Can someone please explain the difference between linux ip tunnel and ip link command when it comes to configuring tunnels (such as GRE, IPIP, or VXLAN)?
I can see that I can configure a GRE tunnel, for example, in two ways:
Is there any difference between the two when it comes to the Linux resources created, performance etc.? Is one of the ways old fashined?
Cheers.
Both iproute2's commands interact with the same kernel, they don't implement anything except this communication only, effectively meaning you should expect no difference in terms of performance.
As can be seen from a relevant commit ip link uses more fresh kernel interface — rtnl_link, compared to ip tunnel: "…
This is accessed through the "ip link" command. The previous tunnel configuration interface "ip tunnel" remains as it is and should be retained for compatibility with old kernels. …
…"
(Sorry for typing an answer instead of what should be a comment, the comment would be too long to fit...)
I had exactly the same question as you a little while ago, so I read the source code of iproute2. As poige says, ip link uses a different interface than ip tunnel. ip tunnel uses the ioctl SIOCGETTUNNEL, SIOCADDTUNNEL, etc, while ip link uses the rtnl_link interface.
This changes a bit the mode of the interface:
$ sudo ip tunnel add ipiptun mode ipip local 10.3.3.3 remote 10.4.4.4 ttl 64 dev eno1
$ sudo ip link add ipiptun2 type ipip local 10.6.6.6 remote 10.7.7.7 ttl 64 dev eno1 #curiously the mode is any/ip here
ipiptun: ip/ip remote 10.4.4.4 local 10.3.3.3 dev eno1 ttl 64
ipiptun2: any/ip remote 10.7.7.7 local 10.6.6.6 dev eno1 ttl 64
Note that now there is an even newer way to create tunnel, which is to use lightweight route tunnels. Cf my question here, trying to understand them: Linux lightweight tunnels
