zlacker

[parent] [thread] 5 comments
1. _heimd+(OP)[view] [source] 2025-01-05 14:20:26
There's nothing wrong with wireguard at all if you already have the hosting service available. The core value add for Tailscale is that they provide/host the service coordinating your wireguard network.

If I'm not mistaken, there's a self-hosted alternative that let's you run the core of Tailscale's service yourself if you're interested in managing wireguard.

replies(2): >>azthec+X5 >>bennyt+Qh
2. azthec+X5[view] [source] 2025-01-05 15:11:38
>>_heimd+(OP)
I believe you are referring to Headscale https://github.com/juanfont/headscale
3. bennyt+Qh[view] [source] 2025-01-05 16:46:19
>>_heimd+(OP)
What kind of "hosting service" are you referring to? Just run wireguard on the home server, or your router, and that's it. No more infra required.
replies(1): >>_heimd+wA
◧◩
4. _heimd+wA[view] [source] [discussion] 2025-01-05 19:12:10
>>bennyt+Qh
I meant to say hosted service there, I.e. running a wireguard server to negotiate the VPN connections.

The main reason I haven't jumped into hosting wireguard rather than using Tailscale is mainly because I reach for Tailscale to avoid exposing my home server to the public internet.

replies(1): >>rane+jT
◧◩◪
5. rane+jT[view] [source] [discussion] 2025-01-05 21:43:54
>>_heimd+wA
What could be the issue with exposing WireGuard at a random port to the public internet?

It works over UDP so it doesn't even send any acknowledgement or error response to unauthenticated or non-handshake packets.

replies(1): >>_heimd+V11
◧◩◪◨
6. _heimd+V11[view] [source] [discussion] 2025-01-05 23:07:28
>>rane+jT
There may not be an issue at all, I'm just gun shy about opening any ports publicly. I don't do networking often and have never focused on it enough to feel confident in my setup and maintenance.
[go to top]