Self-hosted LAN over Internet solution like Hamachi

vpn lan tunnel hamachi
6,363

that does not act as a gateway but as a LAN over Internet?

Nearly all VPN software can act like that. In fact, that's usually the default. Just don't configure the server to provide a default route in the first place, and that's it – you get a VPN that works only for its specific subnet.

That said, if you want a mesh:

The usual recommendation is Tinc (possibly even the 1.1 branch). It seems to be capable of setting up arbitrary mesh topologies with relaying, at either IP layer or Ethernet layer (switch mode). Broadcast is supported (multicast packets are handled as broadcast).

ZeroTier is somewhere in the middle: it tries to use direct connections whenever possible (even punching through NATs), but falls back to relaying via supernodes otherwise. It's possible to host your own controller and supernode, though rarely necessary. Multicast and broadcast is supported (with limits).

Then there is OpenVPN, which is rather strictly client-server-based. (It has a client-to-client flag, but doesn't have NAT holepunching capabilities.) A regular OpenVPN server sounds like it'd work fine for you, but if you set it up in tap mode (as opposed to the default tun), then it'll relay arbitrary Ethernet traffic instead of being limited to IP.

(All of the above work on Linux, FreeBSD, and Windows.)

Finally, depending on the OS, there are plenty of lightweight, manually configured tunnel types – such as GRE or L2TP. They get somewhat unwieldy once the network grows, since you have to set up every point-to-point link by hand (no hole punching; no encryption unless you add IPsec), but ... they're basically the duct tape of networking.

Note that there probably isn't any software that supports all platforms out there, so in some cases you'll just need to route packets between 2 or 3 networks. For example, you might want to run Tinc on PCs but connect via OpenVPN from an iPhone. That's fine, as long as the OpenVPN server has a route for the Tinc subnet, and vice versa. (The same goes for routing between the "LAN over Internet" and your regular LAN.)

Share:
6,363

Related videos on Youtube

Trevor Rudolph
Author by

Trevor Rudolph

im a coder

Updated on September 18, 2022

Comments

  • Trevor Rudolph
    Trevor Rudolph over 1 year

    I'd like to setup VPN that offers LAN over Internet in much the same way a Hamachi mesh style server allows peers on the network to directly talk using IPs on the interface while directing regular traffic to the main network adapter (eth0 or wlan0 for example).

    I have a great amount of resources, but I can't seem to find a setup that fits. I have looked into SoftEther but it seems like it is just out of my needs.

    My need is to create a Mesh VPN server on my home server (which has a public IP) and manually connect to it (in much the same way as Hamachi) so that my peers can interact with my home computer as a central server. I need this to connect to some of my work computers while I am out of state. My main concern is tunneling UDP traffic.

    Is there any self-hosted Hamachi-like solution that does not act as a gateway but as a LAN over Internet?

  • Trevor Rudolph
    Trevor Rudolph over 7 years
    So ZeroTier tries to do persistant NAT hole-punching with the server as a broker, but has a VPN style fallback?
  • user1686
    user1686 over 7 years
    @TrevorRudolph: Yes – and it's still a VPN either way. "VPN" doesn't imply central relaying of any sort.
  • Trevor Rudolph
    Trevor Rudolph over 7 years
    Yes understood. I have to do some research on the different network Layers (2 vs 3)
  • user1686
    user1686 over 7 years
    In short: you need a L2 VPN for protocols which do not run over IP. (For example, MPLS; IPX or AppleTalk (for old games); IS-IS; ...) Pure IP-based communications work with both kinds, although L3 has slightly less overhead (no Ethernet header inside the tunnel).
  • Trevor Rudolph
    Trevor Rudolph over 7 years
    Yes I'd rather reduce overhead. I'll shoot for L3. I can probably set up OpenVPN in TUN mode as my communications routes are <100mbps, I doubt I need a mesh network if my data flow looks like Travel Location -> Server -> Work Devices behind Office NAT. I'd usually use an ssh tunnel but the program I am working on does it's own port selection.
  • user1686
    user1686 over 7 years
    You don't need a mesh, but it can certainly reduce latency if the software manages to establish a direct connection. Unless your VPN server is also hosted at work, that is. Still, OpenVPN in "topology subnet; tls-server" mode is a good start.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I permanently delete tun interfaces
How to set up ssh connection (acessible over internet, not LAN) using MTS MBLaze modem?
How can I make VirtualBox guests share the host's VPN connection?
Best way to share folder or drive over LAN and WAN
Tunneling internet traffic through VPN on a home router
Is it possible to print to a LAN printer over a VPN?
Can't connect to a local FTP - "Connection closed by remote host."
Can I use a VPN to trick minecraft into connecting via LAN?
hamachi like software for Snow Leopard?
Accessing a Virtual Machine over Hamachi VPN