frp
Nebula
Our great sponsors
frp | Nebula | |
---|---|---|
110 | 140 | |
78,624 | 13,570 | |
- | 1.9% | |
9.0 | 8.7 | |
7 days ago | 10 days ago | |
Go | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
frp
-
Tunnelmole, an ngrok alternative (open source)
I've been self-hosting https://github.com/fatedier/frp on my little box, and it feels insane to think of the times where I didn't have it set up. There are many choices in the space as others pointed out, but frp's capabilities and lightweight packaging blows all other setups out of the water. I placed mine behind nginx with Let's Encrypt for SSL support. Hella fresh!
-
Localtunnel – Expose Yourself to the World
My setup to do the same:
- small Hetzner instance
- my domain's dns pointing to that instance
- frps[1] running on that instance
- frpc running on my local machine and connected to the cloud frps
-
What are hosting?
No, FRP - https://github.com/fatedier/frp
-
Auger: A CLI tool for making tunnels to localhost
Take a look also onto popular, similar to yours project: frp
-
WireGuard Blocked by stupid ISP, How to unblock it?
I'm running my WireGuard instance behind a reverse proxy (specifically https://github.com/fatedier/frp) on a VPS. That also has the advantage of not needing DDNS on non-static IPs. Are you sure your ISP is actually blocking these ports and that it's not just CGNAT?
-
Replacing cloudflare with a VPS - My journey
I just did the same but with Caddy as webserver with automatic SSL certs and https://github.com/fatedier/frp for tunneling
-
About Cloudflare Tunnels
After a few months, I started tinkering with quite a few options people have suggested on the sub. Though this post has generated some new options I hadn't seen before like headscale and frp that I plan to look into and mess with.
If you have a public-facing server/VPS, why not just use https://github.com/fatedier/frp or Nginx Streams (Nginx Proxy Manager supports it)?
-
How We Converted a GitHub Tool Into a General Purpose Webhook Proxy to Supercharge Our Integration Development
Tunneling services can be considered as a solution in some cases. Services like ngrok, frp, localtunnel and sish create a public endpoint that tunnels communication to your local endpoint via a tunnel client.
-
Remote connect tool
I setup tigervnc server on both my linux and windows machinces , then use websockify and noVNC to access them whenever i want through my web browser. you can follow readme of novnc here. If other pcs are on a seperate network or behind a NAT i suggest using frp hosted on a vps (That is what i did) .
Nebula
-
JIT WireGuard
(I am a Nebula maintainer.) We recently merged support for gVisor-based services, although it's very new, and I don't know of much experimentation that's been done with it yet: https://github.com/slackhq/nebula/pull/965
-
Ask HN: What Underrated Open Source Project Deserves More Recognition?
Nebula, originally from Slack[0].
Wireguard rightly gets a lot of attention, but Nebula is a really simple and easy to deploy mesh network that is often overlooked.
It does lack a management GUI and that stuff is very much DIY.
-
Nebula is Not the Fastest Mesh VPN (But neither are any of the others)
Fair enough about the android mobile client... My use case only involves meshing linux appliances across various networks so we only need the nebula core binaries which are under MIT license
nebula seemed like a very interesting choice, when we were looking for a mesh vpn, but the lack of ipv6 support led to it being removed from consideration very quickly
so i have been checking https://github.com/slackhq/nebula/issues/6 every time im reminded nebula exists, for the last few years, without success
-
Nebula is an open-source and free-to-use modern C++ game engine
That's not at all confusing with Slack's Nebula. https://github.com/slackhq/nebula
-
A word of caution about Tailscale
Headscale looks nice. Another option that I don't see mentioned much is Slack's Nebula (https://github.com/slackhq/nebula).
Sounds like a bunch of your pain points are just related to needing an online CA or ICA. But, looking through the Nebula docs I don't know that it supports things like CRL addresses where you could host the CRL, or OCSP responders. Someone got support for an OCSP responder but never submitted a PR with completed code: https://github.com/slackhq/nebula/issues/72
-
Free Tech Tools and Resources - Multi-clock Display, Networking Tools, Digital Forensics & More
Nebula is a scalable, cross-platform overlay networking tool focused on performance, simplicity, and security. This portable tool is equally adapted for linking a small number of computers or scaling to connect tens of thousands. It integrates encryption, security groups, certificates, and tunneling into a powerful, cohesive connectivity solution. Thanks for the recommendation go to jmeador42.
-
Would we still create Nebula today?
But both Nebula and tinc max out at around 1 Gbit/s on my Hetzner servers, thus not using most of my 10 Gbit/s connectivity. This is because they cap out at 100% of 1 CPU. The Nebula issue about that was closed due to "inactivity" [2].
I also observed that when Nebula operates at 100% CPU usage, you get lots of package loss. This causes software that expects reasonable timings on ~0.2ms links to fail (e.g. consensus software like Consul, or Ceph). This in turn led to flakiness / intermittent outages.
I had to resolve to move the big data pushing softwares like Ceph outside of the VPN to get 10 Gbit/s speed for those, and to avoid downtimes due to the packet loss.
Such software like Ceph has its own encryption, but I don't trust it, and that mistrust was recently proven right again [3].
So I'm currently looking to move the Ceph into WireGuard.
Summary: For small-data use, tinc and Nebula are fine, but if you start to push real data, they break.
[1]: https://github.com/gsliepen/tinc/issues/218
[2]: https://github.com/slackhq/nebula/issues/637
[3]: https://github.com/google/security-research/security/advisor...
What are some alternatives?
ZeroTier - A Smart Ethernet Switch for Earth
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
Netmaker - Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
rustdesk - An open-source remote desktop, and alternative to TeamViewer.
tailscale - The easiest, most secure way to use WireGuard and 2FA.
tinc - a VPN daemon
awesome-tunneling - List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.
headscale - An open source, self-hosted implementation of the Tailscale control server
yggdrasil-go - An experiment in scalable routing as an encrypted IPv6 overlay network
wireguard-vyatta-ubnt - WireGuard for Ubiquiti Devices