Virtual network adapters, such as TUN and TAP interfaces, operate at different levels within the ISO network stack.
Position in the Network Stack
- TAP Interfaces: Operate at layer two (Ethernet level), allowing them to handle various types of traffic, including non-IP protocols like Banyan VINES, LLDP, and NetBEUI.
- TUN Interfaces: Function at layer three (IP level), focusing exclusively on IPv4 and IPv6 protocols.
Traffic Handling
- TAP Interfaces: Being lower in the network stack grants them more flexibility and privileges. They can transport non-IP-based traffic and support bridging, which combines an Ethernet interface with a virtual TAP interface.
- TUN Interfaces: Limited to IP-based protocols, they do not support bridging effectively due to their higher position in the network stack.
Mechanisms
- MAC Addresses and ARP: TAP interfaces assign random MAC addresses and use ARP to map IP addresses to these MACs, wrapping IP packets into Ethernet frames.
- Efficiency: TUN interfaces eliminate the need for wrapping IP packets and ARP since their IP addresses are known, enhancing efficiency.
Performance
TUN interfaces are more efficient for pure IP routing due to the lack of packet wrapping, whereas TAP introduces overhead by encapsulating traffic.
Use Cases
- TAP Interfaces: Ideal for scenarios requiring bridging, network segmentation, or traffic monitoring/analysis due to their ability to handle diverse traffic types.
- TUN Interfaces: Commonly used in VPNs for securely routing IPv4 or IPv6 packets between endpoints and servers.