alt Hacker NewsShow HN: Netrinos – A keep it simple Mesh VPN for small teams
I'm the founder at Netrinos. I built a WireGuard-based mesh VPN because remote access has always been a pain. After years of SSH tunnels, IPsec headaches, and the ssh log horror movie, I wanted something simpler: install, sign in, get work done.
Netrinos creates a LAN-like overlay network across your devices. Connections are direct P2P via WireGuard, with no central server routing traffic. Each device gets a stable IP and DNS name (pc.you.netrinos.com). When direct connections fail, they fall back to a relay server that's still encrypted end-to-end. We can't see your traffic.
The most challenging problem to solve was NAT traversal. UDP hole punching works most of the time. The rest is a cocktail of symmetric NAT, CGNAT, and serial NATs. We use STUN-style discovery and relay fallback for the edge cases. I was surprised by how unreliable low-end ISP routers really are, and how much technical wizardry it takes to hide that behind a clean, simple UX.
Our stack is a Go backend for client and server, WireGuard kernel mode for Linux and Windows (macOS is userspace), Wails.io for cross-platform UI. WireGuard does all the heavy lifting. Go ties it all together.
Popular use cases include: RDP to home PCs, accessing NAS without exposing it, and SSH into headless Linux boxes. One customer manages hundreds of IoT devices in the field, eliminating the need to deal with customer routers.
We just released Pro with multi-user, access control, and remote gateway routing. Personal is free (up to 100 devices).
I'd love to hear what you expect from a simple mesh VPN, what's missing from current tools, and what's lacking from your remote access setup. Use code HNPRO26 for a 30-day trial of Pro.
Comments
Well, I wish you the best with this - but I really don't understand the target market.
The obvious competitor here is Tailscale. But let's say, reasons, and Tailscale isn't an option. Then you go down the path... TwinGate, Teleport, Netbird, Pomerium, Netmaker, ZeroTier, etc...
Even the initial pricing and free tier are you're up against are going to mostly be a deal breaker compared to what's out there.
Trusting a VPN provider is a lot. If you're running the control plane - why should I trust Netrinos?
The "No IT Department" part of your marketing immediately turns me off because that's actively encouraging "shadow IT".
We all get that sometimes companies have IT policies which are outdated and get in the way, but that's a problem for someone up the chain to solve. A team or department deciding to just start doing their own thing with something like this which isn't managed by or even known about by the official company IT is at best a path to future problems if not an immediate compliance problem.
The GitHub link on your website is 404 (https://github.com/netrinosnetwork)
I really like your fair differentiation and feature comparison vs Tailscale, netbird etc.
Love to see the ecosystem of wireguard based services growing into different business segments, i.e. you targeting SMBs/small teams.
Not for me, but legitimate use case and product :)
Can anyone explain to me (someone not so network security savvy) if there are any privacy or security concerns using a wire guard provider like this?
As I understand it, with traditional VPNs, you basically have to trust third-party audits to verify the VPN isn't logging all traffic and selling it. Does the WireGuard protocol address theses issues? Or is there still the same risk as a more traditional VPN provider?
Naive question here: with WireGuard VPN, does all traffic route through the VPN or only those packets bound for the other devices in the mesh?
Any plans for Exit Node capability (traditional egress VPN)?
I only use Tailscale for two features - one is having every machine on the network use a logical name of the pattern {projectname}-{environment} ie: `ssh me@hn-prd` and the other is exit nodes. I couldn't work out from your site if either of these two things is doable here.
>We use STUN-style discovery and relay fallback
How does your relay compare to Tailscale's (DERP)?
Full disclaimer: huge Linux fanboy here.
Not really related to the product itself, but your landing page design looks close to the official Microsoft style which I dont have the best memories of..
It might be intentional to show the "seamless integration" to Windows users but my penguin loving soul got scared!
I use Twingate both for personal use (my home) and to access AWS EC2 servers (no public ips) and really love it. Very polished, easy setup. How does Netrinos compare?
[dead]
[dead]
[dead]
What's the main differentiator between Tailscale and Netrinos?
Edit: Just found this post https://netrinos.com/blog/tailscale-alternatives-2025, so it looks like main differentiator is pricing right now.