Home » How can I create a virtual ethernet interface on a machine without a physical adapter?

How can I create a virtual ethernet interface on a machine without a physical adapter?

Solutons:


Setting up a dummy interface

If you want to create network interfaces, but lack a physical NIC to back it, you can use the dummy link type. You can read more about them here: iproute2 Wikipedia page.

Creating eth10

To make this interface you’d first need to make sure that you have the dummy kernel module loaded. You can do this like so:

$ sudo lsmod | grep dummy
$ sudo modprobe dummy
$ sudo lsmod | grep dummy
dummy                  12960  0 

With the driver now loaded you can create what ever dummy network interfaces you like:

$ sudo ip link add eth10 type dummy

NOTE: In older versions of ip you’d do the above like this, appears to have changed along the way. Keeping this here for reference purposes, but based on feedback via comments, the above works now.

$ sudo ip link set name eth10 dev dummy0

And confirm it:

$ ip link show eth10
6: eth10: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default 
    link/ether c6:ad:af:42:80:45 brd ff:ff:ff:ff:ff:ff

Changing the MAC

You can then change the MAC address if you like:

$ sudo ifconfig eth10 hw ether 00:22:22:ff:ff:ff
$ ip link show eth10
6: eth10: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default 
    link/ether 00:22:22:ff:ff:ff brd ff:ff:ff:ff:ff:ff

Creating an alias

You can then create aliases on top of eth10.

$ sudo ip addr add 192.168.100.199/24 brd + dev eth10 label eth10:0

And confirm them like so:

$ ifconfig -a eth10
eth10: flags=130<BROADCAST,NOARP>  mtu 1500
        ether 00:22:22:ff:ff:ff  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

$ ifconfig -a eth10:0
eth10:0: flags=130<BROADCAST,NOARP>  mtu 1500
        inet 192.168.100.199  netmask 255.255.255.0  broadcast 192.168.100.255
        ether 00:22:22:ff:ff:ff  txqueuelen 0  (Ethernet)

Or using ip:

$ ip a | grep -w inet
    inet 127.0.0.1/8 scope host lo
    inet 192.168.1.20/24 brd 192.168.1.255 scope global wlp3s0
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
    inet 192.168.100.199/24 brd 192.168.100.255 scope global eth10:0

Removing all this?

If you want to unwind all this you can run these commands to do so:

$ sudo ip addr del 192.168.100.199/24 brd + dev eth10 label eth10:0
$ sudo ip link delete eth10 type dummy
$ sudo rmmod dummy

References

  • MiniTip: Setting IP Aliases under Fedora
  • Linux Networking: Dummy Interfaces and Virtual Bridges
  • ip-link man page
  • iproute2 HOWTO
  • iproute2 cheatsheet

You can create virtual interfaces using the iproute2 toolkit.

ip link add veth0 type veth peer name veth1

This will create 2 interfaces, veth0 and veth1. Think of them as 2 ends of a pipe. Any traffic sent into veth0 will come out veth1 and vice versa.

If you want the traffic to be routed, you can do:

sysctl -w net.ipv4.conf.veth0.forwarding=1

This will tell the kernel to forward traffic coming from veth0 (so use veth1 for the used endpoint).

Another option is to set up a bridge with veth0 and another interface. Then any traffic coming through the virtual interface will get routed out to the network as if your machine were simply acting as a switch.

There are many other things you can do with this traffic (masquerade it, redirect it, DNAT it, etc), but that depends on what you’re trying to accomplish.

To tear it down:

ip link del veth0

Tested on Ubuntu 18.04:

1. The basics:

# 1. Install the "dummy" Linux kernel module.
sudo modprobe dummy
# 2. Ensure the "dummy" Linux kernel module is installed.
sudo lsmod | grep dummy
# 3. Create a virtual (dummy) interface named `eth10`.
sudo ip link add eth10 type dummy
# 4. Change this new interface's IP address to whatever you like
# (10.0.0.1 in this case).
sudo ip address change dev eth10 10.0.0.1
# 5. See the newly-created device and the IP address you just
# assigned to it.
ip address

That’s it!

And if you ever need to delete this device:

# 6. Delete this `eth10` dummy device you created.
sudo ip link delete eth10 type dummy
# 7. Ensure 'eth10' is deleted and doesn't show up here now.
ip address

Done!

2. More details

lsmod shows “the status of modules in the Linux Kernel” (see man lsmod). Try it out! Just type in

lsmod

One of the modules is called dummy. Let’s look to see it’s there:

$ lsmod | grep dummy
dummy                  16384  0

Yep, it’s there. Good. That Linux kernel module must be present for you to be able to run the sudo ip link add eth10 type dummy command above to create the virtual interface using the dummy kernel module. If you don’t have it, see @slm’s answer.

Before you create a new virtual interface, run this to see what IP addresses and interfaces you already have:

ip address

You can also take a look at this:

ifconfig

After you have created your new virtual interface, you will see it in the output of the ip address command above. Note: ifconfig may not show a virtual, dummy device you create, but ip address will.


Wait, but my coworker ran sudo ip addr change dev eth10 10.0.0.1, in place of sudo ip address change dev eth10 10.0.0.1 (notice addr in place of address). Or, maybe they ran sudo ip a change dev eth10 10.0.0.1 (notice a in place of address). What’s up with that!?

Well, this particular command only needs enough of its characters to ensure it knows what you mean. In other words, once you have enough characters in the command for it to know you couldn’t possibly mean any other command, it accepts it. Since no other subcommand after ip starts with the letter a, ip a is enough. Therefore, all of the below commands are equivalent:

ip address
ip addres
ip addre
ip addr
ip add
ip ad
ip a

Just be aware of this weird sort of thing when sharing information and looking at the help menus and man pages (shown in my references below). Otherwise, you’ll be all sorts of confused, like I was, when no matter how hard you search you can’t find the a (as in ip a) or addr (as in ip addr) commands listed anywhere in these page. Just realize both of those are short for address. Ah…now there it is in the help pages!

$ ip help
Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
       ip [ -force ] -batch filename
where  OBJECT := { link | address | addrlabel | route | rule | neigh | ntable |
                   tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm |
                   netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila |
                   vrf | sr }
       OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
                    -h[uman-readable] | -iec |
                    -f[amily] { inet | inet6 | ipx | dnet | mpls | bridge | link } |
                    -4 | -6 | -I | -D | -B | -0 |
                    -l[oops] { maximum-addr-flush-attempts } | -br[ief] |
                    -o[neline] | -t[imestamp] | -ts[hort] | -b[atch] [filename] |
                    -rc[vbuf] [size] | -n[etns] name | -a[ll] | -c[olor]}

And ip address help (or man ip address), to see the existence of the ip address change command!:

$ ip address help
Usage: ip address {add|change|replace} IFADDR dev IFNAME [ LIFETIME ]
                                                      [ CONFFLAG-LIST ]
       ip address del IFADDR dev IFNAME [mngtmpaddr]
       ip address {save|flush} [ dev IFNAME ] [ scope SCOPE-ID ]
                            [ to PREFIX ] [ FLAG-LIST ] [ label LABEL ] [up]
       ip address [ show [ dev IFNAME ] [ scope SCOPE-ID ] [ master DEVICE ]
                         [ type TYPE ] [ to PREFIX ] [ FLAG-LIST ]
                         [ label LABEL ] [up] [ vrf NAME ] ]
       ip address {showdump|restore}
IFADDR := PREFIX | ADDR peer PREFIX
          [ broadcast ADDR ] [ anycast ADDR ]
          [ label IFNAME ] [ scope SCOPE-ID ]
SCOPE-ID := [ host | link | global | NUMBER ]
FLAG-LIST := [ FLAG-LIST ] FLAG
FLAG  := [ permanent | dynamic | secondary | primary |
           [-]tentative | [-]deprecated | [-]dadfailed | temporary |
           CONFFLAG-LIST ]
CONFFLAG-LIST := [ CONFFLAG-LIST ] CONFFLAG
CONFFLAG  := [ home | nodad | mngtmpaddr | noprefixroute | autojoin ]
LIFETIME := [ valid_lft LFT ] [ preferred_lft LFT ]
LFT := forever | SECONDS
TYPE := { vlan | veth | vcan | vxcan | dummy | ifb | macvlan | macvtap |
          bridge | bond | ipoib | ip6tnl | ipip | sit | vxlan | lowpan |
          gre | gretap | erspan | ip6gre | ip6gretap | ip6erspan | vti |
          nlmon | can | bond_slave | ipvlan | geneve | bridge_slave |
          hsr | macsec

References:

  1. @slm’s answer here
  2. ip help
  3. man ip
  4. ip link help
  5. man ip link
  6. ip address help
  7. man ip address

Related:

  1. [my answer] AskUbuntu: How to enable/disable networking (ethernet or wifi) devices, arbitrarily

Related Solutions

Joining bash arguments into single string with spaces

[*] I believe that this does what you want. It will put all the arguments in one string, separated by spaces, with single quotes around all: str="'$*'" $* produces all the scripts arguments separated by the first character of $IFS which, by default, is a space....

AddTransient, AddScoped and AddSingleton Services Differences

TL;DR Transient objects are always different; a new instance is provided to every controller and every service. Scoped objects are the same within a request, but different across different requests. Singleton objects are the same for every object and every...

How to download package not install it with apt-get command?

Use --download-only: sudo apt-get install --download-only pppoe This will download pppoe and any dependencies you need, and place them in /var/cache/apt/archives. That way a subsequent apt-get install pppoe will be able to complete without any extra downloads....

What defines the maximum size for a command single argument?

Answers Definitely not a bug. The parameter which defines the maximum size for one argument is MAX_ARG_STRLEN. There is no documentation for this parameter other than the comments in binfmts.h: /* * These are the maximum length and maximum number of strings...

Bulk rename, change prefix

I'd say the simplest it to just use the rename command which is common on many Linux distributions. There are two common versions of this command so check its man page to find which one you have: ## rename from Perl (common in Debian systems -- Ubuntu, Mint,...

Output from ls has newlines but displays on a single line. Why?

When you pipe the output, ls acts differently. This fact is hidden away in the info documentation: If standard output is a terminal, the output is in columns (sorted vertically) and control characters are output as question marks; otherwise, the output is...

mv: Move file only if destination does not exist

mv -vn file1 file2. This command will do what you want. You can skip -v if you want. -v makes it verbose - mv will tell you that it moved file if it moves it(useful, since there is possibility that file will not be moved) -n moves only if file2 does not exist....

Is it possible to store and query JSON in SQLite?

SQLite 3.9 introduced a new extension (JSON1) that allows you to easily work with JSON data . Also, it introduced support for indexes on expressions, which (in my understanding) should allow you to define indexes on your JSON data as well. PostgreSQL has some...

Combining tail && journalctl

You could use: journalctl -u service-name -f -f, --follow Show only the most recent journal entries, and continuously print new entries as they are appended to the journal. Here I've added "service-name" to distinguish this answer from others; you substitute...

how can shellshock be exploited over SSH?

One example where this can be exploited is on servers with an authorized_keys forced command. When adding an entry to ~/.ssh/authorized_keys, you can prefix the line with command="foo" to force foo to be run any time that ssh public key is used. With this...

Why doesn’t the tilde (~) expand inside double quotes?

The reason, because inside double quotes, tilde ~ has no special meaning, it's treated as literal. POSIX defines Double-Quotes as: Enclosing characters in double-quotes ( "" ) shall preserve the literal value of all characters within the double-quotes, with the...

What is GNU Info for?

GNU Info was designed to offer documentation that was comprehensive, hyperlinked, and possible to output to multiple formats. Man pages were available, and they were great at providing printed output. However, they were designed such that each man page had a...

Set systemd service to execute after fstab mount

a CIFS network location is mounted via /etc/fstab to /mnt/ on boot-up. No, it is not. Get this right, and the rest falls into place naturally. The mount is handled by a (generated) systemd mount unit that will be named something like mnt-wibble.mount. You can...

Merge two video clips into one, placing them next to each other

To be honest, using the accepted answer resulted in a lot of dropped frames for me. However, using the hstack filter_complex produced perfectly fluid output: ffmpeg -i left.mp4 -i right.mp4 -filter_complex hstack output.mp4 ffmpeg -i input1.mp4 -i input2.mp4...

How portable are /dev/stdin, /dev/stdout and /dev/stderr?

It's been available on Linux back into its prehistory. It is not POSIX, although many actual shells (including AT&T ksh and bash) will simulate it if it's not present in the OS; note that this simulation only works at the shell level (i.e. redirection or...

How can I increase the number of inodes in an ext4 filesystem?

It seems that you have a lot more files than normal expectation. I don't know whether there is a solution to change the inode table size dynamically. I'm afraid that you need to back-up your data, and create new filesystem, and restore your data. To create new...

Why doesn’t cp have a progress bar like wget?

The tradition in unix tools is to display messages only if something goes wrong. I think this is both for design and practical reasons. The design is intended to make it obvious when something goes wrong: you get an error message, and it's not drowned in...