How to Enable/Check TUN/TAP module in VPS(OpenVZ).

The terms TUN and TAP are commonly used in computer networking terminology. These are the virtual-network kernel devices. TUN is the short of network TUNnel and TAP is the short of network tap. The TUN simulates a network layer device and it operates with layer 3 packets like IP packets.

TAP simulates a link layer device and it operates with layer 2 packets like Ethernet frames. TUN is used with routing and TAP is used for creating a network bridge.

TUN/TAP kernel module is need to be enabled in VPS for VPN configuration. Here is a simple step to find out whether TUP/TAP is enabled or not in your VPS.

Step 1: Login to VPS via SSH

Step 2: Run this command:

# cat /dev/net/tun
cat: /dev/net/tun: File descriptor in bad state

The above output should be returned for a VPS having TUN/TAP enabled state. If you get any out put other than the above(Eg: cat: /dev/ppp: No such device or address, Permission denied etc) means TUN/TAP is not enabled or has problem with TUN/TAP kernal module.

How to enable TUN/TAP in OpenVZ?

Step 1: Login to Node via SSH.

Step 2: Run the below pasted command to find out tun module is already loaded or not

[[email protected]]# lsmod | grep tun
[[email protected]]#

If the output of the above commands returns a blank value means the tun module is not loaded in your Node.
Run the below command to load tum module.

[[email protected]]# modprobe tun
[[email protected]]# lsmod | grep tun
tun    82432  6

Step 3: Enabling TUN/TAP on VPS

To make sure that tun module will be automatically loaded on every reboot you can also add it or into /etc/modules.conf (on RHEL see /etc/sysconfig/modules/ directory) or into /etc/sysconfig/vz-scripts/VPSID.mount. (echo ‘modprobe tun’ >> /etc/sysconfig/vz-scripts/VPSID.mount)

Allow the container to use the tun/tap device by running the following commands on the host node:

[[email protected]]# vzctl set 101 --devnodes net/tun:rw --save
[[email protected]]# vzctl set 101 --devices c:10:200:rw --save 
[[email protected]]# vzctl stop 101 
[[email protected]]# vzctl set 101 --capability net_admin:on --save
[[email protected]]# vzctl start 101 
[[email protected]]# vzctl exec 101 mkdir -p /dev/net
[[email protected]]# vzctl exec 101 chmod 600 /dev/net/tun

That’s it.

Click here for more about TUN. Thank you.

Post navigation

Arunlal Ashok

Engineer at Endurance International Group. Linux lover.

Always happy for an open discussion! Write to arun (@) crybit (dot) com.

5 thoughts on “How to Enable/Check TUN/TAP module in VPS(OpenVZ).

Leave a Reply

Your email address will not be published. Required fields are marked *