yggdrasil-go
netbird
yggdrasil-go | netbird | |
---|---|---|
23 | 107 | |
3,342 | 8,993 | |
1.6% | 4.9% | |
8.5 | 9.7 | |
about 1 month ago | about 21 hours ago | |
Go | Go | |
GNU General Public License v3.0 or later | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
yggdrasil-go
-
Tinc, a GPLv2 mesh routing VPN
> The next version will make it much simpler to deploy isolated networks by using TLS roots to prevent accidental peerings.
Is that PR #1038 [1]? Any info on how to use that feature and whether it works over multicast as well?
I noticed this PR uses SHA-1 for matching fingerprints. SHA-1 has been broken for 13 years now. Is it possible to use something more secure?
> It's also worth noting that Yggdrasil doesn't have the equivalent of "peer exchange" — only directly connected peers would ever find out your public IP address. Yggdrasil will not form new peerings automatically, with the single exception being multicast-discovered nodes on the same LAN.
Right, my worry is that by having a server with a public IPv4 address and Yggdrasil running on an open port (so that my other nodes can connect to it) will allow someone to connect to it (either on purpose or accidentally) and cause my traffic to route over their node(s) and/or the public mesh.
Thanks!
[1] https://github.com/yggdrasil-network/yggdrasil-go/pull/1038
- Yggdrasil
- Release Version 0.4.7 · yggdrasil-network/yggdrasil-go · GitHub
-
Tailscale/golink: A private shortlink service for tailnets
From a purely networking perspective, there are far better solutions than tailscale.
Have a look at full mesh VPNs like:
https://github.com/cjdelisle/cjdns
https://github.com/yggdrasil-network/yggdrasil-go
https://github.com/gsliepen/tinc
https://github.com/costela/wesher
These build actual mesh networks where every node is equal and can serve as a router for other nodes to resolve difficult network topologies (where some nodes might not be connected to the internet, but do have connections to other nodes with an internet connection).
Sending data through multiple routers is also possible. They also deal with nodes disappearing and change routes accordingly.
tailscale (and similar solutions like netbird) still use a bunch of "proxy servers" for that. You can set them up on intermediate nodes, but that have to be dealt with manually (and you get two kinds of nodes).
-
The Iran Firewall: A preliminary report
The only real solution long-term is completely peer-to-peer ad-hoc networking that doesn't depend on BGP.
A few projects are in similar territory but none I've seen are working at the layer of bypassing BGP. Many are just acting as an overlay; which works to an extent. https://github.com/yggdrasil-network/yggdrasil-go
It's probably begging for a different model of the "internet" and where data lives.
My requirements:
1. Offline-first applications that sync via a pub/sub DHT of trusted peers. More details here but basically allows bypassing BGP.
-
Make the Internet Yours Again With an Instant Mesh Network
It seems like you can limit connections to your node with AllowedPublicKeys (ref).
- Was war vor 15 Jahren möglich, aber wäre heute undenkbar?
-
[Fanatical] Mindustry - 24 Hour Star Deal (83% off - $1.00 / £0.79 / €0.79)
at least on the official discord the recommended way if you don’t want to play on a public server is using yggdrasil
- Multiplayer Between Steam Owner/Non-Steam Owners
netbird
-
AWS Lambda Serverless Security. Mistakes, Oversights, and Potential Vulnerabilities
The best way to securely connect your functions to your other resources is with an encrypted mesh network like NetBird. NetBird lets you link your infrastructure together using a zero-config private WireGuard network that works across cloud, serverless, and on-premise infrastructure.
-
List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.
NetBird - NetBird is an open-source VPN management platform built on top of WireGuard® making it easy to create secure private networks for your organization or home.
-
Using NetBird for Kubernetes Access
NetBird simplifies Kubernetes access with its zero-configuration approach, leveraging WireGuard's simplicity and strength. It seamlessly integrates with various tools, offering transparency and high reliability as an open source solution.
- JIT WireGuard
- Nebula is Not the Fastest Mesh VPN (But neither are any of the others)
-
A word of caution about Tailscale
Netmaker (https://www.netmaker.io/) Netbird (https://netbird.io/)
-
Free Tech Tools and Resources - Multi-clock Display, Networking Tools, Digital Forensics & More
NetBird is a configuration-free, peer-to-peer private network combined with a centralized access control system. Utilizing a WireGuard-based overlay network, it ensures encrypted connections between machines without the need for complex configurations such as port openings, intricate firewall rules, or VPN gateways. Prioritizes security with intuitive management of granular access policies for secure remote access, applicable universally across any infrastructure. petr205 explains, "Their SaaS version is free up to 100 machines and 5 users, but the self-hosted version is exactly the same and has very low requirements."
-
Show HN: WireHub – easily create and share WireGuard networks
It is always great to see another solution using Wireguard, which is a great technology for modern private connectivity.
I built https://github.com/netbirdio/netbird, which can be self-hosted and offers an option to run Wireguard without managing firewalls for P2P connectivity.
- Would we still create Nebula today?
- Netbirdio/netbird: Connect devices into a single private WireGuard mesh network
What are some alternatives?
Nebula - A scalable overlay networking tool with a focus on performance, simplicity and security
tailscale - The easiest, most secure way to use WireGuard and 2FA.
cjdns - An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing.
Netmaker - Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
mesh-networking - :globe_with_meridians: LEGO blocks for networking, a Python library to help create and test flexible network topologies across real and simulated physical links.
ZeroTier - A Smart Ethernet Switch for Earth
PJON - PJON (Padded Jittering Operative Network) is an experimental, arduino-compatible, multi-master, multi-media network protocol.
headscale - An open source, self-hosted implementation of the Tailscale control server
pinecone - Peer-to-peer overlay routing for the Matrix ecosystem
firezone - Open-source VPN server and egress firewall for Linux built on WireGuard. Firezone is easy to set up (all dependencies are bundled thanks to Chef Omnibus), secure, performant, and self hostable.