1
0
mirror of https://github.com/vimagick/dockerfiles.git synced 2024-12-12 11:14:57 +02:00
dockerfiles/n2n/README.md
2019-10-01 15:55:54 +08:00

64 lines
1.5 KiB
Markdown

n2n
===
[n2n][1] is a layer-two peer-to-peer virtual private network (VPN) which allows
users to exploit features typical of P2P applications at network instead of
application level.
```
.............VPN................
+------LAN-+-----+ +- Edge.
| . | / .
| Client ->.Edge +-> Supernode <-+- Edge .
| . | (Edge) \ .
+----------+-----+ +- Edge.
................................
```
## Supernode/Edge (eth0:1.2.3.4, n2n0:192.168.100.1/24)
```bash
# start supernode & edge
$ docker-compose up -d
$ ifconfig
eth0: 1.2.3.4
br-2e0238bf6b9d: 172.20.0.1
# config edge routing
$ docker-compose exec edge bash
>>> ifconfig
eth0: 172.20.0.2
n2n0: 192.168.100.1
>>> iptables -t nat -A POSTROUTING -j MASQUERADE
>>> exit
# get bridge ip
$ ip route get 192.168.200.1
192.168.200.1 via 172.20.0.2 dev br-2e0238bf6b9d src 172.20.0.1
# add vpn route (via edge's n2n0)
$ ip route add 192.168.200.0/24 via 172.20.0.2
$ ping 192.168.200.1
```
## Edge (eth0:192.168.1.23/24, n2n0:192.168.100.x/24)
```bash
$ docker-compose up -d edge
$ sysctl -w net.ipv4.ip_forward=1
$ iptables -t filter -A FORWARD -j ACCEPT
$ iptables -t nat -A POSTROUTING -o n2n0 -j MASQUERADE
```
## Client (eth0:192.168.1.45/24)
```bash
$ ip route add 192.168.100.0/24 via 192.168.1.23
$ ping 192.168.100.1
$ nmap -sP 192.168.100.0/24
```
> Static routes can be added on your home router.
[1]: https://www.ntop.org/products/n2n/