n2n === [n2n][1] is a layer-two peer-to-peer virtual private network (VPN) which allows users to exploit features typical of P2P applications at network instead of application level. ``` .............VPN................ +------LAN-+-----+ +- Edge. | . | / . | Client ->.Edge +-> Supernode <-+- Edge . | . | (Edge) \ . +----------+-----+ +- Edge. ................................ ``` ## Supernode/Edge (eth0:1.2.3.4, n2n0:192.168.100.1/24) ```bash # start supernode & edge $ docker-compose up -d $ ifconfig eth0: 1.2.3.4 br-2e0238bf6b9d: 172.20.0.1 # config edge routing $ docker-compose exec edge bash >>> ifconfig eth0: 172.20.0.2 n2n0: 192.168.100.1 >>> iptables -t nat -A POSTROUTING -j MASQUERADE >>> exit # get bridge ip $ ip route get 192.168.200.1 192.168.200.1 via 172.20.0.2 dev br-2e0238bf6b9d src 172.20.0.1 # add vpn route (via edge's n2n0) $ ip route add 192.168.200.0/24 via 172.20.0.2 $ ping 192.168.200.1 ``` ## Edge (eth0:192.168.1.23/24, n2n0:192.168.100.x/24) ```bash $ docker-compose up -d edge $ sysctl -w net.ipv4.ip_forward=1 $ iptables -t filter -A FORWARD -j ACCEPT $ iptables -t nat -A POSTROUTING -o n2n0 -j MASQUERADE ``` ## Client (eth0:192.168.1.45/24) ```bash $ ip route add 192.168.100.0/24 via 192.168.1.23 $ ping 192.168.100.1 $ nmap -sP 192.168.100.0/24 ``` > Static routes can be added on your home router. [1]: https://www.ntop.org/products/n2n/