PeerVPN - open source peer-to-peer VPN

    Translation of the announcement and small documentation of the PeerVPN project , which seemed interesting to me.

    PeerVPN


    This is a program that creates a virtual LAN from several remote computers. Such networks can be useful for direct communication between applications, such as file or game sharing. Often, it is not possible to establish this interaction in the usual way because of firewalls or NAT.

    Traditional VPNs operate on a client-server scheme, when many nodes connect to a single server. Such a stellar topology has flaws. The central server must have high bandwidth to handle all network traffic. If the server crashes, the network crashes.

    PeerVPN operates on a distributed technology where all nodes communicate with each other without the need for a central server. If one node is disconnected, this does not affect the network.

    Setting up a network is easy. You need to set the network name, password and contact information (IP and port) of another node. Adding new nodes does not require reconfiguration of the network, their addresses are distributed over the network automatically.

    The properties


    - Ethernet support through TAP
    - IPv6 support
    - distributed technology
    - automatic tunnel lifting through firewall and NAT without additional settings
    - support for shared keys and authorization

    Platforms


    Linux and FreeBSD. Requires OpenSSL

    License


    PeerVPN is licensed under GPLv3.

    Download


    Version 0.042 (2015-01-21)

    source code: peervpn-0-042.tar.gz
    statically linked x86 binary for Linux: peervpn-0-042-linux-x86.tar.gz

    Webpage


    www.peervpn.net

    Setup Example


    Suppose you installed PeerVPN on two Linux computers, which we will call “Node A” and “Node B”.

    Configure Node A

    Create a peervpn.conf file with the following contents:

    port 7000
    networkname ExampleNet
    psk mysecretpassword
    enabletunneling yes
    interface peervpn0
    ifconfig4 10.8.0.1/24
    


    UDP port 7000 will be opened and a virtual Ethernet interface created under the name peervpn0 and with the address 10.8.0.1.

    Node A must be accessible directly from node B. If node A is behind NAT, you must forward port 7000.

    Configure Node B

    Create a peervpn.conf file with the following contents:

    port 7000
    networkname ExampleNet
    psk mysecretpassword
    enabletunneling yes
    interface peervpn0
    ifconfig4 10.8.0.2/24
    initpeers node-a.example.com 7000
    


    Instead of node-a.example.com, you need to substitute the address of node A.

    Testing

    Run PeerVPN on both nodes. The peervpn0 interface should appear on each. Installing a VPN tunnel may take some time. Try pinging 10.8.0.2 from host A or 10.8.0.1 from host B. If a response is received, then the VPN works!

    Adding nodes to the network

    Copy peervpn.conf from host B to the new host and change the IP in the ifconfig command to 10.8.0.3, 10.8.0.4, etc. When starting a node, a tunnel to node A will be built first, and after a while - to node B and other network nodes.

    Also popular now: