What does ip addr add dev tun1 local 192.168.69.0 remote 192.168.69.1 mean? [closed]
Solution 1:
In simple terms, you can distingush between two types of links (this is simplification, but enough for this question):
- peer-to-peer links, where each side of a link is a single peer. Each peer knows that there is just one other peer behind the link and everybody else is routed. Example is a serial link (via the PSTN modem)
- multiple access links, where there may be more than one other peer behind the link. There are multitude of examples, like Ethernet, WiFi, and some obsolete ones
When you configure address to an interface in the (usual) form of "address and netmask" via ip address add x.y.z.t/n dev eth
, you essentially do the following things:
- tell kernel it should recognize an
x.y.z.t
as its own address, so it adds a scope local route intolocal
routing table - tell kernel that addresses like
x.y.z.00...0
÷x.y.z.11...1
are directly accessible behind the link, so it adds a scope link route via this interface into themain
routing table (/n
specifies actually how many bits of address are common for all host on that network) - tell kernel x.y.z.11...1 is the "broadcast" address of the link, so it adds a broadcast route into the
local
table (and will consider packets destined to that address, in addition to the "node personal" addressx.y.z.t
)
But there is no "network" behind the peer-to-peer link, there is nobody to broadcast to, there may be only one other peer. When you add address to the link in the form ip address add local x.y.z.t remote b.c.d.e dev tun
, you essentially do the following:
- tell the kernel it should recognize an
x.y.z.t
as its own address, so it adds a scope local route intolocal
routing table - tell the kernel the address
b.c.d.e
is directly accessible through that link, so it adds a route to that address via this interface to themain
routing table.
E.g. the command ip address add local 10.0.1.0 remote 10.0.1.1 dev tun0
simply creates the following routes:
-
local 10.0.1.0 dev tun0 proto kernel scope host src 10.0.1.0
(in thelocal
table) -
10.0.1.1 dev tun0 proto kernel scope link src 10.0.1.0
(in themain
table)
Check routing tables before and after issuing "ip address add" commands in both cases.
Notice you may add peer-to-peer style config to the multiple access inteface and vice versa; you even can add a single "/32" address and then add routing "via the interface" by hand, and that will work exactly as if you set a meaningful netmask or remote address in the command. You can even add several types of configuration to the single interface and all of them could work simultaneously! So don't take all of these parameters too serously, think of them as the way to automatically add necessary routes when you configure an address.