1. Status
    2. Usage
    3. Supernode
    4. Node
    5. Download
    6. Releases
    7. Sources
    8. Build
    9. Testcases
    10. Requirements
    11. People
    12. Communication
      1. IRC
      2. Mailing Lists
    13. License

We're currently doing some cleanup.

L2gvpn is a OSI-Layer 2 VPN solution which makes use of a Peer-to-Peer infrastructure to exchange routing information and other metadata.

In short, you have N nodes and M (limited to 1 at the moment) supernodes. The nodes broadcast via the supernode until ARP and other specific meta-data is exchanged. After that, both directions communicate directly unless communication via a supernode is necessary to traverse NAT.

We divide the network into 3 parts: Supernode(s), Node(s) and Leaf(s).

To make sure that Node A can talk to Leaf A without the need to cache all MAC-Addresses to know where the packets have to go, we do MAT (MAC Address Translation). We divide the range of "translated MACs" into "network ranges".

A translated MAC-Address is composed of:

  • 00:AA:BB:BB:CC:CC
    • AA = Supernode identifier (Yes, we're already working on multi-supernode support)
    • BB:BB = Node identifier (Unique ID for each node, has to be defined manually. Later the supernode will do the allocation)
    • CC:CC = Leaf identifier

Doing this you have a lot of advantages

  • Only the node needs to know its local MAT table
  • We can use FF:FF:FF:FF:00:00 as a mask to identify where we need to send data
  • And 00:FF:00:00:00:00 to find the supernode

How does that work? Well, even if Layer 2 1/2 is a nice place, we actually have to rewrite Ethernet headers and ARP-frames. Unfortunately this leads into NDP (Neighbor Discovery Protocol) being broken. We recognise NDP and handle it like broadcast and multicast. We have to take a deeper look on that. Stay tuned.

Status

We consider v0.1 to be usable with the following limitations:

  • IPv6 is not working
  • There is no cryptography
  • There is no authentication

Missing (but planned/WiP) features are:

  • Multi-supernode support
  • Crypto, Compression, Signing, Authentication..
  • Advanced packet filtering for DHCP, mDNS etc. (Berkeley Packet Filter?)

Of course we want to do Layer-2 but not all on that.

Usage

You need at least one supernode and two nodes. The "public port" of the supernode must be reachable by all nodes. Additionally you'll need an uci configuration file located at /etc/config/l2gvpn.

You can find some configuration examples here.

Supernode

To start a supernode simply do 

 $ supernode <uci name>

Node

To start a node simply do 

 $ node <uci name>

You can bridge the node's tunnel device with any other device. The UCI file has an additional section for debugging where you can adjust which debug informations you want to see.

"kill -s usr1 xyz" causes the daemons to re-read this section at runtime.

Download

Releases

Sources

To get the latest snapshot of the source code, you need a SVN-Client to check it out. 

$ svn co http://svn.l2gvpn.org/trunk l2gvpn

Build

Most of the code is written and tested on Linux, but FreeBSD support is also checked in frequent intervals. Once there was support for OSX and Win32 which will return shortly.

Testcases

Take a look at Testcases.

Requirements

As l2gvpn uses libuci for configuration, you'll need to get UCI.

One way to obtain UCI is getting it from the git-repository: 

$ git clone git://nbd.name/uci

People

l2gvpn is based on code from ntop's n2n:  http://www.ntop.org/n2n/

  • John Crispin <blogic@openwrt.org> - Core Developer
  • Alexander Morlang <alx@dd19.de> - Project Janitor and Test Engineer
  • Sylwester Sosnowski <l2gvpn@no-route.org> - Mostly FreeBSD Support, Bugfixing, Documentation
  • Johannes Findeisen <you@hanez.org> - l2gvpn GUI

Communication

IRC

You can reach the developers in #l2gvpn at freenode.

Mailing Lists

The developers and users mailing lists are located at lists.subsignal.org. To join l2gvpn-users go  here or/and  here for l2gvpn-devel.

License

(C) 2008 - John Crispin <blogic@openwrt.org>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, see http://www.gnu.org/licenses/

l2gvpn is a derived work, conceptually and source code wise from n2n originally implemented by Luca Deri <deri@ntop.org> and located at http://www.ntop.org/n2n/. The code was originally implemented with code contributions courtesy of Richard Andrews <bbmaj7@yahoo.com.au> and Massimo Torquati <torquati@ntop.org>.

Copyright (C) 2008 - 2009 l2gvpn.org

Attachments