New Utilities in base: vknetd and vknet

Matthew Dillon dillon at apollo.backplane.com
Wed May 28 21:10:36 PDT 2008


:Matthew Dillon wrote:
:>     vknetd creates a virtual bridge for any number of vitrualized
:>     connections and can then backfeed it all into a (possibly if_bridge'd)
:>     TAP interface.
:
:very nifty!
:
:have been using openvpn for similar ..
:
:http://openvpn.net/
:
:this looks even easier setup-wise,
:though might run into the ip-over-ip congestion problem..
:
:good enough for quick tests though. inspiring as ever..

    Yah, that and it makes sense to extend the network infrastructure into
    userland in a way that acts more like an ether-switch and less like an
    ether-device.  So at the very least we now have that (via vknetd), which
    does all the annoying RUN/BRIDGE tie-ins and provides a simple socket
    connect to userland to tie network infrastructure together.  The
    vknet/ssh utility is just one possible tie-in.  

    The data format is ridiculously simple... its an ethernet frame, just
    like TUN expects.  So 12 bytes of MAC, 2 bytes of ether type, and then
    the high level packet.  One packet per write, one packet per read.  You
    can't get much simpler then that.

:anyone familiar with the openssh key-verification sequence?
:
:maybe this sequence could be emulated via UDP + inetd hooks for
:the ultimate in simple vpn setups..
:
:right.. but I'm about 3 releases behind on my DF projects..
:
:back to the drawing board..
:
:- Chris

    That would be an interesting side project.

					-Matt
					Matthew Dillon 
					<dillon at backplane.com>





More information about the Kernel mailing list