Every VPN stack is architecture is done in a specific way to accomplish fundamental VPN specifications, requirements and goals. As a part of VPN Network stack architecture quite often we find it may incorporate Virtual Network ports. These port(s) you can see via ifconfig, etc, and even capture the packets via tools such as tcpdump, wireshark, etc.
Majority of the VPN solutions utilize the TUN/TAP virtual network framework. One is suitable (TAP) for Layer-2 type of networks while the other (TUN) is suitable for Layer-3 type networks. So if you see open-source VPN solutions like OpenVPN, VTun, etc use TUN/TAP framework for their VPN network architecture. In fact I have discussed extensively on TUN/TAP interfaces and if you are interested you can go through my articles over HERE. But in the case of Wireguard VPN solution it has its own custom Linux Kernel Virtual Network Interface. So if you do ifconfig you can find virtual interfaces created by these VPN stack such as tun0, tap0 and so on vs in the case of Wireguard you should find the interface name as wg0.
Here is my extensive YouTube where I discussed about these VPN stack virtual network interfaces.
Refer:
Linux Kernel Dummy Network Interface /drivers/net/dummy.c Network Namespace Research ↗
Online Course – Linux TUN/TAP virtual network interfaces ↗
VTun ↗
WireGuard ↗
OpenVPN ↗
I also conduct sessions/classes on Systems and Network Software Programming, Linux Kernel Programming and Architecture. If you are interested, click HERE for more details.
If you have any queries or anything to discuss further on Linux Kernel Programming and writing Kernel modules kindly feel free to contact me.