Peer VPN software

I want a P2P VPN so that my machines can talk to each other directly.

• This gets me better throughput and latency between nodes,
• when the central node goes down, the lateral edges still work,
• and you don't have to trust the central node because data is encrypted and authenticated p2p.

I found three VPN programs that do this: peervpn, tinc, freelan. This is a little note-to-self about what the difference is.

peervpn

Key management: pre-shared key.

Amazingly simple, just works. No keypair hassle.

tinc

Key management: Each host has a host file containing its IP address (internal, in the VPN subnet) plus a public key. By adding this host file to your hosts/ directory, you allow connections from/to it.

Adding new hosts is a bit of a pain because you need to distribute its host file to all involved nodes. This could however also be an advantage because each node can control who is allowed to talk to it.

freelan

Key management: Each host handshakes with a certificate signed by a central CA. Requires signing but then adding nodes is easy.