On Wed, Jun 23, 2010 at 06:11:09AM +0200, Claudio Jeker wrote: > On Tue, Jun 22, 2010 at 08:05:31PM -0700, Matt S wrote: > > I apologize in advance if this subject has been addressed but I was unable > > to turn up anything from a Google search and the manual pages did not quite > > yield enough information. IPv6 needs aside, what is the primary difference > > between tun(4) and gif(4)? When is it preferrable to use gif(4) over > > tun(4)? Is there any reason why I could not, say, perform IPSEC encryption > > over a tun(4) tunnel? > > > > Huh? From the man pages: > The tun driver provides a network interface pseudo-device. Packets sent > to this interface can be read by a userland process and processed as > desired. Packets written by the userland process are injected back into > the kernel networking subsystem. > > The gif interface is a generic tunnelling pseudo-device for IPv4 and > IPv6. It can tunnel IPv[46] over IPv[46] with behavior mainly based on > RFC 1933 IPv6-over-IPv4, for a total of four possible combinations... > > So tun(4) is a way to get packets to userland while gif is a real tunnel > device encapsulating the packets and sending it to a remote tunnel > endpoint. The two things are totaly different and yes you could make IPsec > in userland over tun(4) but nobody is enough of a masochist to do that.
Don't make bets against the ability of a large enough gene pool to produce such a twisted individual. :-). And the Orc pits that produce standards committee members probably produce a few interesting mutations too. .... Ken > > -- > :wq Claudio
