Multi-link VPN (ADSL/SDSL/xDSL/Network aggregation / bonding)
C M4 Shell Other
Clone or download
Laurent Coustet
Laurent Coustet BSD: tun device name fix.
In *BSD, fix the device selection: It was only possible to use tun0-9 due to wrong
string terminaison.
Now even on *BSD, it's possible to set a custom tun* name. For example to fix tun1, tun2, ...
Latest commit 6f13423 Sep 1, 2017
Failed to load latest commit information.
doc Merge pull request #59 from Congelli501/patch-2 Jul 26, 2016
m4 refactoring the --enable/--disable-control system, stolen from lldp p… Feb 17, 2015
man Merge pull request #79 from stapelberg/patch-3 Jul 26, 2016
src BSD: tun device name fix. Sep 1, 2017
.gitignore DOC: Update OpenBSD: mlvpn is now part of the ports tree. Nov 12, 2015
.gitlab-ci.yml CI: Use internal GITLAB-CI for static binaries generation Jun 22, 2016
.travis.yml CI: Travis still stuck on a distro which does not have libsodium-dev Mar 29, 2016
AUTHORS Add routing table selection for FreeBSD and OpenBSD (FIB) Mar 28, 2016
INSTALL More gentle redirect to README Oct 20, 2015
LICENCE LICENSE update, include fixes Mar 4, 2015 Add some "release" mecanism in the Makefile (make release) helps to g… Oct 21, 2015
README.Debian Add little README.Debian to help using mlvpn under debian system. Feb 16, 2015 Add some informations about NetBSD. Feb 23, 2015 DOC: update OpenBSD 5.9+ instructions (doas, rc.d) Nov 14, 2016 DOC: need to pass executable path just after args for debugging Nov 14, 2016 DOC: README: add contributor Jul 26, 2016 mention log_level was removed from configuration file. Feb 28, 2015 Implement simple bpf packet filtering for VoIP on aggregated tunnel. Nov 12, 2015 autotools: add more compilation warnings -Wextra Dec 13, 2016
gdb-cmds.txt Add helper commands for gdb Sep 17, 2015
git-version-gen Fix git-version-gen to use --tags Oct 20, 2015 Massive update/refactoring of the build system for the documentation. Feb 17, 2015

========================================= MLVPN - Multi-Link Virtual Public Network

Build Status Coverity Status

author: Laurent Coustet

Take a look at the official documentation on Read The Docs


MLVPN will do its best to achieve the following tasks:

  • Bond your internet links to increase bandwidth (unlimited)
  • Secure your internet connection by actively monitoring your links and removing the faulty ones, without loosing your TCP connections.
  • Secure your internet connection to the aggregation server using strong cryptography.
  • Scriptable automation and monitoring.

Quick install

Install debian package

sudo apt-key adv --keyserver --recv 3324C952
echo "deb unstable/" >/etc/apt/sources.list.d/mlvpn.list
sudo apt-get update
sudo apt-get install mlvpn

Install FreeBSD port

pkg install git libev libsodium
git clone --branch freebsd mlvpn
cd mlvpn

Install "static" package

This is usefull on old systems. For example, for debian

tar -C / -xpzf mlvpn_static_ev_4.22_libsodium_1.0.10.tar.gz
adduser --quiet --system --no-create-home --home /var/run/mlvpn --shell /usr/sbin/nologin mlvpn
chmod +x /etc/init.d/mlvpn
insserv mlvpn

Build from source

# Debian
$ sudo apt-get install build-essential make autoconf libev-dev libsodium-dev libpcap-dev
# OR ArchLinux
$ sudo pacman -S base-devel git libev libsodium
$ ./
$ ./configure
$ make
$ make install

Build debian package

$ sudo apt-get install build-essential make autoconf
$ dpkg-buildpackage -us -uc -rfakeroot

Generating a static binary

apt-get install flex bison build-essential
tar xzf libev-${EV_VERSION}.tar.gz
tar xzf libsodium-${LIBSODIUM_VERSION}.tar.gz
tar xzf libpcap-${PCAP_VERSION}.tar.gz

echo libev
(cd libev-${EV_VERSION}
./configure --enable-static --disable-shared --prefix $HOME/libev/
make -j4 install)

echo libsodium
(cd libsodium-${LIBSODIUM_VERSION}
./configure --enable-static --disable-shared --prefix=$HOME/libsodium/
make -j4 install)

echo libpcap
(cd libpcap-${LIBPCAP_VERSION}
./configure --disable-shared --prefix $HOME/libpcap/
make -j4 install)

tar xzf mlvpn-${MLVPN_VERSION}.tar.gz
cd mlvpn-${MLVPN_VERSION}
libpcap_LIBS="-L${HOME}/libpcap/lib -lpcap" libpcap_CFLAGS="-I${HOME}/libpcap/include" libsodium_LIBS="-L${HOME}/libsodium/lib -lsodium" libsodium_CFLAGS=-I${HOME}/libsodium/include libev_LIBS="-L${HOME}/libev/lib -lev" libev_CFLAGS=-I${HOME}/libev/include ./configure --enable-filters LDFLAGS="-Wl,-Bdynamic" --prefix=${HOME}/mlvpn/
make install


  • libev
  • libsodium
  • libpcap (optional)


Privilege separation

MLVPN uses privilege separation to keep high privileges operations away from the core routing stuff.

Code running as root is very minimalist and highly readable to avoid risks as much as possible.

Read more about privilege separation


  • Encryption: Salsa20 stream cipher
  • Authentication: Poly1305 MAC

Read more on salsa20 and libsodium.

Principle of operations



Linux, OpenBSD, FreeBSD, OSX

Windows is NOT supported, but MLVPN runs on routers, so you can benefit from MLVPN on ANY operating system of course.


  • Laurent Coustet, author and maintainer
  • Philippe Pepiot, contributor (privilege separation, bugfix)
  • Ghislain Lévèque, contributor (weight round robin)
  • Fabien Dupont, contributor (bugfix)
  • Thomas Soëte, contributor (bugfix)
  • Frank Denis, contributor (documentation)
  • Nicolas Braud-Santoni, contributor (documentation)
  • Stuart Henderson, contributor (OpenBSD port/package)
  • Olivier Cochard-Labbé, contributor (FreeBSD/OpenBSD fib routing)
  • Michael Stapelberg, contributor (documentation)


See LICENSE file.


Documentation is available on Read The Docs.
The manpage is also authored in Markdown, and converted using ronn.