Re: tunnel interface names

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



>> the fact that ssh insists on tap* and tun* tun/tap-device-names is a
>> real nag and prevents from nice and easy solutions in some cases.
> 
> Could you offer some examples?

some client:
ssh -o "Tunnel Ethernet" -w any office

next client:
ssh -o "Tunnel Ethernet" -w any office
...and so forth.

interface configuration on the hub for all clients:
allow-hotplug /tap*=tap
iface tap inet manual
	bridge hub

now some other client needs a specific config on the server or there happens to be something else wanting to use a tap-interface for something else => every single client's interface has to be configured specifically, all interfaces have to be statically assigned to clients, clients have to reserve every single interface they might want to use in advance.

similar can be true for the client side:
ssh -b 1.2.3.4 -w any office
ssh -b 2.3.4.5 -w any office

allow-hotplug /tun*=tun
iface tun inet manual
	up route add default dev "$IFACE"

will also soon have to end up with specific single-interfaces nondynamic config.

imagine mixing this: the office knows several bridges and possibly even other uses of tun/tap. might be the same for clients.
now tun/tap interfaces do not have to be named tun* or tap*. namespaces can be used. so:

clients:
ssh -o "Tunnel Ethernet" -w officebridge1:officebridge1-alice office-hub

on the hub:
allow-hotplug /officebridge1-*=officebridge1-port
iface officebridge1-port inet manual
	 bridge officebridge1

and

client:
ssh -b 1.2.3.4 -w office1:office-alice1 office
ssh -b 2.3.4.5 -w office2:office-alice2 office

allow-hotplug /office*=office
iface office inet manual
	up route add default dev "$IFACE"

and server:
allow-hotplug /office-alice*=office-alice
iface office-alice inet manual
	up route add 3.4.5.0/24 dev "$IFACE"


what is the point of artificially restricting names to just tun\d+ and tap\d+ ?
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux