Results 1 to 11 of 11

Thread: Enable TUN/TAP device in Centos 6 HN w/VZ 4.7

  1. #1
    Mega Poster
    Join Date
    Oct 2009
    Posts
    112

    Question Enable TUN/TAP device in Centos 6 HN w/VZ 4.7

    According to recent updated http://kb.parallels.com/696, you need to enable tun in /etc/modprobe.conf.

    The main problem is /etc/modprobe.conf has been deprecated in CentOS 6 !!!!

    Can you please explain and update KB with the solution for it?


    with best regards,
    Horacio



  2. #2
    Product Expert
    Join Date
    Mar 2009
    Posts
    770

    Default

    You just need to create a new file in /etc/modprobe.d/ or find a suitable file in there to add the line to, then (I would guess) use the install command.

    Having said that, you don't necessarily need to do so. I don't know about Centos 6, but in Centos 5 it certainly isn't needed.

    If you lsmod | grep tun then you may well find it is loaded anyway, and it is likely to be loaded before VZ by default. In other words you don't necessarily need to do anything other than follow the rest of the instructions.

    Faris.



  3. #3
    Product Expert
    Join Date
    Mar 2009
    Posts
    770

    Default

    p.s. check out /etc/rc.modules -- dunno it's status in Centos 6, but that's where I load modules early in Centos 5.



  4. #4
    Mega Poster
    Join Date
    Oct 2009
    Posts
    112

    Default

    Thank you very much Faris.

    Can you please detail the syntax into the .conf file?
    I added: alias tun , but I think is a wrong syntax.

    thank you very much in advance



  5. #5
    Product Expert
    Join Date
    Mar 2009
    Posts
    770

    Default

    Yes, you'd probably need to use the install command in /etc/modprobe.d/whatver.conf

    I'd be much more comfortable loading it via /etc/rc.modules to be honest, where the syntax is simply "modprobe tun", just as you'd do at the command line.

    Faris.



  6. #6
    Mega Poster
    Join Date
    Mar 2007
    Posts
    110

    Default

    Quote Originally Posted by HoracioS View Post
    Thank you very much Faris.

    Can you please detail the syntax into the .conf file?
    I added: alias tun , but I think is a wrong syntax.

    thank you very much in advance
    Hi Horacio,

    As Faris says, you usually don't need to specifically load the tun module. "lsmod | grep tun" should show it as already loaded. For other modules such as fuse, I follow documents like this What is the correct way to load modules for iptables on Centos 6 and put an executable file in /etc/sysconfig/modules

    I call mine virtuozzo.modules. All you need to do is create /etc/sysconfig/modules/virtuozzo.modules with the following contents:

    #!/bin/sh
    modprobe tun



    Save and exit the file, execute:
    chmod 700 /etc/sysconfig/modules/virtuozzo.modules

    and it will be automatically loaded/run at boot. I originally started using this method in CentOS 5 and it's the same for CentOS 6.

    Cheers,


    Andrew



  7. #7
    Mega Poster
    Join Date
    Mar 2007
    Posts
    110

    Default

    Hi Horacio,

    It took me a while, but I just remembered that the recommended way to have the tun module and any dependencies loaded is to make sure openvpn is installed and configured to start on boot, as per step 5 of the kb article you referred to How to configure TUN/TAP devices inside a container to install VPN software?

    Just do a:
    yum install openvpn

    and:
    chkconfig --add openvpn

    and it will all be taken care of.


    Cheers,


    Andrew



  8. #8
    Product Expert KristianM's Avatar
    Join Date
    Jul 2011
    Location
    Augsburg, Germany
    Posts
    420

    Default

    Quote Originally Posted by figjam View Post
    All you need to do is create /etc/sysconfig/modules/virtuozzo.modules with the following contents:

    #!/bin/sh
    modprobe tun
    Hi,

    you should change that to:
    "/sbin/modprobe tun"

    As it is possible that no $PATH is set yet while booting.
    Just to be on the safe side

    Regards,
    Kristian



  9. #9
    Product Expert
    Join Date
    Mar 2009
    Posts
    770

    Default

    Just to backtrack a bit....

    The part of the KB that says to install openvpn (from the VZ CD, if I remember correctly) never made sense to me.

    Firstly, it means you end up with openvpn on your HN, which isn't necessarily what you want.

    Secondly, openvpn is excluded from yum updates by the vz yum exclude file, I think, so you'd never get any updates.

    So ... does anybody have any ideas/guesses why these instructions might be in the KB? I'm guessing something in the openvpn init.d makes sure mod tun gets loaded? Maybe that's all there is to it.



  10. #10
    Mega Poster
    Join Date
    Mar 2007
    Posts
    110

    Default

    Quote Originally Posted by Faris Raouf View Post
    Just to backtrack a bit....

    The part of the KB that says to install openvpn (from the VZ CD, if I remember correctly) never made sense to me.

    Firstly, it means you end up with openvpn on your HN, which isn't necessarily what you want.

    Secondly, openvpn is excluded from yum updates by the vz yum exclude file, I think, so you'd never get any updates.

    So ... does anybody have any ideas/guesses why these instructions might be in the KB? I'm guessing something in the openvpn init.d makes sure mod tun gets loaded? Maybe that's all there is to it.
    It's wrong. OpenVPN is installed but but not enabled by default when you install Virtuozzo 4.0. That would be why it's excluded in the default yum repositories. You actually only have to execute:

    chkconfig --add openvpn

    once Virtuozzo is installed.



    Cheers,


    Andrew



  11. #11
    Product Expert KristianM's Avatar
    Join Date
    Jul 2011
    Location
    Augsburg, Germany
    Posts
    420

    Default

    Hi,

    actually the only reason that OpenVPN is installed is that you can create a secure tunnel to Parallels.
    There is actually no requirement to install openvpn to "install" or "activate" the tun module.
    As the tun module is part of the kernel package, all one actually has to do is:

    "/bin/modprobe tun" and then check with "lsmod | grep tun". The next step will be to add this device to the CTs.

    Regards,
    Kristian
    - Parallels Certified Virtualization Professional (PCVP PVC Linux)
    - Parallels Certified Virtualization Engineer (PCVE PVC Linux)
    - Parallels Certified Automation Professional (PCAP PP Linux)
    - Parallels Certified Automation Engineer (PCAE PP Linux)
    - Parallels Certified Virtualization Professional - Parallels Cloud Server (PCVP PCS)



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •