Build a global ethernet network using sanctum p2p e2ee tunnels.
Tier6 uses the sanctum protocol and its cathedrals to autodiscover peers in the same flock and establish p2p e2ee tunnels to each peer in full mesh mode. All incoming traffic is dumped into a single tap interface. Return traffic is only sent to peers on which the destination MAC address has been seen as a source earlier, acting like a soft-switch.
+--------+ p2p e2ee +--------+
| node 1 | <--------------> | node 2 |
+--------+ +--------+
^ ^ ^ ^
| |____ ___| |
| v v |
| +-------------+ |
| | virtual | |
p2p e2ee | | ethernet | | p2p e2ee
| +-------------+ |
| ^ |
| | |
| +--------+ |
+-----> | node 3 | <-----+
+--------+
Tier6 is L2 only.
Tier6 can autoconfigure ipv4 on the interface, when started with the -a flag.
For details on how the underlying tunnels works see docs/crypto.md in the sanctum repository.
Building
Tier6 works on Linux, OpenBSD and MacOS.
You need libkyrka and pkg-config installed, plus whatever libs libkyrka needed (eg: libsodium).
Note: Use gmake on OpenBSD.
Configuration
You need a cathedral setup to run this, once you have the relevant files you can create a simple configuration. See the example configuration in this repository.
A community cathedral network can be found at The Reliquary.
The configuration supports reliquary file paths out of the box.