mirror of https://github.com/dswd/vpncloud.git
Some updates
This commit is contained in:
parent
d9a2ee28cc
commit
ecebd2aab8
|
@ -847,9 +847,9 @@ dependencies = [
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "serde_json"
|
name = "serde_json"
|
||||||
version = "1.0.61"
|
version = "1.0.62"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "4fceb2595057b6891a4ee808f70054bd2d12f0e97f1cbb78689b59f676df325a"
|
checksum = "ea1c6153794552ea7cf7cf63b1231a25de00ec90db326ba6264440fa08e31486"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"itoa",
|
"itoa",
|
||||||
"ryu",
|
"ryu",
|
||||||
|
|
|
@ -35,6 +35,7 @@ somewhat stable state. VpnCloud features the following functionality:
|
||||||
* Support for different forwarding/routing behaviors (Hub, Switch, Router)
|
* Support for different forwarding/routing behaviors (Hub, Switch, Router)
|
||||||
* NAT and firewall traversal using hole punching
|
* NAT and firewall traversal using hole punching
|
||||||
* Automatic port forwarding via UPnP
|
* Automatic port forwarding via UPnP
|
||||||
|
* Websocket proxy mode for restrictive environments
|
||||||
* Support for tunneled VLans (TAP devices)
|
* Support for tunneled VLans (TAP devices)
|
||||||
* Support for publishing [beacons](https://vpncloud.ddswd.de/docs/beacons) to help nodes find each others
|
* Support for publishing [beacons](https://vpncloud.ddswd.de/docs/beacons) to help nodes find each others
|
||||||
* Support for statsd monitoring
|
* Support for statsd monitoring
|
||||||
|
@ -61,6 +62,9 @@ contributions are very welcome:
|
||||||
|
|
||||||
* **Linux packages**: VpnCloud is stable enough to be packaged for Linux
|
* **Linux packages**: VpnCloud is stable enough to be packaged for Linux
|
||||||
distributions. Maintainers who want to package VpnCloud are very welcome.
|
distributions. Maintainers who want to package VpnCloud are very welcome.
|
||||||
|
* **Help with other platforms**: If you are a Rust developer with experience
|
||||||
|
on Windows or MacOS your help on porting VpnCloud to those platforms is very
|
||||||
|
welcome.
|
||||||
* **Security review**: The security has been implemented with strong security
|
* **Security review**: The security has been implemented with strong security
|
||||||
primitives but it would be great if a cryptography expert could verify the
|
primitives but it would be great if a cryptography expert could verify the
|
||||||
system.
|
system.
|
||||||
|
|
|
@ -0,0 +1,81 @@
|
||||||
|
AWSTemplateFormatVersion: 2010-09-09
|
||||||
|
Description: |
|
||||||
|
VpnCloud Websocket Proxy
|
||||||
|
This will configure a websocket proxy to be used with VpnCloud.
|
||||||
|
Versions: Ubuntu Server 20.04 LTS + VpnCloud 2.1.0
|
||||||
|
Parameters:
|
||||||
|
LatestAmiId:
|
||||||
|
Description: "Image to use (just leave this as it is)"
|
||||||
|
Type: 'AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>'
|
||||||
|
Default: '/aws/service/canonical/ubuntu/server/20.04/stable/current/arm64/hvm/ebs-gp2/ami-id'
|
||||||
|
AllowedValues:
|
||||||
|
- '/aws/service/canonical/ubuntu/server/20.04/stable/current/arm64/hvm/ebs-gp2/ami-id'
|
||||||
|
Resources:
|
||||||
|
ProxySecurityGroup:
|
||||||
|
Type: 'AWS::EC2::SecurityGroup'
|
||||||
|
Properties:
|
||||||
|
GroupDescription: Enable HTTP access via port 80 and any UDP port
|
||||||
|
SecurityGroupIngress:
|
||||||
|
- IpProtocol: tcp
|
||||||
|
FromPort: '80'
|
||||||
|
ToPort: '80'
|
||||||
|
CidrIp: 0.0.0.0/0
|
||||||
|
- IpProtocol: udp
|
||||||
|
FromPort: '1024'
|
||||||
|
ToPort: '65535'
|
||||||
|
CidrIp: 0.0.0.0/0
|
||||||
|
LaunchTemplate:
|
||||||
|
Type: AWS::EC2::LaunchTemplate
|
||||||
|
DependsOn:
|
||||||
|
- ProxySecurityGroup
|
||||||
|
Properties:
|
||||||
|
LaunchTemplateData:
|
||||||
|
ImageId: !Ref LatestAmiId
|
||||||
|
SecurityGroups:
|
||||||
|
- !Ref ProxySecurityGroup
|
||||||
|
InstanceMarketOptions:
|
||||||
|
MarketType: spot
|
||||||
|
InstanceType: t4g.nano
|
||||||
|
TagSpecifications:
|
||||||
|
- ResourceType: instance
|
||||||
|
Tags:
|
||||||
|
- Key: Name
|
||||||
|
Value: VpnCloud WS Proxy
|
||||||
|
CreditSpecification:
|
||||||
|
CpuCredits: standard
|
||||||
|
BlockDeviceMappings:
|
||||||
|
- DeviceName: /dev/sda1
|
||||||
|
Ebs:
|
||||||
|
VolumeType: standard
|
||||||
|
VolumeSize: '8'
|
||||||
|
DeleteOnTermination: 'true'
|
||||||
|
Encrypted: 'false'
|
||||||
|
UserData:
|
||||||
|
Fn::Base64: !Sub |
|
||||||
|
#cloud-config
|
||||||
|
packages:
|
||||||
|
- iperf3
|
||||||
|
- socat
|
||||||
|
runcmd:
|
||||||
|
- wget https://github.com/dswd/vpncloud/releases/download/v2.1.0/vpncloud_2.1.0_arm64.deb -O /tmp/vpncloud.deb
|
||||||
|
- dpkg -i /tmp/vpncloud.deb
|
||||||
|
- nohup vpncloud ws-proxy -l 80 &
|
||||||
|
ProxyInstance:
|
||||||
|
Type: 'AWS::EC2::Instance'
|
||||||
|
DependsOn:
|
||||||
|
- LaunchTemplate
|
||||||
|
Properties:
|
||||||
|
LaunchTemplate:
|
||||||
|
LaunchTemplateId:
|
||||||
|
Ref: LaunchTemplate
|
||||||
|
Version: 1
|
||||||
|
Outputs:
|
||||||
|
ProxyURL:
|
||||||
|
Description: URL to use in VpnCloud config
|
||||||
|
Value: !Join
|
||||||
|
- ''
|
||||||
|
- - 'ws://'
|
||||||
|
- !GetAtt
|
||||||
|
- ProxyInstance
|
||||||
|
- PublicDnsName
|
||||||
|
- ':80'
|
|
@ -6,8 +6,8 @@ import time
|
||||||
setup = EC2Environment(
|
setup = EC2Environment(
|
||||||
region = "eu-central-1",
|
region = "eu-central-1",
|
||||||
node_count = 2,
|
node_count = 2,
|
||||||
instance_type = 't3.nano',
|
instance_type = 't3a.nano',
|
||||||
vpncloud_version = "1.4.0"
|
vpncloud_version = "2.1.0"
|
||||||
)
|
)
|
||||||
|
|
||||||
sender = setup.nodes[0]
|
sender = setup.nodes[0]
|
||||||
|
|
|
@ -0,0 +1,165 @@
|
||||||
|
{
|
||||||
|
"meta": {
|
||||||
|
"region": "eu-central-1",
|
||||||
|
"instance_type": "m5.large",
|
||||||
|
"ami": "ami-0a6dc7529cd559185",
|
||||||
|
"version": "2.1.0",
|
||||||
|
"duration": 622.053159236908
|
||||||
|
},
|
||||||
|
"native": {
|
||||||
|
"iperf": {
|
||||||
|
"throughput": 9672965000.0,
|
||||||
|
"cpu_sender": 11.936759,
|
||||||
|
"cpu_receiver": 70.348812
|
||||||
|
},
|
||||||
|
"ping_100": {
|
||||||
|
"rtt_min": 0.046,
|
||||||
|
"rtt_max": 0.246,
|
||||||
|
"rtt_avg": 0.053,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
},
|
||||||
|
"ping_500": {
|
||||||
|
"rtt_min": 0.048,
|
||||||
|
"rtt_max": 0.183,
|
||||||
|
"rtt_avg": 0.055,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
},
|
||||||
|
"ping_1000": {
|
||||||
|
"rtt_min": 0.05,
|
||||||
|
"rtt_max": 0.272,
|
||||||
|
"rtt_avg": 0.057,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"plain": {
|
||||||
|
"iperf": {
|
||||||
|
"throughput": 5728527000.0,
|
||||||
|
"cpu_sender": 11.004746,
|
||||||
|
"cpu_receiver": 67.527328
|
||||||
|
},
|
||||||
|
"ping_100": {
|
||||||
|
"rtt_min": 0.078,
|
||||||
|
"rtt_max": 0.372,
|
||||||
|
"rtt_avg": 0.095,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
},
|
||||||
|
"ping_500": {
|
||||||
|
"rtt_min": 0.078,
|
||||||
|
"rtt_max": 0.272,
|
||||||
|
"rtt_avg": 0.094,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
},
|
||||||
|
"ping_1000": {
|
||||||
|
"rtt_min": 0.082,
|
||||||
|
"rtt_max": 0.217,
|
||||||
|
"rtt_avg": 0.096,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"aes256": {
|
||||||
|
"iperf": {
|
||||||
|
"throughput": 3706944000.0,
|
||||||
|
"cpu_sender": 6.465523,
|
||||||
|
"cpu_receiver": 60.216674
|
||||||
|
},
|
||||||
|
"ping_100": {
|
||||||
|
"rtt_min": 0.079,
|
||||||
|
"rtt_max": 0.28,
|
||||||
|
"rtt_avg": 0.097,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
},
|
||||||
|
"ping_500": {
|
||||||
|
"rtt_min": 0.079,
|
||||||
|
"rtt_max": 13.372,
|
||||||
|
"rtt_avg": 0.099,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
},
|
||||||
|
"ping_1000": {
|
||||||
|
"rtt_min": 0.086,
|
||||||
|
"rtt_max": 0.358,
|
||||||
|
"rtt_avg": 0.102,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"aes128": {
|
||||||
|
"iperf": {
|
||||||
|
"throughput": 3876646000.0,
|
||||||
|
"cpu_sender": 6.800352,
|
||||||
|
"cpu_receiver": 61.738244
|
||||||
|
},
|
||||||
|
"ping_100": {
|
||||||
|
"rtt_min": 0.078,
|
||||||
|
"rtt_max": 0.219,
|
||||||
|
"rtt_avg": 0.096,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
},
|
||||||
|
"ping_500": {
|
||||||
|
"rtt_min": 0.083,
|
||||||
|
"rtt_max": 0.232,
|
||||||
|
"rtt_avg": 0.097,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
},
|
||||||
|
"ping_1000": {
|
||||||
|
"rtt_min": 0.087,
|
||||||
|
"rtt_max": 0.327,
|
||||||
|
"rtt_avg": 0.099,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"chacha20": {
|
||||||
|
"iperf": {
|
||||||
|
"throughput": 2917879000.0,
|
||||||
|
"cpu_sender": 5.066722,
|
||||||
|
"cpu_receiver": 55.171241
|
||||||
|
},
|
||||||
|
"ping_100": {
|
||||||
|
"rtt_min": 0.081,
|
||||||
|
"rtt_max": 0.283,
|
||||||
|
"rtt_avg": 0.097,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
},
|
||||||
|
"ping_500": {
|
||||||
|
"rtt_min": 0.087,
|
||||||
|
"rtt_max": 0.348,
|
||||||
|
"rtt_avg": 0.103,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
},
|
||||||
|
"ping_1000": {
|
||||||
|
"rtt_min": 0.088,
|
||||||
|
"rtt_max": 0.309,
|
||||||
|
"rtt_avg": 0.105,
|
||||||
|
"pkt_loss": 0.0
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"results": {
|
||||||
|
"throughput_mbits": {
|
||||||
|
"native": 9672.965,
|
||||||
|
"plain": 5728.527,
|
||||||
|
"aes256": 3706.944,
|
||||||
|
"aes128": 3876.646,
|
||||||
|
"chacha20": 2917.879
|
||||||
|
},
|
||||||
|
"latency_us": {
|
||||||
|
"plain": {
|
||||||
|
"100": 21.0,
|
||||||
|
"500": 19.5,
|
||||||
|
"1000": 19.5
|
||||||
|
},
|
||||||
|
"aes256": {
|
||||||
|
"100": 22.000000000000004,
|
||||||
|
"500": 22.000000000000004,
|
||||||
|
"1000": 22.499999999999996
|
||||||
|
},
|
||||||
|
"aes128": {
|
||||||
|
"100": 21.5,
|
||||||
|
"500": 21.0,
|
||||||
|
"1000": 21.0
|
||||||
|
},
|
||||||
|
"chacha20": {
|
||||||
|
"100": 22.000000000000004,
|
||||||
|
"500": 23.999999999999996,
|
||||||
|
"1000": 23.999999999999996
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -8,7 +8,7 @@ from datetime import date
|
||||||
# Note: this script will run for ~8 minutes and incur costs of about $ 0.02
|
# Note: this script will run for ~8 minutes and incur costs of about $ 0.02
|
||||||
|
|
||||||
FILE = "../target/release/vpncloud"
|
FILE = "../target/release/vpncloud"
|
||||||
VERSION = "2.0.1"
|
VERSION = "2.1.0"
|
||||||
REGION = "eu-central-1"
|
REGION = "eu-central-1"
|
||||||
|
|
||||||
env = EC2Environment(
|
env = EC2Environment(
|
||||||
|
|
|
@ -5,11 +5,11 @@ import atexit, argparse, os
|
||||||
|
|
||||||
REGION = "eu-central-1"
|
REGION = "eu-central-1"
|
||||||
|
|
||||||
VERSION = "2.0.1"
|
VERSION = "2.1.0"
|
||||||
|
|
||||||
|
|
||||||
parser = argparse.ArgumentParser(description='Create a test setup')
|
parser = argparse.ArgumentParser(description='Create a test setup')
|
||||||
parser.add_argument('--instancetype', default='t3.nano', help='EC2 instance type')
|
parser.add_argument('--instancetype', default='t3a.nano', help='EC2 instance type')
|
||||||
parser.add_argument('--version', default=VERSION, help='VpnCloud version to use')
|
parser.add_argument('--version', default=VERSION, help='VpnCloud version to use')
|
||||||
parser.add_argument('--count', '-c', dest="count", type=int, default=2, help='Number of instance to create')
|
parser.add_argument('--count', '-c', dest="count", type=int, default=2, help='Number of instance to create')
|
||||||
parser.add_argument('--cluster', action="store_true", help='Cluster instances to get reliable throughput')
|
parser.add_argument('--cluster', action="store_true", help='Cluster instances to get reliable throughput')
|
||||||
|
|
Loading…
Reference in New Issue