Architecture & Topology
Isolated Core
Dedicated network namespace (netns) for the main router with NAT, firewall (nftables) and shaping.
User Namespaces
Strict isolation of each client and VPN engine to prevent data leaks.
Veth Pipes
Virtual cables connecting namespaces with internal bridge (br0/br-lan).
Policy Based Routing (PBR)
Strict traffic separation using FWMARK and routing tables.
Painless VDS/VPS Deployment
The Pain of Classic Solutions (MikroTik CHR):
Installing MikroTik CHR on most hosting providers is a complex quest. Images are strictly tied to hardware drivers. To achieve high performance (virtio/vhost-net), administrators have to install Ubuntu, 'live' unmount root partitions, forcefully flash the MikroTik image, and reboot the server hoping it 'starts up'.
Our Solution (VirtNet Core):
We completely eliminate this pain. Our solution lacks the architectural crutches of hypervisors. VirtNet runs as an isolated Cloud-Native application and deploys via a standard Docker container on any Linux system in just a few seconds.
Key Features
Networking (Backend & Core)
Bridges, IP, NAT/nftables, QoS, DHCP, ARP management. Built-in diagnostics (Ping, Traceroute).
Security & Traffic Protection
Modern encapsulation protocols, Padding, gvisor stack isolation, countermeasures against packet analysis.
Users & Roles (RBAC)
Access control, individual interface assignment, policies, and QoS limits.
Modern Web GUI
SPA (React) + API (Golang). Settings, web terminals, JSON config editor.
Current Project Status
Completed (Phase 7): diagnostics, shaping (HTB), namespaces API, container access.
Next steps: RBAC, WireGuard, metrics analytics system.