Hi guys. Either it was there always and I was blind, though I go rootless very rarely, or my podman recently started this:  # ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00     inet 127.0.0.1/8 scope host lo        valid_lft forever preferred_lft forever     inet6 ::1/128 scope host        valid_lft forever preferred_lft forever 3: eth0@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default     link/ether d2:d4:62:b4:d7:61 brd ff:ff:ff:ff:ff:ff link-netnsid 0     inet 10.88.2.3/24 brd 10.88.2.255 scope global eth0        valid_lft forever preferred_lft forever     inet6 fe80::d0d4:62ff:feb4:d761/64 scope link        valid_lft forever preferred_lft forever 4: tap0: <BROADCAST,UP,LOWER_UP> mtu 65520 qdisc fq_codel state UNKNOWN group default qlen 1000     link/ether 6e:f7:55:d0:42:91 brd ff:ff:ff:ff:ff:ff     inet 10.0.2.100/24 brd 10.0.2.255 scope global tap0        valid_lft forever preferred_lft forever     inet6 fe80::6cf7:55ff:fed0:4291/64 scope link        valid_lft forever preferred_lft forever You can see 'eth0@if5' came from cni network but what that 'tun0' is doing there? Every rootless container on my box gets it. many thanks, L.