Last modified 3 years ago Last modified on 05/09/2016 10:50:46 PM


Tunneldigger is a simple VPN tunneling solution based on L2TPv3 tunnels supported in recent Linux kernels with features targeted at community networks:

  • auto-configuration of layer 2 kernel-based tunnels
    • layer 2 allows both bridging of tunnels or using both IPv4 or IPv6 protocols
    • any new node can automatically connect to the VPN and it just works
  • optional bi-directional rate limiting
    • node maintainers can decide how much of bandwidth can tunnel consume at most
  • using in-kernel tunnels and not user-space tunnels
    • in-kernel tunnels have significantly higher throughput (factor of 10) especially on small embedded devices because packets can be routed directly in the kernel without having to go to a user-space daemon (like OpenVPN or tinc)

Tunneldigger does not:

  • provide encryption of data send over tunnels
    • use end-to-end encryption or use IPSec
  • provide authentication – anyone can connect to the broker and establish a tunnel
    • use some other mechanism of media access control


  • Tunneldigger uses UDP ports 8942, 53 and 123, they are tried in that order, the first one that works is used