docs / mlsh.io

MLSH is a self-hosted mesh VPN that creates encrypted overlay networks between machines. Traffic flows peer-to-peer over QUIC with post-quantum key exchange. A lightweight signal server handles registration and peer discovery, and relays traffic only when a direct connection cannot be established. Each node is assigned a stable overlay IP and a DNS name inside the cluster, so peers can be addressed by name without exposing ports or configuring gateways.

Getting Started

Install MLSH, bootstrap a cluster, and connect your first node in a few minutes.

CLI Reference

Commands, flags, and configuration for the mlsh CLI.

Signal Server

Deploy, configure, and operate the MLSH signal server.

Security

Cryptographic primitives, the trust model, and threat considerations.

Networking

QUIC tunnels, NAT traversal, and the overlay DNS resolver.

Troubleshooting

Diagnosing connectivity problems and reading logs.