enoch/n2n
1
0
Fork 0
mirror of https://github.com/ntop/n2n.git synced 2024-09-19 16:41:11 +02:00
Code Issues Actions Packages Projects Releases 1 Wiki Activity
N2N Mirror from https://github.com/ntop/n2n
175 Commits 7 Branches 7 Tags 5.4 MiB
C 93.4%
Shell 1.7%
Python 1.4%
Roff 1.3%
Makefile 1%
Other 1.2%
Go to file
Emanuele Faranda b7379a0ef1
Simplify and update readme
2019-06-20 22:40:49 +00:00
android Drop keyschedule support 2019-04-27 12:42:06 +02:00
doc Add the -i option to specify registration interval on edge nodes 2019-05-05 21:24:53 +02:00
legacy Code rework changes 2019-04-27 15:55:07 +02:00
openwrt/kamikaze Initial SVN import of n2n v2 2016-10-23 10:46:15 +02:00
packages Create n2n user and use in the supernode service 2019-06-19 00:45:47 +02:00
win32 eliminate compilation warnings 2019-06-04 00:09:15 +08:00
.gitignore Submit minor changes to enable Windows CMake builds w/o further mods. 2019-02-11 16:49:37 -05:00
autogen.sh Autogen for generatic configure 2018-10-07 11:38:05 +02:00
benchmark.c Code rework changes 2019-04-27 15:55:07 +02:00
CHANGELOG.md Added changelog file 2018-08-17 14:47:37 +02:00
CMakeLists.txt Remove keyfile leftover 2019-06-17 09:54:53 +02:00
community.list Added the ability to specify (-c) on the supernode the list of allowed communities 2018-09-28 22:31:45 +02:00
config.guess Added configure and autogen.sh 2018-10-07 11:37:19 +02:00
configure.ac Added configure and autogen.sh 2018-10-07 11:37:19 +02:00
contributors.txt Refreshed copyright and added contributors list 2018-06-06 09:57:31 +02:00
COPYING Initial SVN import of n2n v2 2016-10-23 10:46:15 +02:00
edge_utils.c Fix typo: 'enstablished' -> 'established' 2019-06-13 14:11:57 +01:00
edge.8 Add the -i option to specify registration interval on edge nodes 2019-05-05 21:24:53 +02:00
edge.c Drop privileges by default for edge nodes and add root warning 2019-06-19 01:14:54 +02:00
example_edge_embed.c n2n.h cleanup 2019-04-14 18:08:51 +02:00
INSTALL Initial SVN import of n2n v2 2016-10-23 10:46:15 +02:00
LICENSE Initial commit 2016-10-23 10:42:16 +02:00
lzoconf.h Initial SVN import of n2n v2 2016-10-23 10:46:15 +02:00
lzodefs.h Initial SVN import of n2n v2 2016-10-23 10:46:15 +02:00
Makefile.in Remove keyfile leftover 2019-06-17 09:54:53 +02:00
minilzo.c Initial SVN import of n2n v2 2016-10-23 10:46:15 +02:00
minilzo.h Initial SVN import of n2n v2 2016-10-23 10:46:15 +02:00
n2n_transforms.h Code rework changes 2019-04-27 15:55:07 +02:00
n2n_wire.h Implement query peer to try p2p during send 2019-06-08 22:04:10 +02:00
n2n.7 Reworked debian/ubuntu packaging 2018-06-20 20:23:28 +02:00
n2n.c Replace peers linked list with hash 2019-06-10 00:33:11 +02:00
n2n.h Remove unused field in peer_info 2019-06-10 09:35:13 +02:00
README.md Simplify and update readme 2019-06-20 22:40:49 +00:00
sn.c Drop privileges by default for edge nodes and add root warning 2019-06-19 01:14:54 +02:00
supernode.1 Initial SVN import of n2n v2 2016-10-23 10:46:15 +02:00
transform_aes.c Fix seed debug print 2019-06-03 10:16:42 +02:00
transform_null.c Code rework changes 2019-04-27 15:55:07 +02:00
transform_tf.c Code rework changes 2019-04-27 15:55:07 +02:00
tuntap_freebsd.c Fix a few leftover instances which used the old function name 2018-08-18 11:42:22 +04:30
tuntap_linux.c Fix compilation warnings and little leak 2019-05-21 22:53:55 +02:00
tuntap_netbsd.c Refreshed copyright and added contributors list 2018-06-06 09:57:31 +02:00
tuntap_osx.c Added note to fix /dev/tap problems 2018-12-22 08:23:22 +01:00
twofish.c Properly initialize AES IV and hash the AES key 2019-04-16 02:09:13 +02:00
twofish.h Properly initialize AES IV and hash the AES key 2019-04-16 02:09:13 +02:00
uthash.h Update uthash to version 2.1.0 2019-06-10 00:33:11 +02:00
wire.c Implement query peer to try p2p during send 2019-06-08 22:04:10 +02:00

README.md

N2N

N2n is a light VPN software which make it easy to create virtual networks bypassing intermediate firewalls. In order to start using N2N, two elements are required:

  • A supernode: it allows edge nodes to announce and discover other nodes. It must have a port publicly accessible on internet.

  • Edge nodes: the nodes which will be part of the virtual networks

A virtual network shared between multiple edge nodes in n2n is called a community. A single supernode can relay multiple communities and a single PC can be part of multiple communities at the same time. An encryption key can be used by the edge nodes to encrypt the packets within their community.

Quick Setup

Some linux distributions already provide n2n as a package so a simple sudo apt-get install n2n will do the work. Alternatively, up to date packages for most distributions are available on ntop repositories.

On host1 run:

$ sudo edge -c mynetwork -k mysecretpass -a 192.168.100.1 -f -l supernode.ntop.org:7777

On host2 run:

$ sudo edge -c mynetwork -k mysecretpass -a 192.168.100.2 -f -l supernode.ntop.org:7777

Now the two hosts can ping each other.

IMPORTANT It is strongly adviced to choose a custom community name (-c) and a secret encryption key (-k) in order to prevent other users to connect to your PC. For privacy and to reduce the above server load, it is also suggested to set up a custom supernode as exmplained below.

Manual Compilation

On linux, compilation from source is straight forward:

./autogen.sh
./configure
make

# optionally install
make install

For Windows, check out Windows.md for compilation and run instuctions.

For MacOS, check out n2n_on_MacOS.txt.

Setting up a custom Supernode

You can create your own infrastructure by setting up a supernode on a public server (e.g. a VPS). You just need to open a single port (1234 in the example below) on your firewall (usually iptables).

  1. Install the n2n package
  2. Edit /etc/n2n/supernode.conf and add the following:
-l=1234
  1. Start the supernode service with sudo systemctl start supernode

Now the supernode service should be up and running on port 1234. On your edge nodes you can now specify -l your_supernode_ip:1234 to use it. All the edge nodes must use the same supernode.

IPv6 Support

n2n supports the carriage of IPv6 packets within the n2n tunnel. N2n does not yet use IPv6 for transport between edges and supernodes.

To make IPv6 carriage work you need to manually add IPv6 addresses to the TAP interfaces at each end. There is currently no way to specify an IPv6 address on the edge command line.

eg. under linux:

on hostA: [hostA] $ /sbin/ip -6 addr add fc00:abcd:1234::7/48 dev n2n0

on hostB: [hostB] $ /sbin/ip -6 addr add fc00:abcd:1234::6/48 dev n2n0

You may find it useful to make use of tunctl from the uml-utilities package. Tunctl allow you to bring up a TAP interface and configure addressing prior to starting edge. It also allows edge to be restarted without the interface closing (which would normally affect routing tables).

Once the IPv6 addresses are configured and edge started, IPv6 neighbor discovery packets flow (get broadcast) and IPv6 entities self arrange. Test your IPv6 setup with ping6 - the IPv6 ping command.

Docker registry

NOTE: docker packages may be outdated.

Run with:

$ docker run --rm -d -p 5645:5645/udp -p 7654:7654/udp supermock/supernode:[TAGNAME]

(C) 2007-2019 - ntop.org and contributors