mirror of
https://github.com/ntop/n2n.git
synced 2024-09-19 16:41:11 +02:00
Update readme
This commit is contained in:
parent
425b2bf0b8
commit
f88db76e10
12
README.md
12
README.md
|
@ -1,6 +1,8 @@
|
||||||
# N2N
|
# N2N
|
||||||
|
|
||||||
N2n is a light VPN software which make it easy to create virtual networks bypassing intermediate firewalls. In order to start using N2N, two elements are required:
|
N2n is a light VPN software which make it easy to create virtual networks bypassing intermediate firewalls.
|
||||||
|
|
||||||
|
In order to start using N2N, two elements are required:
|
||||||
|
|
||||||
- A *supernode*: it allows edge nodes to announce and discover other nodes. It must have a port publicly accessible on internet.
|
- A *supernode*: it allows edge nodes to announce and discover other nodes. It must have a port publicly accessible on internet.
|
||||||
|
|
||||||
|
@ -8,6 +10,8 @@ N2n is a light VPN software which make it easy to create virtual networks bypass
|
||||||
|
|
||||||
A virtual network shared between multiple edge nodes in n2n is called a *community*. A single supernode can relay multiple communities and a single PC can be part of multiple communities at the same time. An encryption key can be used by the edge nodes to encrypt the packets within their community.
|
A virtual network shared between multiple edge nodes in n2n is called a *community*. A single supernode can relay multiple communities and a single PC can be part of multiple communities at the same time. An encryption key can be used by the edge nodes to encrypt the packets within their community.
|
||||||
|
|
||||||
|
N2n tries to enstablish a direct P2P connection between the edge nodes when possible. When this is not possible (usually due to special NAT devices), the supernode is also used to relay the packets.
|
||||||
|
|
||||||
Quick Setup
|
Quick Setup
|
||||||
-----------
|
-----------
|
||||||
|
|
||||||
|
@ -118,6 +122,12 @@ Security considerations
|
||||||
|
|
||||||
n2n edge nodes use twofish encryption by default for compatibility reasons with existing versions.
|
n2n edge nodes use twofish encryption by default for compatibility reasons with existing versions.
|
||||||
|
|
||||||
|
**IMPORTANT** Encryption is only applied to the packet payload. Some metadata like the virtual MAC address
|
||||||
|
of the edge nodes, their IP address and the community are sent in cleartext.
|
||||||
|
|
||||||
|
When encryption is enabled, the supernode will not be able to decrypt the traffic exchanged between
|
||||||
|
two edge nodes, but it will now that edge A is talking with edge B.
|
||||||
|
|
||||||
Recently AES encryption support has been implemented, which increases both security and performance,
|
Recently AES encryption support has been implemented, which increases both security and performance,
|
||||||
so it is recommended to enable it on all the edge nodes by specifying the `-A` option.
|
so it is recommended to enable it on all the edge nodes by specifying the `-A` option.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user