Changed readme

This commit is contained in:
Dennis Schwerdel 2016-06-01 21:51:22 +02:00
parent b73415b48c
commit 3359176380
2 changed files with 17 additions and 96 deletions

View File

@ -15,8 +15,7 @@ between two nodes can be as easy as:
vpncloud -c REMOTE_HOST:PORT --ifup 'ifconfig $IFNAME 10.0.0.1/24 mtu 1400 up'
```
More details can be found in [the manpage](vpncloud.md).
Some performance measurements can be found [here](performance.md).
For more information, please see the [Wiki](wiki).
### Project Status
@ -25,21 +24,30 @@ This project is still [under development](CHANGELOG.md) but has reached a
somewhat stable state. VpnCloud features the following functionality:
* Setting up tunnels between two networks via Ethernet (TAP) and IP (TUN)
* Connecting multiple networks with multiple forwarding behaviors (Hub, Switch, Router)
* Connecting multiple networks with multiple forwarding behaviors (Hub, Switch,
Router)
* Encrypted connections using [libsodium](https://github.com/jedisct1/libsodium)
* Automatic peer-to-peer meshing, no central servers
* NAT and (limited) firewall traversal using hole punching
* Automatic reconnecting when connections are lost
* Non-native forwarding modes, e.g. IP based learning switch and prefix routed Ethernet networks.
* High throughput and low additional latency (see [performance page](performance.md))
* Non-native forwarding modes, e.g. IP based learning switch and prefix routed
Ethernet networks.
* High throughput and low additional latency (see [performance page](wiki/Performance-Measurements))
* Support for tunneled VLans (TAP device)
However there are some open issues:
* Encryption has not been formally reviewed, use with care.
* The tests might be missing some corner cases and more field tests would be nice.
### Contributions welcome
Please feel free to help and contribute code.
There are several areas in which still some work has to be done and where
contributions are very welcome:
* **Linux packages**: VpnCloud is stable enough to be packaged for Linux
distributions.
* **Security review**: The security has been implemented with strong security
primitives but it would great if a cryptography expert could verify the
system.
* **Feedback on use cases**: Some feedback on how VpnCloud is being used and
maybe some tutorials covering common use cases would be nice.
### Semantic Versioning

View File

@ -1,87 +0,0 @@
Performance Tests
-----------------
### Test setup
Sender node:
* Intel(R) Core(TM) i5-2540M CPU @ 2.60GHz
* 8 GiB Ram
* Intel 82579LM Gigabit Network
* Ubuntu 14.04 (Kernel 3.13.0-65-generic)
Receiver node:
* Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
* 16 GiB Ram
* Realtek RTL8111/8168/8411 Gigabit Network
* Ubuntu 14.04 (Kernel 3.13.0-63-generic)
VpnCloud version: `VpnCloud v0.5.0, protocol version 1, libsodium 1.0.10 (AES256: true)`
The sender runs the following command:
```
$> ./vpncloud -t tap -l 3210 -c RECEIVER:3210 --ifup 'ifconfig $IFNAME 10.0.0.1/24 mtu 1400 up' &
```
and the receiver runs:
```
$> ./vpncloud -t tap -l 3210 -c SENDER:3210 --ifup 'ifconfig $IFNAME 10.0.0.2/24 mtu 1400 up' &
$> iperf -s &
$> top
```
For encrypted tests, `--shared-key test --crypto METHOD` is appended.
For increased MTU tests `mtu 7000` is used in `--ifup`.
### Throughput
The throughput is measured with the following command:
```
$> iperf -c DST -t 30
```
The test is run in 3 steps:
* Native throughput without VpnCloud (`DST` is the native address of the receiver)
* Throughput via VpnCloud (`DST` is `10.0.0.2`)
* Encrypted throughput via VpnCloud (`DST` is `10.0.0.2`)
| Throughput test | Bandwidth | CPU usage (one core) |
| --------------------------------------- | ------------- | -------------------- |
| Without VpnCloud | 923 Mbits/sec | - |
| Unencrypted VpnCloud | 881 Mbits/sec | 85% / 95% |
| Encrypted VpnCloud (ChaCha20) | 820 Mbits/sec | 90% / 90% |
| Encrypted VpnCloud (AES256) | 832 Mbits/sec | 85% / 85% |
| Unencrypted VpnCloud (MTU 7000) | 942 Mbits/sec | 75% / 75% |
| Encrypted VpnCloud (ChaCha20, MTU 7000) | 923 Mbits/sec | 75% / 75% |
| Encrypted VpnCloud (AES256, MTU 7000) | 926 Mbits/sec | 75% / 75% |
### Latency
The latency is measured with the following command:
```
$> ping DST -c 30000 -i 0.001 -s SIZE -U -q
```
For all the test, the second best average RTT out of 5 runs is selected.
The latency is assumed to be half of the RTT.
| Payload size | 100 bytes | 500 bytes | 1000 bytes |
| ----------------------------- | --------------- | --------------- | --------------- |
| Without VpnCloud | 159 µs | 167 µs | 174 µs |
| Unencrypted VpnCloud | 223 µs (+64 µs) | 233 µs (+66 µs) | 245 µs (+71 µs) |
| Encrypted VpnCloud (ChaCha20) | 236 µs (+12 µs) | 250 µs (+17 µs) | 266 µs (+21 µs) |
| Encrypted VpnCloud (AES256) | 230 µs ( +7 µs) | 239 µs ( +6 µs) | 258 µs (+13 µs) |
### Conclusion
* VpnCloud achieves over 850 MBit/s with default MTU settings.
* In encrypted mode, VpnCloud reaches over 800 MBit/s with default MTU settings.
* With increased MTU, VpnCloud reaches over 900 Mbit/s, encrypted and unencrypted.
* VpnCloud adds about 70µs to the latency.
* Encryption adds an additional latency up to 20µs.