| ▲ | milkshakes 6 hours ago |
| vpns typically add at least one hop. this has the possibility of connecting directly via hole punching |
|
| ▲ | tux3 6 hours ago | parent | next [-] |
| Modern VPNs based on wireguard can do direct connections with hole punching. It's just a lot more work to setup on your own, or you have to sign-up to a SaaS like tailscale and use their relays, and they'll do the hole punching for you. Here this is a decentralized network with a lot of existing public relays. But in principle a VPN can solve a lot of the same problems. It's just that commercial VPNs are not decentralized, and doing your own wireguard setup is a pain. |
|
| ▲ | kkapelon 6 hours ago | parent | prev | next [-] |
| Already possible with taiscale, netmaker, zerotier etc. https://tailscale.com/blog/how-nat-traversal-works |
| |
| ▲ | danudey 5 hours ago | parent [-] | | But only for devices already on that tailnet. This allows you to provide information to an arbitrary person (a friend/coworker/etc) to let them access the thing without them having to jump through all the extra hoops of joining your tailnet/them joining yours/adding a VPN/etc. | | |
| ▲ | 9dev 4 hours ago | parent | next [-] | | With Tailscale at least, you can pretty easily share a node with someone else. If your target audience are solo developers or hobbyists, making it even easier to share access is surely nice; from the perspective of someone in charge of making sure our company IT is balancing security and ease of networking, the literal last thing I want is making it easier to grant someone access. There are policies defining who can talk to what; they are deployed from a GitHub repository with defined rules on who can modify them and who has to review them; there are zero scenarios where I want an alternative way of granting access to any device or service under our control. | |
| ▲ | kkapelon 5 hours ago | parent | prev [-] | | but what exactly is the use case? I was responding to the nat traversal topic.. If I wanted to share something internal with a friend I would use ngrok or any of the million alternatives. Anyway, this is exactly why my top-level comment says that this project needs a "versus" page in the docs. |
|
|
|
| ▲ | UltraSane 4 hours ago | parent | prev [-] |
| Cisco Dynamic Multipoint VPN will start by connecting to a central VPN server and then learn the public IPs of endpoints and automatically create VPN tunnels to them. It can scale to thousands of endpoints. |
