noisysockets VS netbird

An interesting (and portable) alternative to network namespaces is to bypass kernel networking entirely and use a userspace network stack.

I've got an example of doing just that with my project Noisy Sockets, https://github.com/noisysockets/noisysockets/blob/main/examp...

https://github.com/noisysockets/noisysockets

With that, you can replace a Dialer in Go that connects sockets, effectively wrapping sockets with Wireguard. Since it does that in userspace, you get no tun/tap. This is all open-sourced by @dpeckett

With those things, he also built a userspace wireguard gateway that includes DNS resolution. https://github.com/noisysockets/gateway

https://news.ycombinator.com/user?id=dpeckett

Might as well take the opportunity to shill one of my recent experimental projects, If you are interested in building Go apps that act as userspace WireGuard peers take a look at https://github.com/dpeckett/noisysockets

Based off the excellent work in done by wireguard-go but I've attempted to simplify and make things a lot more idiomatic for library use.

The best way to securely connect your functions to your other resources is with an encrypted mesh network like NetBird. NetBird lets you link your infrastructure together using a zero-config private WireGuard network that works across cloud, serverless, and on-premise infrastructure.

NetBird - NetBird is an open-source VPN management platform built on top of WireGuard® making it easy to create secure private networks for your organization or home.

NetBird simplifies Kubernetes access with its zero-configuration approach, leveraging WireGuard's simplicity and strength. It seamlessly integrates with various tools, offering transparency and high reliability as an open source solution.

Netmaker (https://www.netmaker.io/) Netbird (https://netbird.io/)

NetBird is a configuration-free, peer-to-peer private network combined with a centralized access control system. Utilizing a WireGuard-based overlay network, it ensures encrypted connections between machines without the need for complex configurations such as port openings, intricate firewall rules, or VPN gateways. Prioritizes security with intuitive management of granular access policies for secure remote access, applicable universally across any infrastructure. petr205 explains, "Their SaaS version is free up to 100 machines and 5 users, but the self-hosted version is exactly the same and has very low requirements."

It is always great to see another solution using Wireguard, which is a great technology for modern private connectivity.

I built https://github.com/netbirdio/netbird, which can be self-hosted and offers an option to run Wireguard without managing firewalls for P2P connectivity.