0f9a0d8f91
* Add ability to configure “own” addresses This configuration option permits the declaration of external or public addresses instead of attempting to learn them from port forwarding or interfaces. This is useful in situations where it isn’t possible to accurately obtain the correct external addresses that peers should use. * Update args and use better parse listen address Add the --advertise_addresses control argument to accompany the new configuration option. Also parse the listen address/port to extract the port to advertise with advertise_addresses instead of assuming it is just a port. |
||
|---|---|---|
| .cargo | ||
| .devcontainer | ||
| .github | ||
| .rpm | ||
| assets | ||
| benches | ||
| builder | ||
| contrib | ||
| src | ||
| .gitignore | ||
| CHANGELOG.md | ||
| Cargo.lock | ||
| Cargo.toml | ||
| LICENSE.md | ||
| README.md | ||
| build.rs | ||
| rustfmt.toml | ||
| vpncloud.adoc | ||
| vpncloud.code-workspace | ||
README.md
VpnCloud - Peer-to-Peer VPN
VpnCloud is a high performance peer-to-peer mesh VPN over UDP supporting strong encryption, NAT traversal and a simple configuration. It establishes a fully-meshed self-healing VPN network in a peer-to-peer manner with strong end-to-end encryption based on elliptic curve keys and AES-256. VpnCloud creates a virtual network interface on the host and forwards all received data via UDP to the destination. It can work on TUN devices (IP based) and TAP devices (Ethernet based).
$> vpncloud -c REMOTE_HOST:PORT -p 'mypassword' --ip 10.0.0.1/24
or as config file:
crypto:
password: mysecret
ip: 10.0.0.1
peers:
- REMOTE_HOST:PORT
For more information, please see the Website or the Discussions group.
Project Status
This project is still under development but has reached a somewhat stable state. VpnCloud features the following functionality:
- Automatic peer-to-peer meshing, no central servers
- Automatic reconnecting when connections are lost
- Connecting hundreds of nodes with the VPN
- High throughput and low additional latency (see performance page)
- Creating virtual network interfaces based on Ethernet (TAP) and IP (TUN)
- Strong end-to-end encryption using Curve25519 key pairs and AES methods
- Support for different forwarding/routing behaviors (Hub, Switch, Router)
- NAT and firewall traversal using hole punching
- Automatic port forwarding via UPnP
- Websocket proxy mode for restrictive environments
- Support for tunneled VLans (TAP devices)
- Support for publishing beacons to help nodes find each others
- Support for statsd monitoring
- Low memory footprint
- Single binary, no dependencies, no kernel module
Installing
Compiling from source
Prerequisites: Git, Cargo, asciidoctor
The checked-out code can be compiled with cargo build or cargo build --release (release version). The binary could then be found in target/release/vpncloud.
The tests can be run via cargo test.
Cross-Compiling & packaging
Please see the builder folder.
Contributions welcome
There are several areas in which still some work has to be done and where contributions are very welcome:
- Linux packages: VpnCloud is stable enough to be packaged for Linux distributions. Maintainers who want to package VpnCloud are very welcome.
- Help with other platforms: If you are a Rust developer with experience on Windows or MacOS your help on porting VpnCloud to those platforms is very welcome.
- Security review: The security has been implemented with strong security primitives but it would be great if a cryptography expert could verify the system.
- Feedback on use cases: Some feedback on how VpnCloud is being used and maybe some tutorials covering common use cases would be nice.
Semantic Versioning
This project uses semantic versioning.