- Developer Corner
- Recent posts
Before configuring the GNUnet VPN, please make sure that system-wide DNS interception is configured properly as described in the section on the GNUnet DNS setup.
The default-options for the GNUnet VPN are usually sufficient to use GNUnet as a Layer 2 for your Internet connection. However, what you always have to specify is which IP protocol you want to tunnel: IPv4, IPv6 or both. Furthermore, if you tunnel both, you most likely should also tunnel all of your DNS requests. You theoretically can tunnel "only" your DNS traffic, but that usually makes little sense.
The other options as shown on the gnunet-setup tool are:
This is the IPv4 address the VPN interface will get. You should pick an 'private' IPv4 network that is not yet in use for you system. For example, if you use 10.0.0.1/255.255.0.0 already, you might use 10.1.0.1/255.255.0.0. If you use 10.0.0.1/255.0.0.0 already, then you might use 192.168.0.1/255.255.0.0. If your system is not in a private IP-network, using any of the above will work fine.
You should try to make the mask of the address big enough (255.255.0.0 or, even better, 255.0.0.0) to allow more mappings of remote IP Addresses into this range. However, even a 255.255.255.0-mask will suffice for most users.
The IPv6 address the VPN interface will get. Here you can specify any non-link-local address (the address should not begin with "fe80:"). A subnet Unique Local Unicast (fd00::/8-prefix) that you are currently not using would be a good choice.