CollabVPN: Difference between revisions

CollabVPN (view source)

Revision as of 16:26, 6 May 2024

899 bytes added , 6 May

no edit summary

VisualWikitext

Julia

14

edits

Revision as of 15:09, 6 May 2024 (view source) Julia (talk \| contribs) (Creation of CollabVPN project page) Tag: Visual edit		Revision as of 16:26, 6 May 2024 (view source) Julia (talk \| contribs) No edit summary Tag: Visual edit Newer edit →
(4 intermediate revisions by the same user not shown)
CollabVPN is a VPN provided to users who want to host CollabVMs/UserVMs but don't want to use their existing ISP/NSP as an exit. '''It is not affiliated with Computernewb or CollabVM in any way.''' This was created because many commercial VPN providers are not equipping users with enough global IPv6 addresses, resulting in an IPv4-only or IPv4-prefferred network.▼ ▲This was created by Julia because many commercial VPN providers are not equipping users with enough global IPv6 addresses, resulting in an IPv4-only or IPv4-prefferred network. === Technical details === * It is currently hosted on a VPS at [https://www.urdn.com.ua/ Ukrainian Data Network] but there are plans to move it to her own ASN once she is an LIR at RIPE. * WireGuard Endpoint: <code>collabvpn.julias.zone:80</code> {\| class="wikitable" \|+ !Used For !Pool !Description \|- \|IPv6 Peers \|2a0f:e586:f:2c02::/64 \|These are assigned to the WireGuard peers and are used to route their /64s \|- \|IPv6 Pool \|2a0f:e586:f:2c10::/60 \|This pool contains 16 /64s for assignment to peers. More can be added once necessary. \|- \|IPv4 Peers \|10.1.1.0/24 \|This pool contains 254 IPv4 addresses used for NAT purposes assigned to the peers. \|- \|IPv4 SRCNAT \|193.218.118.174:49152-65535 \|The NAT uses these ports for outgoing IPv4 connections. \|- \|IPv4 DSTNAT \|193.218.118.174:1024-49151 \|These IPv4 ports can be routed to peers on demand. \|} === Requesting a Tunnel === * Your WireGuard public key * Your GPG public key (optional, but nice to have for extra security like WireGuard PSKs). Sign and encrypt it with [https://keys.julias.zone/pgp/0075530C72926390787F472D2CB69D1DB326E875.key 0075530C72926390787F472D2CB69D1DB326E875] if you like. * How many /64 IPv6 subnets you need, aka how many bridges you want to tunnel. * What firewall configuration you want: * Only outbound IPv6 and IPv4 connections are permitted. * Inbound connections are filtered and only responses/packets from tracked connections are let in. * This is the default unless you explicitly request exposure. Exposed *** Also inbound connections are let in on IPv6 and IPv4. === To Do === * Further technical details like blocked ports~~, assigned IPv6 blocks and IPv4 ports, endpoint of the WireGuard~~