zehome/MLVPN zehome/MLVPN

  • Stars
    star
    519
  • Rank 85,261 (Top 2 %)
  • Language
    C
  • License
    BSD 2-Clause "Sim...
  • Created about 13 years ago
  • Updated over 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
zehome/MLVPN
github

zehome

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Multi-link VPN (ADSL/SDSL/xDSL/Network aggregation / bonding)

MLVPN - Multi-Link Virtual Public Network

Build Status Coverity Status

author: Laurent Coustet

Take a look at the official documentation on Read The Docs

Introduction

MLVPN will do its best to achieve the following tasks:

  • Bond your internet links to increase bandwidth (unlimited)
  • Secure your internet connection by actively monitoring your links and removing the faulty ones, without loosing your TCP connections.
  • Secure your internet connection to the aggregation server using strong cryptography.
  • Scriptable automation and monitoring.

Quick install

A Nice tutorial using OpenBSD

See solene's article on how to use mlvpn on OpenBSD

Install debian package

sudo apt-key adv --keyserver pgp.mit.edu --recv 3324C952
echo "deb http://debian.mlvpn.fr unstable/" >/etc/apt/sources.list.d/mlvpn.list
sudo apt-get update
sudo apt-get install mlvpn

Install FreeBSD port

pkg install git libev libsodium
git clone --branch freebsd https://github.com/zehome/MLVPN mlvpn
cd mlvpn
make

Install "static" package

This is usefull on old systems. For example, for debian

wget https://github.com/zehome/MLVPN/releases/download/2.3.1/mlvpn_static_ev_4.22_libsodium_1.0.10.tar.gz
tar -C / -xpzf mlvpn_static_ev_4.22_libsodium_1.0.10.tar.gz
adduser --quiet --system --no-create-home --home /var/run/mlvpn --shell /usr/sbin/nologin mlvpn
chmod +x /etc/init.d/mlvpn
insserv mlvpn

Build from source (using nix)

Using nix, MLVPN can be built on any linux system without the need to manually setup a build environment or install dependencies. It also allows to build static binaries and cross built binaries. It just requires nix to be installed (see getting nix)

First obtain a flakes compatible nix :

  NIX_CONFIG="experimental-features = flakes nix-command" nix-shell -p nixFlakes

Build MLVPN via nix:

  • Build for your current platform 
      nix build github:zehome/MLVPN
  • Static build for your current platform 
      nix build github:zehome/MLVPN#mlvpn-static
  • Cross build for another platform 
      nix build github:zehome/MLVPN#mlvpn-aarch64-linux
  • Static cross build for another platform 
      nix build github:zehome/MLVPN#mlvpn-static-aarch64-linux

The binary will end up in ./result/bin

Build from source (debian / arch)

# Debian
$ sudo apt-get install build-essential make autoconf automake libev-dev libsodium-dev libpcap-dev pkg-config
# OR ArchLinux
$ sudo pacman -S base-devel git libev libsodium
$ ./autogen.sh
$ ./configure
$ make
$ make install

Build debian package

$ sudo apt-get install build-essential make autoconf debhelper fakeroot cdbs ruby-ronn
$ dpkg-buildpackage -us -uc -rfakeroot

Generating a static binary

apt-get install flex bison build-essential
MLVPN_VERSION=2.3.0
EV_VERSION=4.22
LIBSODIUM_VERSION=1.0.8
PCAP_VERSION=1.7.4
wget http://dist.schmorp.de/libev/libev-${EV_VERSION}.tar.gz
wget https://github.com/jedisct1/libsodium/releases/download/1.0.8/libsodium-${LIBSODIUM_VERSION}.tar.gz
wget http://www.tcpdump.org/release/libpcap-${PCAP_VERSION}.tar.gz
tar xzf libev-${EV_VERSION}.tar.gz
tar xzf libsodium-${LIBSODIUM_VERSION}.tar.gz
tar xzf libpcap-${PCAP_VERSION}.tar.gz

echo libev
(cd libev-${EV_VERSION}
./configure --enable-static --disable-shared --prefix $HOME/libev/
make -j4 install)

echo libsodium
(cd libsodium-${LIBSODIUM_VERSION}
./configure --enable-static --disable-shared --prefix=$HOME/libsodium/
make -j4 install)

echo libpcap
(cd libpcap-${LIBPCAP_VERSION}
./configure --disable-shared --prefix $HOME/libpcap/
make -j4 install)

wget https://github.com/zehome/MLVPN/releases/download/${MLVPN_VERSION}/mlvpn-${MLVPN_VERSION}.tar.gz
tar xzf mlvpn-${MLVPN_VERSION}.tar.gz
cd mlvpn-${MLVPN_VERSION}
libpcap_LIBS="-L${HOME}/libpcap/lib -lpcap" libpcap_CFLAGS="-I${HOME}/libpcap/include" libsodium_LIBS="-L${HOME}/libsodium/lib -lsodium" libsodium_CFLAGS=-I${HOME}/libsodium/include libev_LIBS="-L${HOME}/libev/lib -lev" libev_CFLAGS=-I${HOME}/libev/include ./configure --enable-filters LDFLAGS="-Wl,-Bdynamic" --prefix=${HOME}/mlvpn/
make install

Dependencies

  • libev
  • libsodium
  • libpcap (optional)

Security

Privilege separation

MLVPN uses privilege separation to keep high privileges operations away from the core routing stuff.

Code running as root is very minimalist and highly readable to avoid risks as much as possible.

Read more about privilege separation

Cryptography

  • Encryption: Salsa20 stream cipher
  • Authentication: Poly1305 MAC

Read more on salsa20 and libsodium.

Compatibility

Linux, OpenBSD, FreeBSD, OSX

Windows is NOT supported, but MLVPN runs on routers, so you can benefit from MLVPN on ANY operating system of course.

Contributors

  • Laurent Coustet, author and maintainer
  • Philippe Pepiot, contributor (privilege separation, bugfix)
  • Ghislain Lévèque, contributor (weight round robin)
  • Fabien Dupont, contributor (bugfix)
  • Thomas Soëte, contributor (bugfix)
  • Frank Denis, contributor (documentation)
  • Nicolas Braud-Santoni, contributor (documentation)
  • Stuart Henderson, contributor (OpenBSD port/package)
  • Olivier Cochard-Labbé, contributor (FreeBSD/OpenBSD fib routing)
  • Michael Stapelberg, contributor (documentation)

LICENSE

See LICENSE file.

Documentation

Documentation is available on Read The Docs. The manpage is also authored in Markdown, and converted using ronn.

More Repositories

1

autoaudioswitcher

OSHW: Automatic audio input switcher based on audio activity
IDL
10
star
2

rt-websocket-graph

Real time graphing anything on your browser, using websockets and nodejs.
JavaScript
9
star
3

cpige

webradio archiving tool (pige)
C
7
star
4

aping

Latency monitoring using python asyncio, influxdb and grafana (a bit like smokeping)
Python
6
star
5

sintls

Simple Internal TLS ACME-DNS over HTTPS using Lego
Go
4
star
6

python-portable-build

Little shell script to make python (shared) portable
Shell
4
star
7

rt-js-bandwidthmonitor

Realtime bandwidth mesurement using websocket / nodejs on your browser.
JavaScript
3
star
8

claritick

Gestion de ticket, de parc machine, et plus encore
JavaScript
2
star
9

debian-fr.org-forum

Source du forum debian-fr.org
PHP
2
star
10

wakatime_export_tools

Basic tools for WakaTime exported data
Python
2
star
11

conan-python-poppler

Conan package for python-poppler
Python
1
star
12

conan-sip

Conan repository for SIP python binding for C/C++
Python
1
star
13

uniqueinode

Find unique inode count
Go
1
star
14

conan-pyqt

Conan build for PyQt
Python
1
star
15

githubchecker

Version checker for github using golang
Go
1
star
16

conan-poppler

Conan build of the poppler library
Python
1
star
17

udp2tcpproxy

UDP inside TCP using Linux IP_TRANSPARENT sockopt
Go
1
star
18

pysmbc-wheels

pysmbc binary distribution
Shell
1
star
19

apexreplay

CSS
1
star
20

patliteusb

Controlling patlite USB led tower
C
1
star
21

old-MyBot

OLD project MyBot IRC robot with dynamic loadable modules in C
C
1
star
22

pybreakpad

Python binding for breakpad
C++
1
star
23

wiznetconfigurator

WIZNet WIZ1000/WIZ110SR/WIZ1x0SR configurator written in Python.
Python
1
star
24

autophoto

Autophoto generate simple beautiful photo album, without any database.
JavaScript
1
star
25

speedtouch-adslinfo

Getting informations about ADSL synchronization on SpeedTouch modems using HTTP.
Python
1
star
26

conan-qtbinary

Repackages qt binaries with conan
Python
1
star