https://github.com/mehrdadrad/radvpn
Decentralized VPN
https://github.com/mehrdadrad/radvpn
cbc crypto decentralized gcm golang security vpn
Last synced: 11 days ago
JSON representation
Decentralized VPN
- Host: GitHub
- URL: https://github.com/mehrdadrad/radvpn
- Owner: mehrdadrad
- License: mit
- Created: 2019-10-23T02:10:53.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2020-05-22T21:45:10.000Z (almost 5 years ago)
- Last Synced: 2025-04-04T02:07:07.559Z (20 days ago)
- Topics: cbc, crypto, decentralized, gcm, golang, security, vpn
- Language: Go
- Homepage:
- Size: 268 KB
- Stars: 1,165
- Watchers: 42
- Forks: 87
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - mehrdadrad/radvpn - Decentralized VPN (Go)
- awesome-network-stuff - **910**星
README
## Decentralized VPN
[](https://travis-ci.org/mehrdadrad/radvpn)
[](https://goreportcard.com/report/github.com/mehrdadrad/radvpn)
[](https://godoc.org/github.com/mehrdadrad/radvpn)
The RadVPN doesn't need any central point as it connects to other nodes directly (full mesh) it has built-in router that helps packets to route to the approperate destinations. there are two options for configuration: yaml file and if you want to have central configuration management it supports [etcd](https://github.com/etcd-io/etcd). for the time being it supports symmetric encryptions and Linux platform.
## Build
Given that the Go Language compiler (version 1.11 or greater is required) is installed, you can build it with:
```bash
go get github.com/mehrdadrad/radvpn
cd $GOPATH/src/github.com/mehrdadrad/radvpn
go build .
```## Docker
```bash
docker pull mehrdadrad/radvpn:latest
docker run --privileged -d -p 8085:8085 -v $(pwd)/radvpn.yaml:/etc/radvpn.yaml -e RADVPN_NODE_NAME=node1 mehrdadrad/radvpn:latest
```## Basic Config
With the default it tries to load config.yaml file individually at each node, but it can be configured to use same configuration through [etcd](https://github.com/etcd-io/etcd). Once the configuration is changed, it loads and applies new changes by itself. Below yaml is a sample configuration:
```yaml
revision: 1crypto:
type: gcm
key: 6368616e676520746869732070617373776f726420746f206120736563726574nodes:
- node:
name: node1
address: 8.121.55.10
privateAddresses:
- 10.0.1.1/24
privateSubnets:
- 10.0.1.0/24
- node:
name: node2
address: 84.12.92.45
privateAddresses:
- 10.0.2.1/24
privateSubnets:
- 10.0.2.0/24
```
### Run
```bash
radvpn -config radvpn.conf
```### Configuration keys
- revision - the watcher works based on the revision number; once it increased, the configuration will be loaded immediately
- server
- keepalive - frequency duration of radvpn-to-radvpn ping to check if a connection is alive (default is 10 seconds)
- insecure - disable encryption (default is false)
- mtu - sets the mtu of the tunnel interface
- maxworkers - sets number of concurrent workers (read/write to/from tunnel concurrently)
- address - sets ip address and ports (format : ip:port)
- name - sets the name of the current node
- crypto
- type
- gcm - galois/counter mode
- cbc - cipher block chaining
- key - secret key
- etcd
- endpoints - sets the etcd endpoints
- timeout - sets etcd endpoints timeout
- nodes
- node
- name - node's name
- address - node's external ip address
- privateAddresses - sets private address(es) on the tunnel interface
- privateSubnets - sets reachable subnet(s) from currect node### Configuration with [etcd](https://github.com/etcd-io/etcd)
[sample configuration](https://github.com/mehrdadrad/radvpn/blob/master/radvpn.yaml)
#### Run with etcd
```bash
radvpn -config radvpn.conf -etcd
```
#### Update etcd from yaml file
```bash
radvpn -update etcd -config radvpn.yaml
```## License
This project is licensed under MIT license. Please read the LICENSE file.## Contribute
Welcomes any kind of contribution, please follow the next steps:- Fork the project on github.com.
- Create a new branch.
- Commit changes to the new branch.
- Send a pull request.