VPN

Experiment – Mesh VPN setup with Tinc

Posted on by Meenakshi Sundaram's Blog

This is super short post on my experiment with setting up a mesh VPN using tinc.

Why?

  • It’s used in creating a VPN out of many small networks that are geographically distributed
  • There is no concept of server or client in tinc, so nodes try to talk to each other directly or through other nodes

Actors in the mesh

<name> – name for each actor

  • Digital Ocean droplet <externalnyc> – to which all below actors connect to
  • Digital Ocean droplet <externalblr>
  • Laptop <fedora> (Home LAN)
  • RaspberryPi <pi> (Home LAN)

How Actors are connected ?

  • externalblr ===> externalnyc
  • fedora ===> externalnyc
  • pi ===> fedora

Assumption is that except externalnyc all others are behind a NAT/Firewall

IP for each actor in VPN

  • externalnyc – 10.0.0.1
  • externalblr – 10.0.0.3
  • fedora – 10.0.0.2
  • pi – 10.0.0.4

Results

  • Every actor is able to talk to every other actor
  • Access services that are allowed in firewall

Sources

tinchttps://www.tinc-vpn.org/documentation-1.1/Concept-Index.html
Tutorialhttps://www.digitalocean.com/community/tutorials/how-to-install-tinc-and-set-up-a-basic-vpn-on-ubuntu-14-04