Tinc (protocol)

Tinc
Original author(s)	Guus Sliepen, Ivo Timmermans, Wessel Dankers
Developer(s)	The Tinc development team
Initial release	14 November 1998
Stable release	1.0.36 / 26 August 2019;2 years ago
Preview release	1.1pre18 / 27 June 2021;12 months ago
Repository	tinc-vpn.org/git/tinc ;
Written in	C
Platform	Linux, FreeBSD, OpenBSD, NetBSD, DragonFly BSD, Mac OS X, Microsoft Windows, Solaris, iOS, Android
Type	VPN
License	GPL
Website	www.tinc-vpn.org

Last updated July 21, 2022

Tinc is an open-source, self-routing, mesh networking protocol and software implementation used for compressed and encrypted virtual private networks. It was started in 1998 by Guus Sliepen, Ivo Timmermans, and Wessel Dankers, and released as a GPL-licensed project.

Platforms

Tinc is available on Linux, FreeBSD, OpenBSD, NetBSD, DragonFly BSD, Mac OS X, Microsoft Windows, Solaris, iOS (jailbroken only), Android with full support for IPv6.^[4]

Future goals

The authors of Tinc have goals of providing a platform that is secure, stable, reliable, scalable, easily configurable, and flexible.^[4]

Embedded technologies

Tinc uses OpenSSL or LibreSSL as the encryption library and gives the options of compressing communications with zlib for "best compression" or LZO for "fast compression".^[4]

Projects that use tinc

Freifunk has tinc enabled in their routers as of October 2006.^[5]
OpenWrt has an installable package for tinc.
OPNsense, an open source router and firewall distribution, has a plugin for Tinc
pfSense has an installable package in the 2.3 release.
Tomato variants Shibby and FreshTomato include Tinc support.
NYC Mesh uses tinc to connect parts of the mesh over the public internet that would be otherwise out of range.^[6]

Related Research Articles

OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.

pkgsrc Package manager for Unix-like operating systems

pkgsrc is a package management system for Unix-like operating systems. It was forked from the FreeBSD ports collection in 1997 as the primary package management system for NetBSD. Since then it has evolved independently; in 1999, support for Solaris was added, followed by support for other operating systems.

Datagram Transport Layer Security (DTLS) is a communications protocol providing security to datagram-based applications by allowing them to communicate in a way designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees. The DTLS protocol datagram preserves the semantics of the underlying transport—the application does not suffer from the delays associated with stream protocols, but because it uses UDP or SCTP, the application has to deal with packet reordering, loss of datagram and data larger than the size of a datagram network packet. Because DTLS uses UDP or SCTP rather than TCP, it avoids the "TCP meltdown problem", when being used to create a VPN tunnel.

In computer networking, TUN and TAP are kernel virtual network devices. Being network devices supported entirely in software, they differ from ordinary network devices which are backed by physical network adapters.

pfSense is a firewall/router computer software distribution based on FreeBSD. The open source pfSense Community Edition (CE) and pfSense Plus is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network. It can be configured and upgraded through a web-based interface, and requires no knowledge of the underlying FreeBSD system to manage.

FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD), which was based on Research Unix. The first version of FreeBSD was released in 1993. In 2005, FreeBSD was the most popular open-source BSD operating system, accounting for more than three-quarters of all installed and permissively licensed BSD systems.

PeaZip is a free and open-source file manager and file archiver for Microsoft Windows, ReactOS, Linux, MacOS and BSD made by Giorgio Tani. It supports its native PEA archive format and other mainstream formats, with special focus on handling open formats. It supports 226 file extensions.

This is a comparison of notable free and open-source configuration management software, suitable for tasks like server configuration, orchestration and infrastructure as code typically performed by a system administrator.

OpenBSD is a security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by forking NetBSD 1.0. According to the website, the OpenBSD project emphasizes "portability, standardization, correctness, proactive security and integrated cryptography."

Mbed TLS is an implementation of the TLS and SSL protocols and the respective cryptographic algorithms and support code required. It is distributed under the Apache License version 2.0. Stated on the website is that Mbed TLS aims to be "easy to understand, use, integrate and expand".

OpenWrt is an open-source project for embedded operating systems based on Linux, primarily used on embedded devices to route network traffic. The main components are Linux, util-linux, musl, and BusyBox. All components have been optimized to be small enough to fit into the limited storage and memory available in home routers.

University of Tsukuba Virtual Private Network, UT-VPN is a free and open source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses SSL/TLS security for encryption and is capable of traversing network address translators (NATs) and firewalls. It was written by Daiyuu Nobori and SoftEther Corporation, and is published under the GNU General Public License (GPL) by University of Tsukuba.

OpenConnect is an open-source software application for connecting to virtual private networks (VPN), which implement secure point-to-point connections.

SoftEther VPN is free open-source, cross-platform, multi-protocol VPN client and VPN server software, developed as part of Daiyuu Nobori's master's thesis research at the University of Tsukuba. VPN protocols such as SSL VPN, L2TP/IPsec, OpenVPN, and Microsoft Secure Socket Tunneling Protocol are provided in a single VPN server. It was released using the GPLv2 license on January 4, 2014. The license was switched to Apache License 2.0 on January 21, 2019.

LibreSSL is an open-source implementation of the Transport Layer Security (TLS) protocol. The implementation is named after Secure Sockets Layer (SSL), the deprecated predecessor of TLS, for which support was removed in release 2.3.0. The OpenBSD project forked LibreSSL from OpenSSL 1.0.1g in April 2014 as a response to the Heartbleed security vulnerability, with the goals of modernizing the codebase, improving security, and applying development best practices.

Zstandard, commonly known by the name of its reference implementation zstd, is a lossless data compression algorithm developed by Yann Collet at Facebook. Zstd is the reference implementation in C. Version 1 of this implementation was released as open-source software on 31 August 2016.

WireGuard is a communication protocol and free and open-source software that implements encrypted virtual private networks (VPNs), and was designed with the goals of ease of use, high speed performance, and low attack surface. It aims for better performance and more power than IPsec and OpenVPN, two common tunneling protocols. The WireGuard protocol passes traffic over UDP.

ZeroTier Inc. is a software company with a freemium business model based in Irvine, California. ZeroTier provides proprietary software, SDKs and commercial products and services to create and manage virtual software-defined networks. The company's flagship end-user product ZeroTier One is a client application that enables devices such as PCs, phones, servers and embedded devices to securely connect to peer-to-peer virtual networks.

References

↑ Sliepen, Guus (26 August 2019). "Tinc version 1.0.36 released". tinc (Mailing list). Retrieved 3 September 2019.
↑ Sliepen, Guus (27 June 2021). "Tinc version 1.1pre18 released". tinc (Mailing list). Retrieved 27 June 2021.
↑ "Tinc supported platforms". 22 Aug 2017. Retrieved 16 April 2018.
1 2 3 "Tinc main page". 4 Nov 2017. Retrieved 20 April 2018.
↑ "Freifunk firmware 1.4 is out". The Mesh Dot Org. Archived from the original on 2007-09-04. Retrieved 2007-03-28.
↑ "Frequently asked questions". nycmesh.net. Retrieved 2021-06-21.

External links

This computer networking article is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[tinc-announce-005471-1] Sliepen, Guus (26 August 2019). "Tinc version 1.0.36 released". tinc (Mailing list). Retrieved 3 September 2019.

[tinc-announce-005578-2] Sliepen, Guus (27 June 2021). "Tinc version 1.1pre18 released". tinc (Mailing list). Retrieved 27 June 2021.

[3] "Tinc supported platforms". 22 Aug 2017. Retrieved 16 April 2018.

[main-4] 1 2 3 "Tinc main page". 4 Nov 2017. Retrieved 20 April 2018.

[5] "Freifunk firmware 1.4 is out". The Mesh Dot Org. Archived from the original on 2007-09-04. Retrieved 2007-03-28.

[6] "Frequently asked questions". nycmesh.net. Retrieved 2021-06-21.

[1]

[2]

[3]

[4]

[5]

[6]