[Liverpool] OpenVPN with p2p traffic?

Sebastian Arcus s.arcus at open-t.co.uk
Fri Sep 24 14:48:23 UTC 2021 

On 22/09/2021 10:28, Les Pritchard via Liverpool wrote:
> Hi Sebastian,
> 
> I haven't tried it out yet and it's still a very young project, but this 
> might be worth watching: https://github.com/juanfont/headscale 
> <https://github.com/juanfont/headscale>
> 
> It's a project to create an open source, self-hosted version of Tailscale.
> 
> Les
> 
> On Tue, 21 Sept 2021 at 13:15, Sebastian Arcus via Liverpool 
> <liverpool at mailman.lug.org.uk <mailto:liverpool at mailman.lug.org.uk>> wrote:
> 
>     Maybe a topic to chat about at one of the future meetings. I am looking
>     for an open source vpn software which can send vpn traffic between
>     clients directly - without all the traffic flowing through the server.
>     Ideally the software should:
> 
>     1. Have a server involved
>     2. The server is on a static public IP with open port(s) to the internet
>     3. The server helps clients find each other
>     4. The server might control the authentication between clients and do
>     the initial connection setup
>     5. But then, the rest of the traffic should flow directly from
>     client to
>     client
>     6. The clients don't need to be on public and/or static IP's, and don't
>     need ports open to the internet
>     7. Both Windows and Linux support is needed at client end. Android and
>     iPhones would be a bonus, but not essential.
> 
>     The idea would be for the bandwidth between clients not to be
>     restricted
>     by the speed of the connection of the server to the internet - as the
>     bulk of the traffic would be flowing directly from client to client.
> 
>     This is the model ZeroTier uses - but ZeroTier started as
>     semi-opensource and now it has become even more restrictive and
>     unusable
>     - they even disallowed commercial usage for self hosted controllers.
> 
>     I've looked into it but I don't think there is a way to make OpenVPN or
>     WireGuard work as per above. They would be my preferred options.
>     FreeLAN
>     appears promising, but there seems to be almost no usable documentation.

In case it helps anyone, I have stumbled over a few more alternatives:
1. Nebula (uses tinc vpn under the hood): https://github.com/slackhq/nebula

2. There are a number of opensource projects for self-hosted controllers 
for ZeroTier. Apparently this gets around the issue of the restrictive 
non-commercial license the official ZeroTier controller has:

https://github.com/key-networks/ztncui
https://github.com/dec0dOS/zero-ui
https://github.com/thedunston/bash_cli_zt

More information about the Liverpool mailing list