Skip to content

Latest commit

 

History

History
69 lines (51 loc) · 2.11 KB

README.md

File metadata and controls

69 lines (51 loc) · 2.11 KB

Intro

The parent project is mynet. This module is responsible for creating a VPN through all required devices. It could be used as a separate solution (on a server, for example), but it was supposed to use mynet on desktops

Architecture

We use:

  • IPFS. It's used as:
    • Node discovery (using their DHT).
    • Fallback connector (when it's impossible to connect nodes directly).
    • STUN-replacement (tools to pass-trough a NAT).
    • Messenger (to send notification among nodes).
  • WireGuard. It's used as the VPN implementation. If OS doesn't support WireGuard then we detect it and use an userspace implementation.

An ipvpn node is also a full ipfs node, so it consumes some traffic background.

NAT traversal

Used techniques:

Requirements

Run:

  • Linux or MacOS only, yet

Build:

  • Linux or MacOS only, yet
  • Go>=1.13

Quick start

Just run on all your nodes (the sample commands):

# install
GO111MODULE=on go get github.com/my-network/ipvpn/cmd/ipvpnd
sudo mkdir /var/run/wireguard
sudo chown $UID /var/run/wireguard
sudo setcap cap_net_raw,cap_net_admin+ep `go env GOPATH`/bin/ipvpnd

# configure
mkdir -p "$HOME/.ipvpn"
echo "my_unique_network_name_here" > "$HOME/.ipvpn/network_id.txt"
echo "my_password_here" > "$HOME/.ipvpn/password_new.txt"

# run
`go env GOPATH`/bin/ipvpnd

# in other terminal, check:
ip a show dev ipvpn_direct
ip a show dev ipvpn_tunnel
ping -c 5 10.197.202.1
ping -c 5 10.197.203.1
  • my_unique_network_here should be replaced by a name of you virtual private network
  • my_password_here should be replaced by some secret string

That's it. If my_unique_network_here and my_password_here will match through all of your nodes then they will build an overlay network automatically.

Similar projects