Views
No nerd left behind VPN
Contents |
the point of it
Connecting to congress through VPN doesn't give you much from a technical point of view. You can get public addresses and actually be on the congress network, so there's that, but you can access most of 28C3's internet infrastructure without that just fine.
There is however for some peace missions a legal reasoning to join the VPN. If you do a peace mission in for example an university, the university may not be too eager to give "their" internet to your guests, expecting them to "misbehave". The VPN offers a way to have your guests be on congress' internet connection, so abuse calls don't end up at your peace mission host.
Please note that this isn't an invitation to employ the VPN for abuse. If we receive abuse reports specific to a particular VPN connection, we won't be able to keep it running.
policy
VPN will be provided upon plausible request. Since there is manual work involved, requests will be filtered. The filtering guideline is that if you're requesting VPN for a group that has a "name", it will be granted. So, basically, you can get VPN for "hackerspace north pole", "university antarctica CS dept", but not for "me and my 3 friends".
technical details
There are 2 primary options planned:
- OpenVPN bridged setup. (easy way)
- you get an OpenVPN tunnel carrying ethernet frames. You bridge that tunnel to your local LAN. DHCP & co. are provided for you.
- OpenVPN routed setup. (hard way)
- you get an OpenVPN tunnel carrying IP/IPv6. You have to set up a router, DHCP server, and most likely some kind of split/policy routing.
If you need something different (IPsec, tinc, etc.), ask and you may receive.
signing up
send a mail to equinox <equinox@diac24.net> containing the following form snippet:
NB: gpg key is mandatory so you can be sent keys.
28C3-VPN-request Name: foobar hackerspace Max-People: 23 Contact-mail: some@mail Contact-xmpp: some@xmpp Contact-pgp: xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx 28C3-IPv4-wanted: <yes|no> 28C3-IPv6-wanted: <yes|no> Desired-Setup: <openvpn-bridged|openvpn-routed|extra> (optional comments here)