Not to be confused with the other WAND's...

WanD is a suite of programs to form a multipoint VPN. The (only?) implementation of this is the MetaNet

There is more information on the MetaNet page than there is here !

Theres also a WanDaemonToDoList on the wiki

WanD is a suite of programs each performing a simple, but specific task.


Etud is the "Ethernet Over Udp Driver" program. It's fairly simple. It reads a packet from the kernel (either via ethertap(7)? or tuntap(7)?), looks at the destination MAC address, and looks up inside it's internal "Mac -> Real IP" mapping and sends the packet out over the Internet in a UDP packet to that IP address. If some data arrives on it's UDP port it's even easier, it just takes the data and passes it up to the kernel over the ethertap(7)? or tuntap(7)? interfaces.

The different kernel drivers are dlopen(3)'d at runtime allowing for users to decide to compile different drivers since one of the problems we had with IPT was that people couldn't compile it because it statically linked all the various drivers into the main program and their OS didn't support that driver.

In the main tree head (at the moment) new configuration code has been added.


Wand is the bit that makes the MetaNet work. Wand's job is to keep Etud's "Mac -> Real IP" mapping up to date. It sends a packet to any servers it knows of via UDP with the MAC address of this node in it. It expects a reply back with the current list of Mac addresses. If it doesn't get one, it retransmits quickly reasking for it. For each (MAC,IP) pair, it inserts/updates them into Etud using a Unix domain socket (see unix(7)) using a very trivial protocol.

Eventually it would be nice to replace this with a complete peer to peer protocol similar to IPT's (without the war'ing bugs!)


Wansd is the Server part of Wand. It gets packets transmitted to it from WanD. It adds these to it's internal (MAC,IP) listing. If this changes it's (MAC,IP) table, it will broadcast this change to all people that participate. It then replies back to the originator with it's full (MAC,IP) listing.


Client is a trivial client that talks over the same unix domain socket to Etud as Wand does. It lets you perform simple operations such as "view the current (MAC,IP) table", and "add entry" and "delete entry".