How to Enable/Check TUN/TAP module in VPS(OpenVZ).

The terms TUN and TAP are commonly used in computer networking terminology. These are the virtual-network kernel devices. TUN is the short of network TUNnel and TAP is the short of network tap. The TUN simulates a network layer device and it operates with layer 3 packets like IP packets.

TAP simulates a link layer device and it operates with layer 2 packets like Ethernet frames. TUN is used with routing and TAP is used for creating a network bridge.

TUN/TAP kernel module is need to be enabled in VPS for VPN configuration. Here is a simple step to find out whether TUP/TAP is enabled or not in your VPS.

Step 1: Login to VPS via SSH

Step 2: Run this command:

# cat /dev/net/tun
cat: /dev/net/tun: File descriptor in bad state

The above output should be returned for a VPS having TUN/TAP enabled state. If you get any out put other than the above(Eg: cat: /dev/ppp: No such device or address, Permission denied etc) means TUN/TAP is not enabled or has problem with TUN/TAP kernal module.

How to enable TUN/TAP in OpenVZ?

Step 1: Login to Node via SSH.

Step 2: Run the below pasted command to find out tun module is already loaded or not

[root@Node]# lsmod | grep tun

If the output of the above commands returns a blank value means the tun module is not loaded in your Node.
Run the below command to load tum module.

[root@Node]# modprobe tun
[root@Node]# lsmod | grep tun
tun    82432  6

Step 3: Enabling TUN/TAP on VPS

To make sure that tun module will be automatically loaded on every reboot you can also add it or into /etc/modules.conf (on RHEL see /etc/sysconfig/modules/ directory) or into /etc/sysconfig/vz-scripts/VPSID.mount. (echo ‘modprobe tun’ >> /etc/sysconfig/vz-scripts/VPSID.mount)

Allow the container to use the tun/tap device by running the following commands on the host node:

[root@Node]# vzctl set 101 --devnodes net/tun:rw --save
[root@Node]# vzctl set 101 --devices c:10:200:rw --save 
[root@Node]# vzctl stop 101 
[root@Node]# vzctl set 101 --capability net_admin:on --save
[root@Node]# vzctl start 101 
[root@Node]# vzctl exec 101 mkdir -p /dev/net
[root@Node]# vzctl exec 101 chmod 600 /dev/net/tun

That’s it.

Click here for more about TUN. Thank you.

Arunlal Ashok

DevOps (Server & Cloud infrastructure) Engineer. I'm dealing Linux servers since 2012. I started this blog to share and discuss my ideas. Always happy for an open discussion! Write to arun (@) crybit (dot) com

You may also like...

5 Responses

  1. Waqass says:

    nicely explained.

  2. Digin Dominic says:

    vzctl exec 101 mknod /dev/net/tun c 10 200

    • Digin Dominic says:

      Dear Admin please update the article with the above command between the following commands,

      [root@Node]# vzctl exec 101 mkdir -p /dev/net
      [root@Node]# vzctl exec 101 chmod 600 /dev/net/tun

  1. January 27, 2014

    […] Related links: WHM showing disk usage 0 for all users in OpenVZ VPS How to Enable/Check TUN/TAP module in VPS(OpenVZ) […]

Leave a Reply

Your email address will not be published. Required fields are marked *