github.com/mehrdadrad/vpn

v0.0.0-20200522214510-938d0d652fd3
Source
Go

Version published: 5 years ago

Created: 5 years ago

Source

Decentralized VPN

Alt text

The RadVPN doesn't need any central point as it connects to other nodes directly (full mesh) it has built-in router that helps packets to route to the approperate destinations. there are two options for configuration: yaml file and if you want to have central configuration management it supports etcd. for the time being it supports symmetric encryptions and Linux platform.

Build

Given that the Go Language compiler (version 1.11 or greater is required) is installed, you can build it with:

go get github.com/mehrdadrad/radvpn
cd $GOPATH/src/github.com/mehrdadrad/radvpn
go build .

Docker

docker pull mehrdadrad/radvpn:latest
docker run --privileged -d -p 8085:8085 -v $(pwd)/radvpn.yaml:/etc/radvpn.yaml -e RADVPN_NODE_NAME=node1 mehrdadrad/radvpn:latest

Basic Config

With the default it tries to load config.yaml file individually at each node, but it can be configured to use same configuration through etcd. Once the configuration is changed, it loads and applies new changes by itself. Below yaml is a sample configuration:

Alt text

revision: 1

crypto:
  type: gcm
  key: 6368616e676520746869732070617373776f726420746f206120736563726574

nodes:
  - node:
      name: node1
      address: 8.121.55.10
      privateAddresses:
        - 10.0.1.1/24
      privateSubnets:
        - 10.0.1.0/24
  - node:
      name: node2
      address: 84.12.92.45
      privateAddresses:
        - 10.0.2.1/24
      privateSubnets:
        - 10.0.2.0/24

Run

radvpn -config radvpn.conf

Configuration keys

revision - the watcher works based on the revision number; once it increased, the configuration will be loaded immediately
server
- keepalive - frequency duration of radvpn-to-radvpn ping to check if a connection is alive (default is 10 seconds)
- insecure - disable encryption (default is false)
- mtu - sets the mtu of the tunnel interface
- maxworkers - sets number of concurrent workers (read/write to/from tunnel concurrently)
- address - sets ip address and ports (format : ip:port)
- name - sets the name of the current node
crypto
- type
  - gcm - galois/counter mode
  - cbc - cipher block chaining
- key - secret key
etcd
- endpoints - sets the etcd endpoints
- timeout - sets etcd endpoints timeout
nodes
- node
  - name - node's name
  - address - node's external ip address
  - privateAddresses - sets private address(es) on the tunnel interface
  - privateSubnets - sets reachable subnet(s) from currect node

Configuration with etcd

Alt text

sample configuration

Run with etcd

radvpn -config radvpn.conf -etcd

Update etcd from yaml file

radvpn -update etcd -config radvpn.yaml

License

This project is licensed under MIT license. Please read the LICENSE file.

Contribute

Welcomes any kind of contribution, please follow the next steps:

Fork the project on github.com.
Create a new branch.
Commit changes to the new branch.
Send a pull request.

FAQs

What is github.com/mehrdadrad/vpn?

Package last updated on 22 May 2020

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install