Hamachi is a
proprietary centrally-managed
VPN system, consisting of the server cluster managed by the vendor of the system and the client software, which is installed on end-user devices. Client software adds a
virtual network interface to a computer, and it is used for intercepting outbound as well as injecting inbound
VPN traffic. Outbound traffic sent by the
operating system to this interface is delivered to the client software, which encrypts and authenticates it and then sends it to the destination VPN peer over a specially initiated
UDP connection. Hamachi currently handles
tunneling of
IP traffic including
broadcasts and
multicast. The Windows version also recognizes and tunnels
IPX traffic. Each client establishes and maintains a control connection to the server cluster. When the connection is established, the client goes through a login sequence, followed by the discovery process and state synchronization. The login step authenticates the client to the server and vice versa. The discovery is used to determine the topology of the client's Internet connection, specifically to detect the presence of NAT and firewall devices on its route to the Internet. The synchronization step brings a client's view of its private networks in sync with other members of these networks. When a member of a network goes online or offline, the server instructs other network peers to either establish or tear down tunnels to the former. When establishing tunnels between the peers, Hamachi uses a server-assisted
NAT traversal technique, similar to
UDP hole punching. Hamachi is frequently used for gaming and remote administration. ==Addressing==