I'm trying to send packets to an application listening on eth0 from machine's user-space as if they were coming from a remote machine.
What I can't seem to find good documentation for is the exact way a TUN/TAP device interacts with the rest of the network stack? Are packets forwarded to eth0 if they are bound for a remote host? Will packets addressed for the localhost be forwarded to the userspace application by default? At what stages do the packets appear in the kernel relative to the Netfilter stack?
The behaviour doesn't appear well documented (http://openvpn.net/archive/openvpn-users/2005-05/msg00224.html, https://www.kernel.org/doc/Documentation/networking/tuntap.txt)).
Best Answer
The tun tap device appears the same to the kernel in that it can't tell whether the data comes from a wire connected to an ethernet interfaces or from a userland application. When data is written it is forwarded to the userland application rather than a physical interface device eg. eth0
The interface a packet is forwarded to will be based on the routing table as usual which you can view with
ip routeornetstat -r. This will apply to packets addressed for the localhost also.Additionally, TUN/TAP interface can also be used as the interface for a route which appears in the routing table.