PeerVPN: P2P multi-node VPN

p2p_network_compPeerVPN is a network utility to create a VPN among multiple computers or nodes in a network. This is helpful in scenarios where the computers cannot be connected directly due to firewalls or NAT devices. PeerVPN can be used for private sessions for file sharing and gaming.

The working principle of PeerVPN is different from conventional VPN software. Instead of the client-server architecture where the server is subjected to more load and must be functioning for the whole system to work, PeerVPN uses a mesh based architecture like bittorrent. Each node can connect directly to another node. If any node goes down, the other nodes can still communicate. PeerVPN is written in C and uses the openssl library.

Features

  • Ethernet tunneling support using TAP devices
  • IPv6 support
  • Full mesh network topology
  • Automatically builds tunnels through firewalls and NATs without any further setup (e.g. port forwarding)
  • Shared key encryption and authentication support
  • Uses UDP ports for tunnelling
  • Open source and free (GPLv3)

Installation

At the time of writing you need to compile PeerVPN from source (a statically linked x86 binary is provided by the author).

To compile PeerVPN on Ubuntu:

$ sudo apt-get install libssl-dev
$ wget http://www.peervpn.net/files/peervpn-$VERSION.tar.gz
$ tar -xvf peervpn-$VERSION.tar.gz
$ cd peervpn-$VERSION
$ make
$ sudo make install

You will need to replace $VERSION (or export it) with the latest version of PeerVPN.

I have uploaded a dynamically linked PeerVPN stripped x86_64 binary here. The version is 0-042 and compiled on Ubuntu 14.04 x86_64.
md5sum: 368fb1460656d02666da26f0d2135fec

Usage

You need a configuration file to run PeerVPN. We’ll use peervpn.conf. Procedure setup a PeerVPN tunnel among two computers Node A and Node B:

Content of peervpn.conf on Node A:

port 7000
networkname ExampleNet
psk mysecretpassword
enabletunneling yes
interface peervpn0
ifconfig4 10.8.0.1/24

Node A should be reachable from Node B. If Node A is behind a NAT device, port 7000 should be forwarded.

Content of peervpn.conf on Node B:

port 7000
networkname ExampleNet
psk mysecretpassword
enabletunneling yes
interface peervpn0
ifconfig4 10.8.0.2/24
initpeers node-a.example.com 7000

Replace node-a.example.com with the real address of Node A.

Run PeerVPN on both nodes:

$ sudo peervpn /path/to/peervpn.conf

It may take some time to build the VPN tunnel. To make sure things are working as expected ping 10.8.0.2 from 10.8.0.1 and vice versa.

To add more nodes copy peervpn.conf from Node B to new computers and keep incrementing the IP address in the ifconfig line (e.g. 10.8.0.3 and so on). The new node will connect to Node A first and automatically build tunnels to the other participating nodes.

Webpage: PeerVPN

2 thoughts on “PeerVPN: P2P multi-node VPN”

    1. Didn’t dig into the code but the most probable explanation is that Node A maintains the information of the participating nodes.

Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s