English | 简体中文
OpenLAN provides a realization of the transmission of LAN data packets in the WAN, and can establish a virtual Ethernet network in multiple user spaces.
If you have more flexible VPN business needs and need to use VPN to access the enterprise, or use public network cloud hosts for network proxy and network penetration, you can try OpenLAN, which can make deployment easier.
- Users can use OpenLAN to divide multiple network spaces to provide logical network isolation for different services;
- Multiple Central Switchs can use the OpenLAN protocol to communicate on the ethernet layer, and SNAT routes can be added to the second layer network to easily access the internal network of the enterprise;
- Users can use OpenVPN to access the User Network, OpenVPN supports multiple platforms such as Android/MacOS/Windows, etc;
- IPSec tunnel network can also be used between multiple Central Switchs, and it supports further division of VxLAN/STT tenant networks on this network;
- Use a simple username and password as the access authentication method, and you can set a pre-shared key to encrypt data packets;
- The OpenLAN protocol can work on various transmission protocols such as TCP/TLS/UDP/KCP/WS/WSS, TCP has high performance, and TLS/WSS can provide better encryption security;
- OpenLAN also provides simple HTTP/HTTPS/SOCKS5 and other HTTP forward proxy technology, users can flexibly configure proxy for network penetration according to needs;
Central Switch - 10.16.1.10/24
^
|
Wifi(DNAT)
|
|
----------------------Internet-------------------------
^ ^ ^
| | |
Branch1 Branch2 Branch3
| | |
OpenLAN OpenLAN OpenLAN
10.16.1.11/24 10.16.1.12/24 10.16.1.13/24
192.168.1.20/24 192.168.1.21/24
| |
OpenLAN -- Hotel Wifi --> Central Switch(NanJing) <--- Other Wifi --- OpenLAN
|
|
Internet
|
|
Central Switch(Shanghai) - 192.168.1.10/24
|
|
------------------------------------------------------
^ ^ ^
| | |
Office Wifi Home Wifi Hotel Wifi
| | |
OpenLAN OpenLAN OpenLAN
192.168.1.11/24 192.168.1.12/24 192.168.1.13/24
-
Underlay for VxLAN over Internet by IPSec.
47.example.com | | | +-------+ | vps-47| -- 100.65.0.117 +-------+ / \ / \ SPI-117118 / \ SPI-117119 / \ / \ +-------+ +-------+ | vps-92| -------------- | vps-12| +-------+ +-------+ / | | \ / | SPI-118119 | \ 100.65.0.118 | | 100.65.0.119 | | 92.example.com 12.example.com -
DCI Subnet: 192.168.x.x over IPSec Network: 100.65.0.x.
100.65.0.117 | eth1.200 --- | --- eth1.100 \ | / +--------+ | vps-47 | +--------+ / \ / \ / \ / \ enp2s4.100 --- / \ --- eth4.30 \ / \ / +--------+ +--------+ | vps-92 | --------------- | vps-12 | +--------+ +--------+ / | | \ enp2s4.101 --- | | --- eth4.200 | | 100.65.0.118 100.65.0.119 VNI-1023 192.168.30.0/24 [vps-47_eth1.100, vps-92_enp2s4.100, vps-12_eth4.30] VNI-1024 192.168.40.0/24 [vps-47_eth1.200, vps-92_enp2s4.101, vps-12_eth4.200]
