About

Benjamin Coddington started this project to provide a (mostly) software-defined network that could be used by distributed developers to test NFS. The idea was to use OpenVPN to create the network, and a git repo to distribute OpenVPN connection configuration files with certificates that allow systems to join the network without requiring a password

In order to provide OpenVPN configuration files with certificates and secrets, the git repo encrypts the configuration files using diffie-helman public keys. If clients are added to the network, the person requesting the client can use the included tools in the repo to create a public/private key pair that will then be used by the registars of the network to encrypt an OpenVPN config file to access the network.

Work completed so far

We have one OpenVPN server (vpn.nfsv4.dev) and one LDAP/DNS/Kerberos server (ipa.nfsv4.dev) that are ready to support network services for NFS servers and clients on an IPv6-only private network. Edge servers and clients can join this network by using OpenVPN client software that is version 2.5 or later with a configuration file that is distributed through the nfs-vpn git repository.