February 11, 2015 at 01:01PeerVPN - open source peer-to-peer VPN
Translation of the announcement and small documentation of the PeerVPN project , which seemed interesting to me.
This is a program that creates a virtual LAN from several remote computers. Such networks can be useful for direct communication between applications, such as file or game sharing. Often, it is not possible to establish this interaction in the usual way because of firewalls or NAT.
Traditional VPNs operate on a client-server scheme, when many nodes connect to a single server. Such a stellar topology has flaws. The central server must have high bandwidth to handle all network traffic. If the server crashes, the network crashes.
PeerVPN operates on a distributed technology where all nodes communicate with each other without the need for a central server. If one node is disconnected, this does not affect the network.
Setting up a network is easy. You need to set the network name, password and contact information (IP and port) of another node. Adding new nodes does not require reconfiguration of the network, their addresses are distributed over the network automatically.
- Ethernet support through TAP
- IPv6 support
- distributed technology
- automatic tunnel lifting through firewall and NAT without additional settings
- support for shared keys and authorization
Linux and FreeBSD. Requires OpenSSL
PeerVPN is licensed under GPLv3.
Version 0.042 (2015-01-21)
source code: peervpn-0-042.tar.gz
statically linked x86 binary for Linux: peervpn-0-042-linux-x86.tar.gz
www.peervpn.net
Suppose you installed PeerVPN on two Linux computers, which we will call “Node A” and “Node B”.
Create a peervpn.conf file with the following contents:
UDP port 7000 will be opened and a virtual Ethernet interface created under the name peervpn0 and with the address 10.8.0.1.
Node A must be accessible directly from node B. If node A is behind NAT, you must forward port 7000.
Create a peervpn.conf file with the following contents:
Instead of node-a.example.com, you need to substitute the address of node A.
Run PeerVPN on both nodes. The peervpn0 interface should appear on each. Installing a VPN tunnel may take some time. Try pinging 10.8.0.2 from host A or 10.8.0.1 from host B. If a response is received, then the VPN works!
Copy peervpn.conf from host B to the new host and change the IP in the ifconfig command to 10.8.0.3, 10.8.0.4, etc. When starting a node, a tunnel to node A will be built first, and after a while - to node B and other network nodes.
PeerVPN
This is a program that creates a virtual LAN from several remote computers. Such networks can be useful for direct communication between applications, such as file or game sharing. Often, it is not possible to establish this interaction in the usual way because of firewalls or NAT.
Traditional VPNs operate on a client-server scheme, when many nodes connect to a single server. Such a stellar topology has flaws. The central server must have high bandwidth to handle all network traffic. If the server crashes, the network crashes.
PeerVPN operates on a distributed technology where all nodes communicate with each other without the need for a central server. If one node is disconnected, this does not affect the network.
Setting up a network is easy. You need to set the network name, password and contact information (IP and port) of another node. Adding new nodes does not require reconfiguration of the network, their addresses are distributed over the network automatically.
The properties
- Ethernet support through TAP
- IPv6 support
- distributed technology
- automatic tunnel lifting through firewall and NAT without additional settings
- support for shared keys and authorization
Platforms
Linux and FreeBSD. Requires OpenSSL
License
PeerVPN is licensed under GPLv3.
Download
Version 0.042 (2015-01-21)
source code: peervpn-0-042.tar.gz
statically linked x86 binary for Linux: peervpn-0-042-linux-x86.tar.gz
Webpage
www.peervpn.net
Setup Example
Suppose you installed PeerVPN on two Linux computers, which we will call “Node A” and “Node B”.
Configure Node A
Create a peervpn.conf file with the following contents:
port 7000
networkname ExampleNet
psk mysecretpassword
enabletunneling yes
interface peervpn0
ifconfig4 10.8.0.1/24
UDP port 7000 will be opened and a virtual Ethernet interface created under the name peervpn0 and with the address 10.8.0.1.
Node A must be accessible directly from node B. If node A is behind NAT, you must forward port 7000.
Configure Node B
Create a peervpn.conf file with the following contents:
port 7000
networkname ExampleNet
psk mysecretpassword
enabletunneling yes
interface peervpn0
ifconfig4 10.8.0.2/24
initpeers node-a.example.com 7000
Instead of node-a.example.com, you need to substitute the address of node A.
Testing
Run PeerVPN on both nodes. The peervpn0 interface should appear on each. Installing a VPN tunnel may take some time. Try pinging 10.8.0.2 from host A or 10.8.0.1 from host B. If a response is received, then the VPN works!
Adding nodes to the network
Copy peervpn.conf from host B to the new host and change the IP in the ifconfig command to 10.8.0.3, 10.8.0.4, etc. When starting a node, a tunnel to node A will be built first, and after a while - to node B and other network nodes.