You are here

The Virtual Public Network

Primary tabs

Using the GNUnet Virtual Public Network (VPN) application you can tunnel IP traffic over GNUnet. Moreover, the VPN comes with built-in protocol translation and DNS-ALG support, enabling IPv4-to-IPv6 protocol translation (in both directions). This chapter documents how to use the GNUnet VPN.

The first thing to note about the GNUnet VPN is that it is a public network. All participating peers can participate and there is no secret key to control access. So unlike common virtual private networks, the GNUnet VPN is not useful as a means to provide a "private" network abstraction over the Internet. The GNUnet VPN is a virtual network in the sense that it is an overlay over the Internet, using its own routing mechanisms and can also use an internal addressing scheme. The GNUnet VPN is an Internet underlay --- TCP/IP applications run on top of it.

The VPN is currently only supported on GNU/Linux systems. Support for operating systems that support TUN (such as FreeBSD) should be easy to add (or might not even require any coding at all -- we just did not test this so far). Support for other operating systems would require re-writing the code to create virtual network interfaces and to intercept DNS requests.

The VPN does not provide good anonymity. While requests are routed over the GNUnet network, other peers can directly see the source and destination of each (encapsulated) IP packet. Finally, if you use the VPN to access Internet services, the peer sending the request to the Internet will be able to observe and even alter the IP traffic. We will discuss additional security implications of using the VPN later in this chapter.