"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "README.md" between
n2n-2.8.tar.gz and n2n-3.0.tar.gz

About: n2n is a layer-two peer-to-peer virtual private network (VPN) which allows bypassing intermediate firewalls.

README.md  (n2n-2.8):README.md  (n2n-3.0)
[![Build Status](https://travis-ci.org/ntop/n2n.png?branch=dev)](https://travis-
ci.org/ntop/n2n)
# n2n # n2n
n2n is a light VPN software which makes it easy to create virtual networks bypas sing intermediate firewalls. n2n is a light VPN software which makes it easy to create virtual networks bypas sing intermediate firewalls.
In order to start using n2n, two elements are required: In order to start using n2n, two elements are required:
- A _supernode_: it allows edge nodes to announce and discover other nodes. It m ust have a port publicly accessible on internet. - A _supernode_: it allows edge nodes to announce and discover other nodes. It m ust have a port publicly accessible on internet.
- _edge_ nodes: the nodes which will be a part of the virtual networks - _edge_ nodes: the nodes which will be a part of the virtual networks
A virtual network shared between multiple edge nodes in n2n is called a _communi ty_. A single supernode can relay multiple communities and a single computer can be part of multiple communities at the same time. An encryption key can be used by the edge nodes to encrypt the packets within their community. A virtual network shared between multiple edge nodes in n2n is called a _communi ty_. A single supernode can relay multiple communities and a single computer can be part of multiple communities at the same time. An encryption key can be used by the edge nodes to encrypt the packets within their community.
skipping to change at line 41 skipping to change at line 43
**IMPORTANT** It is strongly advised to choose a custom community name (`-c`) an d a secret encryption key (`-k`) in order to prevent other users from connecting to your computer. For the privacy of your data sent and to reduce the server lo ad of `supernode.ntop.org`, it is also suggested to set up a custom supernode as explained below. **IMPORTANT** It is strongly advised to choose a custom community name (`-c`) an d a secret encryption key (`-k`) in order to prevent other users from connecting to your computer. For the privacy of your data sent and to reduce the server lo ad of `supernode.ntop.org`, it is also suggested to set up a custom supernode as explained below.
## Setting up a Custom Supernode ## Setting up a Custom Supernode
You can create your own infrastructure by setting up a supernode on a public ser ver (e.g. a VPS). You just need to open a single port (1234 in the example below ) on your firewall (usually `iptables`). You can create your own infrastructure by setting up a supernode on a public ser ver (e.g. a VPS). You just need to open a single port (1234 in the example below ) on your firewall (usually `iptables`).
1. Install the n2n package 1. Install the n2n package
2. Edit `/etc/n2n/supernode.conf` and add the following: 2. Edit `/etc/n2n/supernode.conf` and add the following:
``` ```
-l=1234 -p=1234
``` ```
3. Start the supernode service with `sudo systemctl start supernode` 3. Start the supernode service with `sudo systemctl start supernode`
4. Optionally enable supernode start on boot: `sudo systemctl enable supernode` 4. Optionally enable supernode start on boot: `sudo systemctl enable supernode`
Now the supernode service should be up and running on port 1234. On your edge no des you can now specify `-l your_supernode_ip:1234` to use it. All the edge node s must use the same supernode. Now the supernode service should be up and running on port 1234. On your edge no des you can now specify `-l your_supernode_ip:1234` to use it. All the edge node s must use the same supernode.
## Manual Compilation ## Manual Compilation
On linux, compilation from source is straight forward: On Linux, compilation from source is straight forward:
```sh ```sh
./autogen.sh ./autogen.sh
./configure ./configure
make make
# optionally install # optionally install
make install make install
``` ```
Some parts of the code significantly benefit from compiler optimizations and pla tform features such as NEON, SSE and AVX. To enable, use `./configure CFLAGS="-O 3 -march=native"` for configuration instead of `./configure`. Some parts of the code significantly benefit from compiler optimizations and pla tform features such as NEON, SSE and AVX. To enable, use `./configure CFLAGS="-O 3 -march=native"` for configuration instead of `./configure`.
For Windows, check out [Windows.md](doc/Windows.md) for compilation and running. For Windows, MacOS and general building options, please check out [Building docu
For MacOS, see [macOS.md](doc/macOS.md). mentation](doc/Building.md) for compilation and running.
## Running edge as a Service
edge can also be run as a service instead of cli:
1. Edit `/etc/n2n/edge.conf` with your custom options. See `/etc/n2n/edge.conf.s
ample`.
2. Start the service: `sudo systemctl start edge`
3. Optionally enable edge start on boot: `sudo systemctl enable edge`
You can run multiple edge service instances by creating `/etc/n2n/edge-instance1 **IMPORTANT** It is generally recommended to use the [latest stable release](htt
.conf` and ps://github.com/ntop/n2n/releases). Please note that the current _dev_ branch us
starting it with `sudo systemctl start edge@instance1`. ually is not guaranteed to be backward compatible neither with the latest stable
release nor with previous _dev_ states. On the other hand, if you dare to try b
leeding edge features, you are encouraged to compile from _dev_ – just keep trac
k of sometimes rapidly occuring changes. Feedback in the _Issues_ section is app
reciated.
## Security Considerations ## Security Considerations
When payload encryption is enabled (provide a key using `-k`), the supernode wil l not be able to decrypt When payload encryption is enabled (provide a key using `-k`), the supernode wil l not be able to decrypt
the traffic exchanged between two edge nodes but it will know that edge A is tal king with edge B. the traffic exchanged between two edge nodes but it will know that edge A is tal king with edge B.
The choice of encryption schemes that can be applied to payload has recently bee n enhanced. Please have The choice of encryption schemes that can be applied to payload has recently bee n enhanced. Please have
a look at [Crypto.md](doc/Crypto.md) for a quick comparison chart to help make a a look at [Crypto description](doc/Crypto.md) for a quick comparison chart to he
choice. n2n edge nodes use lp make a choice. n2n edge nodes use
Twofish encryption by default for compatibility reasons with existing versions. AES encryption by default. Other ciphers can be chosen using the `-A_` option.
Other ciphers can be chosen
using the `-A_` option.
A benchmark of the encryption methods is available when compiled from source wit h `tools/n2n-benchmark`. A benchmark of the encryption methods is available when compiled from source wit h `tools/n2n-benchmark`.
The header which contains some metadata like the virtual MAC address of the edge The header which contains some metadata like the virtual MAC address of the edge
nodes, their IP address nodes, their IP address, their real
and the community name optionally can be encrypted applying `-H` on the edges. hostname and the community name optionally can be encrypted applying `-H` on the
edges.
## Routing the Traffic ## Advanced Configuration
Reaching a remote network or tunneling all the internet traffic via n2n are two More information about communities, support for multiple supernodes, routing, tr
common tasks which require a proper routing setup. n2n supports routing needs pr affic restrictions and on how to run an edge as
oviding options for packet forwarding (`-r`) including broadcasts (`-E`) as well a service is available in the [more detailed documentation](doc/Advanced.md).
as temporarily modifying the routing table (`-n`). Details can be found in the
[Routing.md](doc/Routing.md) document.
## IPv6 Support
n2n can tunnel IPv6 traffic into the virtual network but does not support
IPv6 for edge-to-supernode communication yet.
Have a look at [IPv6.md](https://github.com/ntop/n2n/blob/dev/doc/IPv6.md) for m
ore information.
## Contribution ## Contribution
You can contribute to n2n in various ways: You can contribute to n2n in various ways:
- Update an [open issue](https://github.com/ntop/n2n/issues) or create a new one with detailed information - Update an [open issue](https://github.com/ntop/n2n/issues) or create a new one with detailed information
- Propose new features - Propose new features
- Improve the documentation - Improve the documentation
- Provide pull requests with enhancements - Provide pull requests with enhancements
For details about the internals of n2n check out [Hacking guide](https://github. For details about the internals of n2n check out the [Hacking guide](https://git
com/ntop/n2n/blob/dev/doc/HACKING). hub.com/ntop/n2n/blob/dev/doc/Hacking.md).
## Further Readings and Related Projects
## Related Projects Answers to frequently asked questions can be found in our [FAQ document](https:/ /github.com/ntop/n2n/blob/dev/doc/Faq.md).
Here is a list of third-party projects connected to this repository. Here is a list of third-party projects connected to this repository:
- N2N for Android: [hin2n](https://github.com/switch-iot/hin2n) - Collection of pre-built binaries for Windows: [lucktu](https://github.com/luck
tu/n2n)
- n2n for Android: [hin2n](https://github.com/switch-iot/hin2n)
- Docker images: [Docker Hub](https://hub.docker.com/r/supermock/supernode/) - Docker images: [Docker Hub](https://hub.docker.com/r/supermock/supernode/)
- Go bindings, management daemons and CLIs for n2n edges and supernodes, Docker, Kubernetes & Helm Charts: [pojntfx/gon2n](https://pojntfx.github.io/gon2n/) - Go bindings, management daemons and CLIs for n2n edges and supernodes, Docker, Kubernetes & Helm Charts: [pojntfx/gon2n](https://pojntfx.github.io/gon2n/)
--- ---
(C) 2007-2020 - ntop.org and contributors (C) 2007-2021 - ntop.org and contributors
 End of changes. 14 change blocks. 
43 lines changed or deleted 34 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)