Hello.

I setup a tun tap device on my Devuan 5 but it seems to don't work
well ; in fact I can't ping outside of my network after having
configured a tun tap device

I'm trying to set up a bridge on Linux Devuan 5 (host os) with the
goal to give the connectivity to FreeBSD 13.2,that I have virtualized
with qemu-kvm-libvirt.
on Devuan I did :

# iptables -t nat -A POSTROUTING -o mlan0 -j MASQUERADE
# ip tuntap add tap0 mode tap
# ip link set dev tap0 up
# ifconfig tap0 192.168.99.1/24
# echo 1 > /proc/sys/net/ipv4/ip_forward

I'm connecting to the internet via wi-fi. These are the network interfaces
on my system now :


lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

        inet 127.0.0.1  netmask 255.0.0.0

        inet6 ::1  prefixlen 128  scopeid 0x10<host>

        loop  txqueuelen 1000  (Local Loopback)

        RX packets 3069  bytes 43192718 (41.1 MiB)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 3069  bytes 43192718 (41.1 MiB)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

mlan0: flags=-28605<UP,BROADCAST,RUNNING,MULTICAST,DYNAMIC> mtu 1500

        inet 192.168.1.7  netmask 255.255.255.0  broadcast 192.168.1.255

        inet6 fe80::e0ac:3a83:66e5:46d6  prefixlen 64  scopeid 0x20<link>

        ether 60:21:c0:e9:44:63  txqueuelen 1000  (Ethernet)

        RX packets 22153  bytes 1595425 (1.5 MiB)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 39246  bytes 45988654 (43.8 MiB)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tap0: flags=-28605<UP,BROADCAST,RUNNING,MULTICAST,DYNAMIC> mtu 1500

        inet 192.168.99.1  netmask 255.255.255.0  broadcast 192.168.99.255

        inet6 fe80::ec73:83ff:fe69:2c6f  prefixlen 64  scopeid 0x20<link>

        ether ee:73:83:69:2c:6f  txqueuelen 1000  (Ethernet)

        RX packets 46  bytes 3336 (3.2 KiB)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 261  bytes 56918 (55.5 KiB)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

now,check at this :


# iptables -L -v -t nat

# Warning: iptables-legacy tables present, use iptables-legacy to see them
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination
   13  1203 MASQUERADE  all  --  any    mlan0   anywhere             anywhere

I can ping :

# ping 192.168.99.1

PING 192.168.99.1 (192.168.99.1) 56(84) bytes of data.
64 bytes from 192.168.99.1: icmp_seq=1 ttl=64 time=0.156 ms
64 bytes from 192.168.99.1: icmp_seq=2 ttl=64 time=0.173 ms
^C
--- 192.168.99.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1036ms
rtt min/avg/max/mdev = 0.156/0.164/0.173/0.008 ms

# ping 192.168.1.7

PING 192.168.1.7 (192.168.1.7) 56(84) bytes of data.
64 bytes from 192.168.1.7: icmp_seq=1 ttl=64 time=0.110 ms
64 bytes from 192.168.1.7: icmp_seq=2 ttl=64 time=0.185 ms

BUT I can't ping :

# ping 8.8.8.8


PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
>From 192.168.99.1 icmp_seq=1 Destination Host Unreachable
>From 192.168.99.1 icmp_seq=2 Destination Host Unreachable
>From 192.168.99.1 icmp_seq=3 Destination Host Unreachable
^C
--- 8.8.8.8 ping statistics ---
5 packets transmitted, 0 received, +3 errors, 100% packet loss, time 4144ms
pipe 4

# ping google.com
ping: google.com: Name or service unknown.


Do you know the reason ? thanks.

--
Mario.