Linux TUN/TAP: Unable to read data back from TAP devices

Question

The question is about the proper configuration of a Linux host that would like to make use of the Tun/Tap module.

My Goal:

Making use of an exis

Answer 1

I've not tried your code (it's a bit strange that you were able to open TAP device twice from userspace not using a multiqueue flag, but let's assume that is correct), but you have a conceptual error in the way you handle TAP devices.

What TUN/TAP is essentially just a pipe, one side of this pipe is in the kernel (the tapX interface) and the other in some userspace application. Whatever this application writes to the pipe gets to the kernel interface as incoming traffic (and you see it with wireshark). Whatever kernel sends to that pipe (outgoing to tapX) ends up coming into application (the data you can read in application).

What your code currently doing is opening another userspace part of the same pipe, and that's not what you want. You want to get traffic on the other side of the pipe. Technically, what you're currently doing could be done by a simple bridge interface with both taps added as ports into it. Of course, if you want to not just bridge, but to modify traffic in some way things get a bit more complicated.

One way to solve this problem is to add another pair of TAP interfaces. You bridge (as in kernel bridge) your tap1 with tap3 and tap2 with tap4, now you open tap3 and tap4 in your 'mediator' and proxy frames between them. This is horribly inefficient, but may be a solution for your problem.