mknod `/dev/net /tun' function is not implemented

[inakalepsie]

I've installed vpnc (sudo apt-get install vpnc) and tried to run it, but unsuccessfully.

I've got this error:

mknod: `/dev/net/tun': function is not implemented
vpnc-connect: can't initialise tunnel interface: Inappropriate ioctl for device

Any help would be greatly appreciated, as I often need to work through the VPN. Thanks.

[fcicq]

looks like you are requesting tun / tap device support. I dont think it will be implemented. you should use Windows native VPN instead.

[fpqc]

Windows should allow you to set up the VPN tunnel, then you should be able to just make use of WSL through the Windows tunnel.

[inakalepsie]

yes, I could set up VPN tunnel from Windows, but I would prefer to do it from WSL.:-)

[sunilmut]

@inakalepsie - Thanks for the feedback. If you would like to setup VPN through WSL, help us prioritize that by also providing that feedback through our user voice page

[JockDaRock]

@sunilmut so what is the status of this... I am interested in this being a thing as well

[fpqc]

@JockDaRock No update. If it is going to be implemented, there is zero chance it's going to show up in Redstone 2 (next Win10 release). We'll probably start hearing from the team about implementation of kernel-mode drivers in general (or maybe a way for driver-makers to expose their drivers to WSL) for this sort of thing, but there are right now no plans. They won't rule it out if it becomes a super high-rated feature on the user voice page, but atm they have other priorities.

[JockDaRock]

What is on the roadmap currently for WSL? 😄

[fpqc]

@JockDaRock Usermode usermode usermode, more interop, and better FS performance

[hiemal]

This is important especially for Cisco IPSec VPN. The only reason I use linux subsystem on windows is to get around the lack of support of cisco ipsec in windows 10 native vpn settings.

[JockDaRock]

I agree, this feature needs to be added fairly soon, makes some of my other projects more difficult

[sunilmut]

@russalex might be able to give a better insight into the roadmaps, which might help you understand where this lines up with other things.

[russalex]

Sorry for the late reply. Long weekend here.

Unfortunately I can't give too many details about the roadmap but I can give some clues. First, if you look at our release notes so far they show off a bit of our priorities (usermode, networking, bug fixes). Second, we have stated publicly that filesystem performance is pretty high on our list. Finally, we really do pay attention to User Voice so expect to see something from that list.

On /dev/net/tun, we do know that we have issues with VPN's, but we haven't fully investigated yet. This is one of those situations where we need to prioritize against everything else. As always, User Voice is a great place to vote to help raise visibility.

[misenesi]

@hiemal, could you please provide output when you do

ipconfig /all

?

I have a fix prepared for DNS resolution when you connect to VPN on windows, but need to verify that your VPN networking interface is reported as point-to-point interface (which is a Windows requirement).

[fpqc]

Pretty sure Win10 does support "Cisco Ipsec" in the advanced options anyway. Ipsec-IKEv2 with machine certs or user certs is broken for me on insider builds but works inside my Win10 1607 testing VM (lol @ role reversal). Not sure if I need to do a clean install of an insider build to fix it either...

Also, there's a whole other crazy thing where you can set up ipsec directly in the "Windows Advanced Firewall" for split-tunneling and secure login to remote domain controllers, but I haven't gotten it to work with strongswan.

[tcler]

user voice page:
https://wpdev.uservoice.com/forums/266908-command-prompt-console-bash-on-ubuntu-on-windo/suggestions/17292841-support-mknod-dev-net-tun-in-wsl

[Peter-J-Jansen]

I have just activated WSL on Windows 10 Creators Update, i.e. version 1703, and am pleased with the improvements, including that it is now based on Ubuntu 16.04.2 LTS. Great ! But ... still no possibility to make TUN / TAP devices, or BRIDGE devices. E.g. these failing commands :

hercules@PJJZ60:~$  sudo ip link add br0 type bridge
RTNETLINK answers: Invalid argument
hercules@PJJZ60:~$ ip tuntap add tap0 mode tap user hercules
open: No such file or directory
hercules@PJJZ60:~$ ip tuntap add tun0 mode tun user hercules
open: No such file or directory
hercules@PJJZ60:~$

This is, I think, a crucial missing link, that many, many people would like to see implemented.
Best regards,
Peter J. Jansen

[fpqc]

@Peter-J-Jansen This is going to need specific kernel-side attention, it's not just a matter of having the userspace tools working. the reason why RTNETELINK is giving an 'invalid argument' error is that the kernel side of the socket doesn't exist right now.

[Peter-J-Jansen]

Dear fpqc,
This appears to be a though job then. Is there a chance that this may get implemented please ? If so, could it appear already in the next Windows 10 update ?
Thanks,
Peter J. Jansen

[fpqc]

@Peter-J-Jansen sure there's a chance, but I wouldn't hold my breath.

[Peter-J-Jansen]

Dear fpqc,
Thanks for the feedback, I understand this is going to be problematic.
Is there a way to find out about Microsoft's priorities for WSL improvements and to see if this is somewhere in the pipeline at all ?
Peter J. Jansen

[fpqc]

this kind of feature will only make it in if there are a lot of votes for it on uservoice I think

[vineethelias]

I'm facing same problem with openconnect vpn. It fails to configure tun\tap module.

[fpqc]

@vineethelias yeah because WSL doesn't contain such a kernel module to configure

[moralrebuild]

Any progress in April 2018? I was failed when running openconnect in WSL Debian:
Failed to open tun device: No such device
Set up tun device failed
Unknown error; exiting.

[tara-raj]

We do not currently have plans to support this. Please submit a request on our User Voice Page and upvote. We will prioritize feature requests accordingly

[fpqc]

Can't you set up the tunnel on Windows and then set your routes to use the Windows tunnel?

[therealkenc]

Can't you set up the tunnel on Windows and then set your routes to use the Windows tunnel?

Yep. I spend some of my day with bits and bytes going through an OpenSSL tunnel via a Windows TAP driver to California. Have since before the OP.

Someone mentioned further back "yes, I could set up VPN tunnel from Windows, but I would prefer to do it from WSL". Someone is bound to say it again. But that isn't really a well-formed ask under the present WSL design, since (unlike in a VM) your Windows Network is your WSL network. It is roughly equivalent to "I want to administer my Windows network with the Linux kernel ABI".

So, yeah, UserVoice, sure -- I guess. But there are a lot of technical reasons why that isn't real feasible, and those reasons don't have much to do with "tunnels". [With the obligatory caveat, anything is technically possible even if it isn't especially feasible.]

[ed] User Voice here and here.

[pmercatoris]

Any update on this? I am trying to install snx vpn on wsl or on docker, but the missing tun module makes it impossible.

[therealkenc]

I am trying to install snx vpn

If you are missing a particular kconfig module please open new submission under a new cover. For general help with "snx vpn" you will get better eyeballs in a forum related to the product.

[DjArt]

But what about WSL1?