tapX or /dev/taunX. The device is open only while the problem is
running and keeps the fd open. This is the case for both linux and mac.

No, in Linux you have open /dev/net/tun and use ioctl to configure the mode of operation, if you want it persistent or not, user/group ownership, etc.


The difference is that on linux there is a tun daemon and thep tunctl
command which can persist a tun interface without a requirement for an fd.

I did not see any "tun daemon" on my Linux whatsoever. I donât use the tunctl command either. Iâm using the "ip" command (ip tuntap add mode tap) which creates a persistent tap for me. Indeed there is no requirement for a fd. I made an OCaml "tunctl" command to test the ocaml-tuntap bindings, it is correctly replicating the behaviour of the "ip tuntap" command.


yes you are right. This was my errorus understanding of the tuntap module in linux.Â
Â



  PCAP was used have macs able to attach to a tun/tap using a
  different library (PCAP). I donât know exactly why PCAP was used for.


Pcap is used in the unix backend in order to create a user space
openflow switch in MacOSX. In such a setting you need to be able to have
both tun/tap interfaces as well as ethernet network devices. In MacOSX
there is no ethernet raw socket thing unfortunately and the best way to
intercept traffic in such a case is through a bpf device.


  My idea is to use ocaml-tuntap in macosx and linux the same way,
  creating transcient interfaces and passing the fd over a unix domain
  socket. This would work in all cases.


In this case you won't be able to integrate an existing network
interface to the Mirage Network stack. You need at least to consider raw
ethernet sockets for linux, bpf for MacOSX and find some nice
abstraction to expose this through the Manager(?) API.

Ok, just read about raw ethernet sockets. I did not know that it was possible, it is interesting. The possibility I was thinking about was to "integrate an existing network interface" in creating a tap interface and bridge it with the real network interface. This way you probably can read inbound/outbound ethernet frames. Would it be possible to do that on MacOSX ?

Could you please point me to some documentation on how to do that on Macs ?

Short is that there is no bridging functionality on MacOSX. Secondly, I am not sure but in linux I think that the bridge module is a learning bridge module, so if the kernel module learns your mac address then you might not receive any traffic there on. There is I think though a small trick to set the bridge interface into promiscuous mode, but I haven't tested it yet.Â
Â

Thank you very much for the explanation.

Cheers,

Vincent





--
Charalampos Rotsos
PhD student
The University of Cambridge
Computer Laboratory
William Gates Building
JJ Thomson Avenue
Cambridge
CB3 0FD

Phone: +44-(0) 1223 767032
Email: cr409@xxxxxxxxxxxx

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.