N2n Versions Save

Peer-to-peer VPN

3.1.1

2 years ago

3.1.0

2 years ago

3.0

2 years ago

n2n 3.0 (October 2021)

During the last year, long discussed ideas turned into implemented functionalities – adding remarkably to n2n's rich feature set and each of them worthy of note. The level achieved made us think it justified even a major release. Welcome, n2n 3.0!

Starting from this stable platform, future versions of n2n's 3.x series will further promote its versatility while keeping up compatibility. To achieve this, development will mainly focus on areas outside the underlying core hole-punching protocol and will include but probably not be limited to connection handling, management capabilities, build system tuning as well as internal code structure.

For now, we would like to encourage you to have a look at the freshly released 3.0 yourself.

The following changelog intends to cause happy and eager anticipation. Enjoy!

New Features

  • Federated supernodes to allow multiple supernodes for load balancing and fail-over (doc/Federation.md)
  • Automatic IP address assignment allows edges to draw IP addresses from the supernode (just skip -a)
  • Allowed community names can be restricted by regular expressions (community.list file)
  • Network filter for rules (-R) allowing and denying specific traffic to tunnel
  • Experimental TCP support (-S2) lets edges connect to the supernodes via TCP in case firewalls block UDP (not available on Windows yet)
  • All four supported ciphers offer integrated versions rendering OpenSSL dependency non-mandatory (optionally still available)
  • MAC and IP address spoofing prevention
  • Network interface metric can be set by command-line option -x (Windows only)
  • Re-enabled local peer detection by multicast on Windows
  • Edge identifier (-I) helps to identify edges more easily in management port output
  • Optionally bind edge to one local IP address only (extension to -p)
  • A preferred local socket can be advertised to other edges for better local peer-to-peer connections (-e)
  • Optional edge user and password authentication (-J, -P, doc/Authentication.md)
  • Optional json format at management port allows for machine-driven handling such as .html page generation (scripts/n2n-httpd) or script-based evaluation (scripts/n2n-ctl)
  • Completely overhauled build system including GitHub's action runners performing code syntax and formal checks, creating and running test builds, providing binairies and packages as artifacts and running verification tests

Improvements

  • Increased edges' resilience to temporary supernode failure
  • Fixed a compression-related memory leak
  • Ciphers partly come with platform-specific hardware acceleration
  • Added a test framework (tools/test-*.c and tests/)
  • Clean-up management port output
  • Polished benchmark tool output
  • Spun-off the name resolution into a separate thread avoiding lags
  • Added support for additional environment variables (N2N_COMMUNITY, N2N_PASSWORD, and N2N_FEDERATION)
  • Implemented new reload_communities command to make supernode hot-reload the -c provided community.list file, issued through management port
  • Reactivated send out of gratuitous ARP packet on establishing connection
  • Enhanced documentation (doc/ folder) including the man pages and command-line help text (-h and more detailed --help)
  • Self-monitoring time stamp accuracy for use on systems with less accurate clocks
  • Fixed man pages' and config files' paths
  • Code clean-up

2.8

3 years ago

n2n 2.8 (August 2020)

This release brings significant new features to n2n's crypto world and offers some compression opportunities. The added support for routing table manipulation might increase comfort. Besides further honing existing features, this release addresses some bugs.

New Features

  • Two lightweight stream ciphers: ChaCha20 (optional, through OpenSSL) & SPECK (integrated)
  • Full Header Encryption (including packet checksumming as well as replay protection)
  • A callback interface to better integrate n2n in third party software (you can still use it stand-alone)
  • Enable the integrated LZO1x compression
  • Add optional ZSTD compression (through zstdlib)
  • Support for changing system routes at program start and end
  • User and group id parameter for supernode
  • Application of cryptography in n2n is seperately documented
  • Add a new pseudo random number generator with higher periodicity seeded with more entropy if available

Improvements

  • Have AES and ChaCha20 use OpenSSL's evp_* interface to make better use of available hardware acceleration
  • Fix invalid sendto when supernode name resolution fails
  • Update to supernode's purge logic
  • Extended management supernode's port output
  • Fix read tap device failed when OS wakes up from sleep
  • Free choice of supernode's management UDP port (for multiple supernodes on one machine)
  • Additional trace messages to better indicate established connections and connection type
  • Fix edge's register-to-supernode loop
  • Remove redundant code
  • Restructure the code in directories
  • Clean-up platform-dependant code
  • Compile fixes for Windows
  • Fix build warnings
  • …and many more under-the-hood fixes and tunings

2.6

4 years ago
  • Add ability to specify a whitelist of allowed communities on the supernode
  • Implement local peers discovery via multicast
  • Windows compilation fixes and instructions
  • MacOS compilation fixes and instructions
  • Add support for multiple edge systemd services
  • Implement AES encryption for increased security and throughput
  • Add benchmark tool for the encryption throughput
  • Improve the connection stability and the chances to enstablish a P2P connection
  • Remove keyschedule support to simplify the encryption code
  • Integrate the changes made in the meyerd fork of n2n
  • Implement packet stats for P2P vs supernode communication
  • Replace peers linked list with hash table for faster lookup in big networks
  • Automatically drop provileges to user n2n
  • n2n version improvements
  • Add support for ARM64 build
  • Instructions and makefile file to build n2n on OpenWRT
  • More options to control MTU, P2P connections, TOS and log verbosity
  • Implement a wireshark dissector for the n2n protocol
  • Remove calls to system() in tuntap_linux and use netlink instead
  • Implement n2n-decode utility to decode and dump traffic to PCAP

2.4

5 years ago

This is the first official release after having put n2n on hold. We have primarily focused on cleaning up code, repairing compilation issues, fixed various things including building and packaging for deb/rpm platforms. new features will be included in the next release, this is just a maintenance release that packages can use to refresh n2n in distributions.