Skip to content
Multi-link VPN (ADSL/SDSL/xDSL/Network aggregation / bonding)
C M4 Shell Other
Branch: master
Clone or download

Latest commit

Latest commit 67f9f31 Mar 29, 2020


Type Name Latest commit message Commit time
Failed to load latest commit information.
doc Systemd: add --name argument for setproctitle to change mlvpn process… Feb 20, 2020
m4 refactoring the --enable/--disable-control system, stolen from lldp p… Feb 17, 2015
man Merge pull request #79 from stapelberg/patch-3 Jul 26, 2016
src Merge pull request #81 from stapelberg/metrics Mar 29, 2020
.gitignore Gitignore: ignore debian package generated stuff Feb 20, 2020
.gitlab-ci.yml CI: Use internal GITLAB-CI for static binaries generation Jun 22, 2016
AUTHORS Add routing table selection for FreeBSD and OpenBSD (FIB) Mar 28, 2016
INSTALL More gentle redirect to README Oct 20, 2015
LICENCE LICENSE update, include fixes Mar 4, 2015 Add some "release" mecanism in the Makefile (make release) helps to g… Oct 21, 2015
README.Debian Add little README.Debian to help using mlvpn under debian system. Feb 16, 2015 Add some informations about NetBSD. Feb 23, 2015 Doc: update to proper markdown Feb 20, 2020 DOC: need to pass executable path just after args for debugging Nov 14, 2016 Add openbsd howto Mar 29, 2020 Implement simple bpf packet filtering for VoIP on aggregated tunnel. Nov 12, 2015
git-version-gen Massive update/refactoring of the build system for the documentation. Feb 17, 2015

MLVPN - Multi-Link Virtual Public Network

Build Status Coverity Status

author: Laurent Coustet

Take a look at the official documentation on Read The Docs


MLVPN will do its best to achieve the following tasks:

  • Bond your internet links to increase bandwidth (unlimited)
  • Secure your internet connection by actively monitoring your links and removing the faulty ones, without loosing your TCP connections.
  • Secure your internet connection to the aggregation server using strong cryptography.
  • Scriptable automation and monitoring.

Quick install

A Nice tutorial using OpenBSD

See solene's article on how to use mlvpn on OpenBSD

Install debian package

sudo apt-key adv --keyserver --recv 3324C952
echo "deb unstable/" >/etc/apt/sources.list.d/mlvpn.list
sudo apt-get update
sudo apt-get install mlvpn

Install FreeBSD port

pkg install git libev libsodium
git clone --branch freebsd mlvpn
cd mlvpn

Install "static" package

This is usefull on old systems. For example, for debian

tar -C / -xpzf mlvpn_static_ev_4.22_libsodium_1.0.10.tar.gz
adduser --quiet --system --no-create-home --home /var/run/mlvpn --shell /usr/sbin/nologin mlvpn
chmod +x /etc/init.d/mlvpn
insserv mlvpn

Build from source

# Debian
$ sudo apt-get install build-essential make autoconf libev-dev libsodium-dev libpcap-dev
# OR ArchLinux
$ sudo pacman -S base-devel git libev libsodium
$ ./
$ ./configure
$ make
$ make install

Build debian package

$ sudo apt-get install build-essential make autoconf
$ dpkg-buildpackage -us -uc -rfakeroot

Generating a static binary

apt-get install flex bison build-essential
tar xzf libev-${EV_VERSION}.tar.gz
tar xzf libsodium-${LIBSODIUM_VERSION}.tar.gz
tar xzf libpcap-${PCAP_VERSION}.tar.gz

echo libev
(cd libev-${EV_VERSION}
./configure --enable-static --disable-shared --prefix $HOME/libev/
make -j4 install)

echo libsodium
(cd libsodium-${LIBSODIUM_VERSION}
./configure --enable-static --disable-shared --prefix=$HOME/libsodium/
make -j4 install)

echo libpcap
(cd libpcap-${LIBPCAP_VERSION}
./configure --disable-shared --prefix $HOME/libpcap/
make -j4 install)

tar xzf mlvpn-${MLVPN_VERSION}.tar.gz
cd mlvpn-${MLVPN_VERSION}
libpcap_LIBS="-L${HOME}/libpcap/lib -lpcap" libpcap_CFLAGS="-I${HOME}/libpcap/include" libsodium_LIBS="-L${HOME}/libsodium/lib -lsodium" libsodium_CFLAGS=-I${HOME}/libsodium/include libev_LIBS="-L${HOME}/libev/lib -lev" libev_CFLAGS=-I${HOME}/libev/include ./configure --enable-filters LDFLAGS="-Wl,-Bdynamic" --prefix=${HOME}/mlvpn/
make install


  • libev
  • libsodium
  • libpcap (optional)


Privilege separation

MLVPN uses privilege separation to keep high privileges operations away from the core routing stuff.

Code running as root is very minimalist and highly readable to avoid risks as much as possible.

Read more about privilege separation


  • Encryption: Salsa20 stream cipher
  • Authentication: Poly1305 MAC

Read more on salsa20 and libsodium.


Linux, OpenBSD, FreeBSD, OSX

Windows is NOT supported, but MLVPN runs on routers, so you can benefit from MLVPN on ANY operating system of course.


  • Laurent Coustet, author and maintainer
  • Philippe Pepiot, contributor (privilege separation, bugfix)
  • Ghislain Lévèque, contributor (weight round robin)
  • Fabien Dupont, contributor (bugfix)
  • Thomas Soëte, contributor (bugfix)
  • Frank Denis, contributor (documentation)
  • Nicolas Braud-Santoni, contributor (documentation)
  • Stuart Henderson, contributor (OpenBSD port/package)
  • Olivier Cochard-Labbé, contributor (FreeBSD/OpenBSD fib routing)
  • Michael Stapelberg, contributor (documentation)


See LICENSE file.


Documentation is available on Read The Docs. The manpage is also authored in Markdown, and converted using ronn.

You can’t perform that action at this time.