tailscale
Netmaker
tailscale | Netmaker | |
---|---|---|
1,019 | 167 | |
18,815 | 9,417 | |
2.7% | 0.8% | |
9.9 | 9.7 | |
1 day ago | 5 days ago | |
Go | Go | |
BSD 3-clause "New" or "Revised" License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
tailscale
-
Tell HN: Tailscale is giving 451s within Russia
They started that for a number of countries during 30.08-01.09 2023 [0][1]
[0] https://github.com/tailscale/tailscale/issues/9158
[1] https://www.reddit.com/r/Tailscale/comments/1672n6k/
-
Taildrop lets you send files between your personal devices on Tailscale network
> VPN as a service sounds wrong from security perspective, as you are giving away all the keys.
Tailscale’s Android and Linux clients are open-source[0] and based on WireGuard (which AFAIU is now part of the Linux kernel[1]). With other VPN software you may be owning the keys but you cannot verify what the program does.
Tailscale requires a coordination server to function. This component is not open-source, but there is an open-source reimplementation called Headscale[2] that you can host on your own server.
Additionally, there is "tailnet lock"[3]:
> Tailnet lock lets you verify that no node is added to your tailnet without being signed by trusted nodes in your tailnet. When tailnet lock is enabled, even if Tailscale infrastructure is malicious or hacked, attackers can’t send or receive traffic on your tailnet.
---
> These internal services that are annohnced are just... Services you can run on the Internet with TLS.
I haven’t used Tailscale in a professional context, so I cannot comment on the usefulness there, but I am using it (with Headscale) in my homelab. It makes it very easy to access all the services spread onto multiple boxes from everywhere, let them all use the same AdGuard Home DNS server without having to configure them individually and tunnel all my traffic through my home internet connection using an exit node[4].
I normally use croc[5] for file transfers between boxes, but when I had to fetch some files from my Windows game streaming computer, it was easier to just use Taildrop because Tailscale was installed already.
[0] https://github.com/tailscale/tailscale
-
QUIC Is Not Quick Enough over Fast Internet
BTW, that code changed just recently:
https://github.com/tailscale/tailscale/commit/1c972bc7cbebfc...
It's now a AF_PACKET/SOCK_DGRAM fd as it was originally meant to be.
- I'm blocking connections from AWS to my on-prem services
-
Server Setup Basics for Self Hosting
I recommend checking out [Caddy](https://caddyserver.com/), which replaces both Nginx and Certbot in this setup.
[Tailscale](https://tailscale.com/) can remove the need to open port 22 to the world, but I wouldn't rely on it unless your VPS provider has a way to access the server console in case of configuration mistakes.
-
Tailscale Kubernetes Operator
Anyways, I'm not always at home when I want to work on something and I wanted to find a way to access services remotely. Well tonight I realized I should be able to do this with Tailscale.
- Tailscale: Move away from inet.af domain seized by Taliban
-
The New Internet
Looks like it's due to this: https://github.com/tailscale/tailscale/issues/6999#issuecomm...
-
Kubernetes vs Philippine Power Outages - On setting up k0s over Tailscale
It's important to note potential edge cases when integrating Calico with Tailscale as discussed here. To avoid conflicts, we recommend remapping Calico's netfilter packets. This ensures compatibility and smooth operation in your network setup.
-
9 tools, libraries and extensions our developer can't live without (and why)
Tailscale simplifies network management, enhances security, and facilitates remote collaboration, ultimately enabling them to focus on their core development tasks without worrying about networking complexities.
Netmaker
-
Show HN: Wag, MFA and Enrollment for WireGuard
https://github.com/netbirdio/netbird seems to be completely open source (BSD), https://github.com/gravitl/netmaker?tab=License-1-ov-file#re... uses Apache for the non-pro stuff, and both of those I found by simply looking at https://github.com/topics/wireguard
This is why I asked, the phrase "I decided to reinvent the wheel which has honestly been quite fun with learning about eBPF, and recently clustering and HA with etcd" makes it sound like it's doing a bunch of cool stuff (which I want to hear about!), but the readme says nothing about those.
-
List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.
Netmaker - Layer 3 peer-to-peer overlay network and private DNS. Similar to Tailscale, but with a self-hosted server/admin UI. Runs kernel WireGuard so very fast. Not FOSS, but the source code is available. Written in Go.
- Netmaker: An open source WireGuard VPN
-
Connecting several hundreds IoT (raspberry pi's) devices with a VPN
My plan is to set up an EC2 instance and host a VPN, considering options like Netmaker, OpenVPN, or Tailscale. The goal is to connect these devices to the VPN, enabling SSH access from any connected node. This method seems cost-effective(Considering I want to use 100s of devices and potentially 1000s) and straightforward, requiring a simple setup with a sudo apt command on the Raspberry Pi.
-
Remote access to a NAS from another location?
I'm wondering if there are any alternative approaches to achieve this. Is something like Netmaker or Tailscale feasible enough? If you have any suggestions, I'd greatly appreciate it.
-
Would we still create Nebula today?
https://github.com/gravitl/netmaker
Honorable mention:
SuperHighway84 - more of a Usenet-inspired darknet, but I love the concept + the author's personal website:
https://github.com/mrusme/superhighway84
- Show HN: Netmaker – Netmaker Goes Open Source
-
Netmaker Transitions to Open source: Embracing the Apache-2.0 License
Exciting news to share! Netmaker has officially embraced open source. This momentous decision was unveiled at the Open Source Summit in Europe when the pull request successfully merged, transitioning their server from the SSPL to the widely recognized Apache License 2.0.
-
SD-WAN and SASE Solutions
While we've encountered some challenges and worked with vendors like Cisco to find solutions, I'm curious about recommendations for SD-WAN providers that are well-suited for SASE users. This includes not only Zscaler but also other options like Netmaker, Palo Alto, Cloudflare, Cisco, and Forcepoint.
-
Only allowing my home network to access all my EC2 Instances?
Now, my main question is how I can link my DDNS host endpoint with my EC2 instances, allowing only my home network to access them. I've come across a variety of suggestions, such as Netmaker, OpenVPN, Tailscale etc. but I'm curious to hear your opinions on these solutions.
What are some alternatives?
headscale - An open source, self-hosted implementation of the Tailscale control server
netbird - Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.
ZeroTier - A Smart Ethernet Switch for Earth
firezone - Open-source VPN server and egress firewall for Linux built on WireGuard. Firezone is easy to set up (all dependencies are bundled thanks to Chef Omnibus), secure, performant, and self hostable.
pivpn - The Simplest VPN installer, designed for Raspberry Pi
Nebula - A scalable overlay networking tool with a focus on performance, simplicity and security
traefik - The Cloud Native Application Proxy
innernet - A private network system that uses WireGuard under the hood.