The parent project is mynet. This module is responsible for creating a VPN through all required devices. It could be used as a separate solution (on a server, for example), but it was supposed to use mynet on desktops
We use:
- IPFS. It's used as:
- Node discovery (using their DHT).
- Fallback connector (when it's impossible to connect nodes directly).
- STUN-replacement (tools to pass-trough a NAT).
- Messenger (to send notification among nodes).
- WireGuard. It's used as the VPN implementation. If OS doesn't support WireGuard then we detect it and use an userspace implementation.
An ipvpn node is also a full ipfs node, so it consumes some traffic background.
Used techniques:
- UDP hole punching
- Planned: UPnP IGD
- Planned: Relaying
- Linux or MacOS only, yet
- Linux or MacOS only, yet
- Go>=1.13
Just run on all your nodes (the sample commands):
# install
GO111MODULE=on go get github.com/my-network/ipvpn/cmd/ipvpnd
sudo mkdir /var/run/wireguard
sudo chown $UID /var/run/wireguard
sudo setcap cap_net_raw,cap_net_admin+ep `go env GOPATH`/bin/ipvpnd
# configure
mkdir -p "$HOME/.ipvpn"
echo "my_unique_network_name_here" > "$HOME/.ipvpn/network_id.txt"
echo "my_password_here" > "$HOME/.ipvpn/password_new.txt"
# run
`go env GOPATH`/bin/ipvpnd
# in other terminal, check:
ip a show dev ipvpn_direct
ip a show dev ipvpn_tunnel
ping -c 5 10.197.202.1
ping -c 5 10.197.203.1my_unique_network_hereshould be replaced by a name of you virtual private networkmy_password_hereshould be replaced by some secret string
That's it. If my_unique_network_here and my_password_here will match through all of your nodes then they will build an overlay
network automatically.