I just use wireguard that's built in to opnsense. Am I missing out on something ?
this post was submitted on 09 Jul 2023
70 points (100.0% liked)
Selfhosted
42834 readers
1032 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
No, but some people are stuck behind CG-NAT and can't port forward to the outside world for wireguard. Things like Cloudflared, Tailscale and ZeroTier get past that.
It's of course possible to use wireguard to a VPS and tunnel into that, but that's a bit more technical to set up.
ISP have put me behind CG NAT few weeks ago, but I just called them and they turned it off in 10 min. Hard part was to find out whats the issue since I had no clue about CG NAT. WG ftw
Yeah, same here. Played with tailscale, headscale and some other wireguard mesh tools. But I prefer the plain and simple wireguard setup. My network is not that big that I need yet an other tool for managing it.
Yeah that's what I do as well. I try to avoid tying my services to a company that can change their licensing terms. I'm trying to be self hosted after all!
I’ve been using Tailscale because I like the business model they’ve been pushing. They’ve also followed through with that, expanding what the free tier of their service offers instead of restricting it more.
Although possibly biased, Tailscale has a write up comparing the two and the conclusion is that both are good at accomplishing their goals. If you have a technology or business preference, it could mostly come down to that. https://tailscale.com/compare/zerotier/
Also a big fan of Tailscale. Works well out of the box and they have great documentation.
I'll also throw out its nice to see many of their articles comparing services don't end with a simple "We're better!" but a "pick whats best for your use case." Makes them look a lot better imo.
I can't believe I'm hearing so much support for non-selfhosted stuff. What's next, you're going to promote Plex?
I thought this was the selfhosted community
You can self-host Tailscale and Zerotier.
Also Plex is a staple of the self hosted community (though I prefer Jellyfin.) I'm wondering if they've confused self hosting and FOSS somehow
Plex requires a third party account, therefore not selfhosted.
That's a very narrow definition of self hosting. Do you also not consider it self hosting if you use a cloud provider VPS? It relies on a 3rd party so I'd love to see the gymnastics that keep stuff on a VPS as self hosted but not Plex. If you don't consider things on a VPS as self hosted then I'm not sure what to say other than I disagree.
The identity service is not self hosted then. But the rest of Plex literally is. You can self host Gitea and use a third party service like openID for authentication too if you want to. Just because you self host some things doesn’t mean you HAVE to self host EVERYTHING
Yeah, but that's not what laxnover@lemmy.world was advertising
The original question was about the use of these two services. I answered their question and provided a link. I’m sorry that you took that as advertising, but the OP was asking for the basics. There are more productive ways of responding than immediately attacking, though, that would have helped get your point across. For example, providing links to things like Headscale or Netmaker to help your point about not using a third party service.
It's a discussion.. calm down.. It's also a very valid way to access selfhosted systems.
I've been using secret option 3- netbird. Kernel wireguard support, completely self hostable, and very active development.
Looks interesting. What do you do for mobile devices that need to connect to your network?
There is an android app. I haven't needed to use it yet though, mobile isn't my particular use case for this. But it should work fine.
Tailscale was the first one I tried and it has worked great for me. If I run into issues maybe I'll look at switching.
Tailscale "just works". Since I've set it up I've never really thought about using anything else. Adding new devices is seamless.
I started with Zerotier. But at the time Zerotier didn't have exit routes, tailscale did so I tried that and haven't bothered looking at Zerotier since.
I don't know if Zerotier introduced that feature but I like that tailscale uses wireguard.
I use both, mainly Tailscale because it should be faster because it is Wireguard based, but ZT always on as well as a backup.
I’ve just been trying both and the Tailscale web dashboard is a lot more polished. Tailscale also uses wireguard instead of something proprietary. But I’m wondering if the zerotier iphone app might use less battery because I’ve heard tailscale has a problem with that.
I usually just VPN to my routers if possible. Point to point is feels more reliable than a hole-punching mesh or proxy. On the other hand, this seems to create an end-to-end secure tunnel.
I first tried zerotier but ran into some weird issue...don't recall what it is now....and then tried tailscale and was up and running in like 15 mins. But I see others have had the absolutely opposite experience from mine where tailscale wouldn't work and zerotier would. I think they're both great products.
You can use all functions from tailscale in free tier and its simple and quick.
Tailscale comes in my Synology packages and just works. Haven't looked at zerotier yet.
I use zero tier just because I’m a noob and was unable to make tailgate work as a docker container, but Im testing now twingate and works pretty well.
I tried and zerotier and didn't understand it, so use tinc. My own network that meshes and is only my servers
I love tinc, it's so simple. I wish there were something just as easy that leveraged wireguard instead of whatever custom VPN/tunneling stuff tinc uses, as using it scares me with how seemingly little maintenance tinc gets. Like if tailscale/headscale and tinc had a baby, haha.
Is there a way to run tinc on your phone or similar? To me that's another bonus of tailscale at least.
view more: next ›