3.3 KiB
VpnCloud - Peer-to-Peer VPN
VpnCloud is a high performance peer-to-peer mesh VPN over UDP supporting strong encryption, NAT traversal and a simple configuration. It establishes a fully-meshed self-healing VPN network in a peer-to-peer manner with strong end-to-end encryption based on elliptic curve keys and AES-256. VpnCloud creates a virtual network interface on the host and forwards all received data via UDP to the destination. It can work on TUN devices (IP based) and TAP devices (Ethernet based).
$> vpncloud -c REMOTE_HOST:PORT -p 'mypassword' --ip 10.0.0.1/24
or as config file:
crypto:
password: mysecret
ip: 10.0.0.1
peers:
- REMOTE_HOST:PORT
For more information, please see the Website or the Discussions group.
Project Status
This project is still under development but has reached a somewhat stable state. VpnCloud features the following functionality:
- Automatic peer-to-peer meshing, no central servers
- Automatic reconnecting when connections are lost
- Connecting hundreds of nodes with the VPN
- High throughput and low additional latency (see performance page)
- Creating virtual network interfaces based on Ethernet (TAP) and IP (TUN)
- Strong end-to-end encryption using Curve25519 key pairs and AES methods
- Support for different forwarding/routing behaviors (Hub, Switch, Router)
- NAT and firewall traversal using hole punching
- Automatic port forwarding via UPnP
- Websocket proxy mode for restrictive environments
- Support for tunneled VLans (TAP devices)
- Support for publishing beacons to help nodes find each others
- Support for statsd monitoring
- Low memory footprint
- Single binary, no dependencies, no kernel module
Installing
Compiling from source
Prerequisites: Git, Cargo, asciidoctor
The checked-out code can be compiled with cargo build
or cargo build --release
(release version). The binary could then be found in target/release/vpncloud
.
The tests can be run via cargo test
.
Cross-Compiling & packaging
Please see the builder folder.
Contributions welcome
There are several areas in which still some work has to be done and where contributions are very welcome:
- Linux packages: VpnCloud is stable enough to be packaged for Linux distributions. Maintainers who want to package VpnCloud are very welcome.
- Help with other platforms: If you are a Rust developer with experience on Windows or MacOS your help on porting VpnCloud to those platforms is very welcome.
- Security review: The security has been implemented with strong security primitives but it would be great if a cryptography expert could verify the system.
- Feedback on use cases: Some feedback on how VpnCloud is being used and maybe some tutorials covering common use cases would be nice.
Semantic Versioning
This project uses semantic versioning.