Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Headscale seems to have nailed down the part of bypassing the firewall and doing fancy NAT-traversal

Did they really roll-their-own for those functions? I thought this was just a control layer on top of Tailscale’s stock services on the backend, are they facilitating connections with novel methods? Apologies if I’m asking obvious questions, I use ZeroTier pretty regularly, but I am not too familiar with Tailscale.



They have a really great in-depth blog post describing how they do it: https://tailscale.com/blog/how-nat-traversal-works


This is a fascinating read!


i think they mean headscale's implementation specifics


Can you share why you use ZeroTier over Tailscale? I run several headscale control planes and it really is nice to self-host. But, I'm curious about other options.


Not OP but I'm on ZeroTier because it was one of the best free tiers available before Tailscale could run as a Windows service.

Also I believe it implements a lower layer of the network stack so more options are supported, though I haven't needed to investigate in detail.


More ZeroTier 3 years ago: https://news.ycombinator.com/item?id=30283987#30284754




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: