InterCloud eXpress (ICX)

ICX is a high-performance, kernel-bypass VPN solution for cloud environments.

Features

UDP/Geneve based.
Layer 3 tunneling (IPv4 and IPv6).
Kernel-bypass using AF_XDP.
AES-GCM-128 crypto with replay protection.
Cryptokey routing (a la. WireGuard's allowed_ips).
Control/data-plane separation (like IPsec, allows for pluggable auth).

Notes

On Debian you might need to create this symlink to fix bpf compilation issues:

sudo ln -sf /usr/include/$(uname -m)-linux-gnu/asm /usr/include/asm

Security

ICX is experimental and has not yet undergone a formal security audit or external review. While the design draws from established patterns, the implementation may contain bugs, vulnerabilities, or cryptographic weaknesses.

Use ICX at your own risk.

Performance

2 x c7gn.2xlarge instances in the same us-west-2 availability zone with a cluster placement strategy.

Name		Name	Last commit message	Last commit date
Latest commit History 39 Commits
.github/workflows		.github/workflows
addrselect		addrselect
assets		assets
cli		cli
filter		filter
flowhash		flowhash
forwarder		forwarder
geneve		geneve
mac		mac
ndproxy		ndproxy
permissions		permissions
proxyarp		proxyarp
queues		queues
replay		replay
udp		udp
veth		veth
.clang-format		.clang-format
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
go.mod		go.mod
go.sum		go.sum
handler.go		handler.go
handler_test.go		handler_test.go
util.go		util.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

InterCloud eXpress (ICX)

Features

Notes

Security

Performance

About

Uh oh!

Releases 10

Packages

Languages

License

apoxy-dev/icx

Folders and files

Latest commit

History

Repository files navigation

InterCloud eXpress (ICX)

Features

Notes

Security

Performance

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases 10

Packages 0

Languages

Packages