Kadugu, an innovative open-source project revolutionizing VPN solutions. It harnesses the power of libp2p tunneling to facilitate secure and private HTTP request tunneling, all within a concise codebase of less than 1,000 lines. It offers easy configuration, blazing-fast speeds through QUIC protocol. Setup VPN between machines within seconds.
Kadugu employs a decentralized peer-to-peer architecture, eliminating the need for a central server and offering direct connections between peers.
Traditional VPN solutions typically establish a tunnel from the home network to the data center, relying on TCP for end-to-end connectivity. However, TCP can struggle to maintain performance over lossy home networks due to its sensitivity to fluctuating bandwidth.
This VPN solution improves upon this bandwidth variation by splitting the connection into two segments: the first, between the home network and the data center, utilizing the QUIC protocol, which is specifically designed to handle lossy and variable networks. The second segment, from the data center to the internet, employs TCP, which excels in the stable and reliable environment of the data center. This hybrid approach results in a VPN connection that offers both low latency and high bandwidth, ensuring a smoother and faster user experience.
Typical VPN configuration often involves setting up and managing server configurations, certificates, and client profiles, which can be cumbersome for inexperienced users. Kadugu's single binary deployment and simplified configuration make it easier to deploy and use, requiring minimal setup and maintenance.
Peers in Kadugu VPN are verified using the Noise protocol over QUIC (a secure transport). During the initial connection, a Noise handshake is performed, where peers exchange cryptographic keys. The Peer IDs are then verified against the exchanged public keys, ensuring that each peer is communicating with the correct identity. All data is encrypted over the libp2p channel, preventing raw traffic from being exposed to the open internet.
-
Download the latest release from the releases page.
-
Make the binary executable:
chmod +x kadugu
- Peer id uniquely identifies the machine. Person wishing to share internet to others, need to share their ids.
./kadugu -p
- Allow firewall rule for UDP port in sharer machine
sudo ufw allow 12007
- Run the Kadugu server to share your internet:
./kadugu -s
- Optionally, specify allowed peer IDs to access your internet:
./kadugu -s <peer_id1>,<peer_id2>,...
- Run Kadugu client to access shared internet from a peer:
./kadugu -u <peer_id>
Replace <peer_id> with the peer ID of the sharer. 2. Change the browser proxy setting to 127.0.0.1:8080 to use it.
Contributions to Kadugu are welcome! Whether you find a bug, have a feature request, or want to contribute code, please feel free to open an issue or submit a pull request.