Tuesday, March 26, 2013

How to enable TUN/TAP device(Module for VPN) in side a Openvz container

OpenVZ supports VPN inside a container via kernel TUN/TAP module and device. To allow container #101 to use the TUN/TAP device the following should be done:
Make sure the tun module has been already loaded on the hardware node:

lsmod | grep tun
If it is not there, use the following command to load tun module:
modprobe tun To make sure that tun module will be automatically loaded on every reboot you can also add it or into /etc/modules.conf (on RHEL see /etc/sysconfig/modules/ directory).

 Granting container an access to TUN/TAP

Allow your container to use the tun/tap device by running the following commands on the host node:
vzctl set 101 --devnodes net/tun:rw --save

No comments:

Post a Comment