At 04:07 AM 9/24/98 , Heiko W.Rupp wrote:
>On Wed, Sep 23, 1998 at 12:03:33PM -0400, Andrew Brown wrote:
>> so...(feeling a little foolish) does this accomplish anything that
>> couldn't be done using tun0 and a suitable userspace daemon?
>
>Dunno :-) 

No.  

>> what's the difference?
>
>As I understand it, tun gives you byte by byte, while in the (kernel)
>gre interface, the interface gets a L3 packet in a (list of) mbuf(s)
>where the encapsulation is more or less easily done. While with tun,
>you have to scan for packet boundaries yourself.

Tun gives you a packet per read so you know exactly where the packet
boundaries are.

>I see tun more as interface to implement e.g. userland ppp. I also
>don't know about performance.

I've written an IPsec tunneller using raw sockets and a tun device.
(it uses IKE and ESP).  Performance is just fine.
-- 
Matt Thomas               Internet:   matt@3am-software.com
3am Software Foundry      WWW URL:    http://www.3am-software.com/bio/matt/
Sunnyvale, CA             Disclaimer: I avow all knowledge of this message