Home

tinc

Tinc is an open-source virtual private network daemon that creates a mesh VPN, enabling encrypted tunnels between multiple hosts across the internet. Unlike traditional VPNs that rely on a single central server, tinc builds a distributed network where each node can connect to many others, forming a flexible and scalable overlay.

The system uses a public-key infrastructure to establish trust between peers. Each host in a tinc network

Configuration and operation are organized around a per-net directory, typically under /etc/tinc/<netname>. The net is defined

Key features include support for IPv4 and IPv6, the ability to route traffic to subnets reachable through

has
a
unique
name
and
a
certificate,
and
the
relationships
between
hosts
are
defined
by
listing
peers
in
the
network
configuration.
When
a
new
host
is
added,
its
certificate
and
host
file
are
shared
with
the
network,
after
which
traffic
can
be
routed
through
the
new
peer.
This
design
supports
dynamic
membership
and
partial
mesh
topologies
without
requiring
a
central
authority
for
every
connection.
by
a
tinc.conf
file,
and
the
membership
of
each
node
is
described
by
host
files
in
a
hosts
directory.
Tinc
runs
as
a
daemon
(tincd)
and
provides
auxiliary
tools
for
management.
Each
node
can
declare
which
subnets
it
offers,
and
the
daemon
handles
the
setup
of
tunnels
and
routing
portions
of
traffic
to
the
appropriate
peers.
other
nodes,
and
encryption
of
traffic
over
the
tunnels.
Tinc
is
cross-platform,
with
implementations
available
for
Linux,
BSD,
macOS,
and
Windows,
and
it
is
distributed
under
the
GNU
General
Public
License.
It
is
commonly
used
to
connect
distributed
networks,
remote
offices,
or
mobile
devices
into
a
cohesive
VPN
mesh.