PeerVPN is a network utility to create a VPN among multiple computers or nodes in a network. This is helpful in scenarios where the computers cannot be connected directly due to firewalls or NAT devices. PeerVPN can be used for private sessions for file sharing and gaming.
The working principle of PeerVPN is different from conventional VPN software. Instead of the client-server architecture where the server is subjected to more load and must be functioning for the whole system to work, PeerVPN uses a mesh based architecture like bittorrent. Each node can connect directly to another node. If any node goes down, the other nodes can still communicate. PeerVPN is written in C and uses the openssl library.
- Ethernet tunneling support using TAP devices
- IPv6 support
- Full mesh network topology
- Automatically builds tunnels through firewalls and NATs without any further setup (e.g. port forwarding)
- Shared key encryption and authentication support
- Uses UDP ports for tunnelling
- Open source and free (GPLv3)
At the time of writing you need to compile PeerVPN from source (a statically linked x86 binary is provided by the author).
To compile PeerVPN on Ubuntu:
$ sudo apt-get install libssl-dev $ wget http://www.peervpn.net/files/peervpn-$VERSION.tar.gz $ tar -xvf peervpn-$VERSION.tar.gz $ cd peervpn-$VERSION $ make $ sudo make install
You will need to replace $VERSION (or export it) with the latest version of PeerVPN.
I have uploaded a dynamically linked PeerVPN stripped x86_64 binary here. The version is 0-042 and compiled on Ubuntu 14.04 x86_64.
You need a configuration file to run PeerVPN. We’ll use peervpn.conf. Procedure setup a PeerVPN tunnel among two computers Node A and Node B:
Content of peervpn.conf on Node A:
port 7000 networkname ExampleNet psk mysecretpassword enabletunneling yes interface peervpn0 ifconfig4 10.8.0.1/24
Node A should be reachable from Node B. If Node A is behind a NAT device, port 7000 should be forwarded.
Content of peervpn.conf on Node B:
port 7000 networkname ExampleNet psk mysecretpassword enabletunneling yes interface peervpn0 ifconfig4 10.8.0.2/24 initpeers node-a.example.com 7000
Replace node-a.example.com with the real address of Node A.
Run PeerVPN on both nodes:
$ sudo peervpn /path/to/peervpn.conf
It may take some time to build the VPN tunnel. To make sure things are working as expected ping 10.8.0.2 from 10.8.0.1 and vice versa.
To add more nodes copy peervpn.conf from Node B to new computers and keep incrementing the IP address in the ifconfig line (e.g. 10.8.0.3 and so on). The new node will connect to Node A first and automatically build tunnels to the other participating nodes.