What is Reddit's opinion of
Tinc VPN?
From 3.5 billion Reddit comments
9 reviews of this app found across Reddit:
OpenVPN will probably be easiest to setup, there is plenty of tutorials in net.
There is also tinc which creates a mesh between all servers, which is slightly nicer if you connect more than one box together
It's just an IPv6 tunnel broker based around Tinc
>Unlike a traditional tunnel broker, our scheme tunnels IPv6 transport based on Tinc VPN and dynamic routing protocol by Babel , enables the IPv6 communication between participants take Free Networks shortest paths instead of forcing all traffic to move back and forth until the end of the tunnel where the gateway.
Well first see it is available in your package manager if not download
http://www.tinc-vpn.org/packages/tinc-1.1pre16.tar.gz
Then follow INSTALL readme file, you probably need gcc make etc, if it is debian based generally this would get all "apt install build-dep"
You need to research some tuts as well, I never used tinc before so it took a bit of couple tries but after that everyhing work perfectly for me. With OpenVPN stuff always worked half ass because I was not able to get routing done properly with it.
There are other Vpn solutions that might be avail for your device through OS repo, you need to search for those as well.
For instance follow this tut to set up Tinc, see if you even understand what you need to do.
In the end do not forget to check the link I gave in my first reply, you need to do that to access internal ips. Or you set each client individualy and access them through their VPN Ips.
From what I've read it seems to be easy to maintain and scale when you have a lot of servers because the tinc deamon exchanges information about the servers, so they should connect to each other automatically or find alternative routes when one server in between might be not available.
I guess OpenVPN would work but you would have to get around these problems (as far as I can see): * If you want to connect each server to one another, you would need to manually configure (n^2) tunnels and keep them running. When you then add one server you would need another (n -1) configurations on the new server and the one configuration for the new server on every existing server. * If you only connect each server to one or two other servers you need to keep track of all the existing routes and if one server would loose the one or two other servers it has, it would be isolated from all the other servers. * When an OpenVPN connection drops I'm not sure if it will reconnect on it's own.
With tinc all the above problems should be handled on it's own because the tinc deamons communicate between each other and will exchange the configurations they have. So if a new server is connected to the vpn network all the deamons will exchange the configuration and connect to it (at least thats what is statet in the manual: http://www.tinc-vpn.org/documentation-1.1/How-connections-work.html#How-connections-work). It will also try to reconnect to other servers automatically.
From your description this looks like what you need: http://www.tinc-vpn.org I don't know how easy it is to configure, but the description reads very promising.
The only thing I can tell you that my VPN provider uses it to connect all of it's servers with one another and that the performance I get when going through half of europe is IMHO good:
VPN directly to the exit server in the netherlands: 44 ms ping and 25.75 Mbit download
VPN to a server in switzerland and exit through the same server as above in the netherlands via SOCKS5: 63 ms ping and 24.63 Mbit
Distributing the public keys is kind of annoying, but it doesn't happen often enough to really be a problem.
I have one system that runs continuously and all of the other tinc nodes are configured to connect to it at least, which is all that would really be required. It also has a web interface to keep track of which nodes are reachable or unreachable. Some others do have extra ConnectTo lines for other nodes where port forwarding is set up, mainly for redundancy.
tinc will automatically establish direct connections between nodes if possible, even without specifying ConnectTo for everything. It can do this even if one of the nodes is behind NAT with no port forwarding, as long as there's a third node to work sort of like STUN.
http://www.tinc-vpn.org/documentation-1.1/How-connections-work.html
The 1.1 branch of tinc will have invite and join functions plus a control socket which should make management easier.
You might find it easier to set up a VPN with tinc. It simplifies things by using a hostname file included with it's Public Key so you only need to copy one file to each sharing peer. Simple instructions can be found here.
For OpenVPN I used to use the webmin module to set it up.
Awesome, thanks so much... this is what I was hoping to hear. Don't strictly need a completely static IP for my VPN (yay tinc) but don't want one that flaps around every 24 hours either. Thanks again!
Yah, talked with someone else about it. He thinks if you did Virtual server with the ports on both ends.. his and yours. It might work.
Also found a alternative for Hamachi its called Tinc