PeerVPN

2018/07/18

Categories: Linux Tags: networking vpn

Update, 2020.Feb.08

Updated the version of libressl

Introduction

I came across PeerVPN fairly recently, via the RadioTux podcast in the April 2018 edition, and afterwards spent some time doing a setup. I must say that it’s a very nice tool. I’ve used OpenVPN for a long time to set up private VPNs linking various servers and systems I use. PeerVPN offers two principal advantages over the traditional setup:

  1. Some resiliance to the loss of a server, doesn’t depend on a core machine

  2. Packets are not all routed through the central server, so if you’ve machines that are local to each other, they can talk directly

For me, the second is the key advantage. It means that the network speed between machines on my home network is very close to optimal, while still having the advantage of being able to use consistent addressing and a network that includes both home network machines and remote servers.

Anyway, rest of this post is a collection of links/documentation that I don’t want to lose, might also be helpful to someone else

Installation

Downloaded peervpn (0-044 version), and extracted archive. Then ran script as follows

#!/bin/sh

#libressl_version=libressl-2.5.1
#libressl_version=libressl-3.0.2 # Updated 2020.Feb.08
libressl_version=libressl-3.3.3 # Updated 2021.Aug.15
libressl_archive=${libressl_version}.tar.gz

if [ -f ${libressl_archive} ]
then
	:
else
	wget -O ${libressl_archive} https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/${libressl_archive}
fi

if [ -f ${libressl_archive} ]
then
	:
else
	echo wget failed.
	return -1
fi

libressl_lib=${libressl_version}/crypto/.libs/libcrypto.a
if [ -f $libressl_lib ]
then
	:
else
	tar -xzf ${libressl_archive}
	cd ${libressl_version} && ./configure && make && cd ..
fi

#cc -O2 -I${libressl_version}/include -lpthread peervpn.c -o peervpn \
# Note change from -lpthread to -pthread which should be more portable
# (build was failing in Aug 2021 on Debian Bullseye with -lpthread).
cc -O2 -I${libressl_version}/include -pthread peervpn.c -o peervpn \
    ${libressl_version}/crypto/.libs/libcrypto.a && echo success!

Further steps required:

cd /usr/local/bin/
ln -s $(HOME)src/peervpn/peervpn-0-044/peervpn
mkdir /etc/peervpn

systemd setup:

# in /etc/systemd/system/peervpn.service
[Unit]
Description=PeerVPN network service
After=network-online.target

[Service]
ExecStart=/usr/local/bin/peervpn /etc/peervpn/configfile.conf

[Install]
WantedBy=multi-user.target

Other resources

There are other options, and other relevant info