Last updated on July 1, 2020 by Dan Nanni
There are cases where you want to create more than one VPN tunnels between a pair of hosts. Why? With multiple tunnels, you could use each tunnel for a different purpose, achieving full isolation among traffic belonging to different tunnels. Depending on which tunnel traffic goes through, you could even apply different QoS or security policies to the underlying traffic.
Tinc VPN allows you to create multiple VPN tunnels between a pair of hosts. Here is how you can do it.
In this example, I am going to create two VPN tunnels between hosts
bob. I assume that
alice serves as a
tinc VPN bootstrapping point, while
bob initiates a connection to
alice. Two VPNs created between
bob are named
tinc daemon can only manage one VPN, meaning that if you want to create multiple tunnels between two hosts, you need to run as many
tinc daemons on each host.
tinc configuration instruction, provision two separate
tinc VPNs named
vpn2. If you follow the
tinc configuration instruction, two sets of
tinc configuration files will be stored in
/etc/tinc/vpn2. Make sure to use two distinct
tinc interface names (e.g.,
tun1) as well as two different subnets for these two VPNs.
One more step is needed since
tinc daemon, by default, listens on port
655 for incoming connections, and thus you cannot run more than one
tinc daemons with the default port setting. For two VPNs
vpn2, you can use the default port for one VPN (e.g.,
vpn1), but need to use another port for the other VPN (e.g.,
In order to configure a port number to use for
vpn2, do the following.
On both hosts
bob, append the following in
/etc/tinc/vpn2/hosts/bob. The port number can be anything other than
tinc's default port number
Port = 700
tinc configurations are done, start two
tinc daemons on each host as follows.
$ sudo tincd --net=vpn1 $ sudo tincd --net=vpn2
Please note that this article is published by Xmodulo.com under a Creative Commons Attribution-ShareAlike 3.0 Unported License. If you would like to use the whole or any part of this article, you need to cite this web page at Xmodulo.com as the original source.