May 10, 2024: EtherTunnel Release 1.119 available with minor bugfixes

EtherTunnel #

EtherTunnel implements an encrypted Ethernet LAN-to-LAN tunnel connecting remote broadcast domains. In contrast to other solutions, EtherTunnel requires no configuration changes, no MTU changes or “MSS clamping” techniques on the participating devices.

An EtherTunnel Endpoint on Debian 12 in 90 Seconds #

This shows the installation and setup of a H0E0 tunnel endpoint on Debian 12 (default authentication, no encryption). The other side is already running. As soon as the tunnel is established and the tunnel parameters appear in green, both Ethernets are transparently connected as if a cable had been plugged.

Features at a Glance #

EtherTunnel connects Ethernet LANs transparently through an UDP tunnel with the following features and properties:

  • The participating machines and devices are not aware of the tunneling.

  • The standard/common Ethernet MTU of 1500 remains as it is on all devices.

  • No router or device configuration changes required.

  • Very efficient custom packet fragmentation/reassembly outperforming the generalized kernel IP/UDP fragmentation and reassembly.

  • Authentication and encryption with ChaCha20-HMAC-SHA256 at several security levels.

  • Allow/deny filters for MAC-addresses, OUIs and Ethertypes.

  • Transport of multiple LANs/VLANs through one single tunnel.

  • A registry mechanism allows NAT traversal (“UDP hole punching”) at four security levels.

  • Native Linux distribution packages available for leading Linux distributions.


read more