New Utilities in base: vknetd and vknet
Matthew Dillon
dillon at apollo.backplane.com
Wed May 28 21:10:36 PDT 2008
:Matthew Dillon wrote:
:> vknetd creates a virtual bridge for any number of vitrualized
:> connections and can then backfeed it all into a (possibly if_bridge'd)
:> TAP interface.
:
:very nifty!
:
:have been using openvpn for similar ..
:
:http://openvpn.net/
:
:this looks even easier setup-wise,
:though might run into the ip-over-ip congestion problem..
:
:good enough for quick tests though. inspiring as ever..
Yah, that and it makes sense to extend the network infrastructure into
userland in a way that acts more like an ether-switch and less like an
ether-device. So at the very least we now have that (via vknetd), which
does all the annoying RUN/BRIDGE tie-ins and provides a simple socket
connect to userland to tie network infrastructure together. The
vknet/ssh utility is just one possible tie-in.
The data format is ridiculously simple... its an ethernet frame, just
like TUN expects. So 12 bytes of MAC, 2 bytes of ether type, and then
the high level packet. One packet per write, one packet per read. You
can't get much simpler then that.
:anyone familiar with the openssh key-verification sequence?
:
:maybe this sequence could be emulated via UDP + inetd hooks for
:the ultimate in simple vpn setups..
:
:right.. but I'm about 3 releases behind on my DF projects..
:
:back to the drawing board..
:
:- Chris
That would be an interesting side project.
-Matt
Matthew Dillon
<dillon at backplane.com>
More information about the Kernel
mailing list