From Wiki
Revision as of 00:36, 18 April 2011 by Admin (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

UCIS VNE is a library providing components to build a Virtual Network Environment.

VNE components

VNE includes, among others, the following components:

  • Ethernet switch
  • IPv4 router
  • IPv6 router
  • TCP/IPv4 stack and socket interface
  • TCP/IPv6 stack and socket interface
  • Basic IPv6 NAT, IPv6-to-IPv4 address & protocol translation
  • BGP router (protocol, route selection, IPv6)
  • IPv4 fragmentation and reassembly
  • Ethernet-IPv4 interface, including ARP and Proxy-ARP support
  • Ethernet-IPv6 interface, including Neighbor Discovery Protocol and Proxy-NDP support
  • Ethernet / IP network interfaces:
    • Windows libpcap network bridge
    • Libpcap dump file (output only)
    • QuickTun VPN tunnel support (raw, nacl0, nacltai)
    • Tun/tap device support on Windows and Linux
    • VDE switch client
  • Socks proxy server and client
  • Promiscuous TCP listener (listen on all addresses and ports)
  • slirp like address/protocol translation (including proxy support)
  • DNS encoding/decoding/rewriter

Planned features include:

  • Connection tracking NAT/NAPT (IPv4 and IPv6)
  • IPTables like rule based firewall, routing and processing
  • IPv6 fragmentation
  • ICMPv6 (partial support)
  • 6in4/6to4 tunnel
  • DNS server resolver
  • LWIPV6 support
  • VDE switch/server, connector using libvdeplug, vde_plug compatible connector

All components are implemented in pure (although sometimes 'unsafe') C# code. Most components can run on both Windows and Linux hosts and run in user space without any special privileges.

Components can be linked together with only a minimal amount of code in any language that supports the Microsoft .Net framework. All components are simply instances of classes, making it possible to, for example, deploy multiple IP routers in one application with only minimal overhead, and to interconnect them to each other, use them separately, or even use NAT mappings between them.

Example usage scenarios

  • BGP daemon for Windows
  • Interactive BGP monitor (publish updates to IRC, export routes to a web interface)
  • VPN software (Windows/Linux)
  • Isolated pure software router (user-space BGP daemon, IP stack and IP router)
  • Training and testing setups
  • Firewalled SOCKS proxy server
  • Transparent gateway to transport IP connections over SOCKS
  • slirp-like gateway ('SNAT' to host sockets)
  • Isolating applications network access (ld_preload / winsock compatible dll)
  • IPv6-to-IPv4 translator for transition
  • IPv6 NAT gateway

Known usage scenarios

  • Isolated BGP-speaking IP router, tunnels, IPv6 NAT and informative BGP web interface on Anonet (for more information, see VNE/DNRouter)
  • Real time BGP monitor (reporting updates to IRC) to investigate BGP loops and convergence (on dn42)


A precompiled .Net binary is available on You will need at least VNE.dll and UCIS.dll. UCIS.NaCl.dll is required for encrypted QuickTun protocols. The code may be released as open source later on, once I've decided about a licensing model.


Feel free to contact me for more information, by sending an e-mail to or visiting #chat (ask for Ivo) for a live chat.