As we have seen so far in this chapter, there are many similarities, but also some significant differences between a tun-style VPN and a tap-style VPN. In this section, we will discuss those similarities and differences. Most of the differences stem from the single fact that a tun-style VPN is a non-broadcast, point-to-point IP-only network, whereas a tap-style network provides a fully virtual, Ethernet-like network with broadcast support. In short, a tun-style network provides layer 3 network connectivity, whereas a tap-style network provides almost all the functionality of a layer 2 network.
Especially with the
topology subnet option, a tun-based setup resembles a non-bridged tap-based setup:
server 10.200.0.0 ...