Skip to content

Add TUN device setup for agent and switch#16

Open
Zeleph25 wants to merge 1 commit into
releasefrom
feat/tun-setup
Open

Add TUN device setup for agent and switch#16
Zeleph25 wants to merge 1 commit into
releasefrom
feat/tun-setup

Conversation

@Zeleph25

@Zeleph25 Zeleph25 commented Jun 9, 2026

Copy link
Copy Markdown
Collaborator

Add TUN device setup for agent and switch

What was added

This PR lays the networking foundation for packet routing by creating TUN interfaces on both the agent and switch after the MIP handshake completes.

Proto changes:

  • Add PacketPrepareRouteForTarget, PacketNextForTarget, PacketIPv4Raw to mip.proto for the upcoming routing implementation
  • Add virtual_ipv4 to PacketConnectionAccepted so the switch can tell the agent its assigned virtual IP during handshake
  • Add PREPARE_ROUTE_FOR_TARGET, NEXT_FOR_TARGET, IPV4_RAW to the packet type enum and dispatch

TUN utility (src/common/tun.cpp):

  • tun_open(name, ipv4, prefix_len) — opens /dev/net/tun, creates a named interface, assigns the virtual IP with configurable prefix length (default /24), and brings the interface up
  • tun_close(fd, name) — brings the interface down and closes the fd
  • Writes are atomic — uses a separate DGRAM socket for ioctl configuration

Switch changes:

  • Loads agent config from VNET_CONFIG_PATH env var
  • Initializes BlackBox with the config at startup
  • Calls blackbox.on_agent_authenticated() on token validation — registers the agent and retrieves its virtual IP
  • Sends virtual_ipv4 in PacketConnectionAccepted
  • Calls blackbox.on_agent_disconnected() on close
  • Rejects agents not found in config
  • Added switch-entrypoint.sh — fails fast with a clear error if config file is missing or is a directory

Agent changes:

  • Reads virtual_ipv4 from PacketConnectionAccepted
  • Creates TUN interface vnet-<agent_name> with the assigned IP after handshake
  • Registers TUN fd in NetQueue
  • Closes TUN on shutdown

Conductor change:

  • Rejects duplicate agent names — closes the fd immediately if an agent with the same name is already connected

Docker:

  • Add NET_ADMIN capability and /dev/net/tun device to agent and switch containers
  • Mount per-switch config files via VNET_CONFIG_PATH
  • Add iproute2 to switch and agent runtime images
  • Add libgtest-dev/libgmock-dev to builder stages and update CMakeLists.txt to prefer system GTest over FetchContent

Verified:

[BlackBox] Agent registered: agent1 (fd=6)
[Switch] Agent agent1 authenticated (fd=6, ip=10.0.1.1)
[TUN] Interface vnet-agent1 up with IP 10.0.1.1/24
3: vnet-agent1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP>
    inet 10.0.1.1/24 scope global vnet-agent1

@Zeleph25 Zeleph25 changed the title feat(tun-setup): add TUN device setup for agent and switch Add TUN device setup for agent and switch Jun 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant