tinc – mesh peer to peer VPN|
ip/tinc [ –d ] [ –p maxprocs ] [ –x inside ] [ –o outside ] [ –c confdir
] [ –n myname ] localip localmask [ hosts... ]|
Tinc implements the mesh peer to peer VPN protocol from https://www.tinc–vpn.org/
as of version 1.0.32. Within a tinc VPN one can reach all the
subnets of all hosts within the network even when not directly
connected to the owning host of the subnet. |
Each host that is directly connected to us has its own hostfile under confdir/hosts/hostname containing its public address, owned subnets, options and RSA public key. The hostfile format is the same as the original tinc implementation. The confdir is specified with the –c option or defaults to the current working directory. Other hosts might exist behind these directly connected nodes but this information is distributed automatically within the protocol.
On startup, tinc creates an ip interface with the address localip and network mask localmask on the inside ip stack (specified with –x option) and starts listening for incoming connections on the outside ip stack (specified with the –o option). When optional hosts are specified on the command line, then it will also do outgoing connections using the outside ip stack. The localmask usually is a supernet of all the subnets within the VPN. Our own hostname myhost can be specified with –n option or is assumed to be the sysname when not specified. This host's RSA private key needs to be present in factotum and tagged with service=tinc and host=myhost.