
Exploring NAT Traversal and Tunnels with Inlets and Inlets Pro - alexellisuk
https://blog.heyal.co.uk/inlets-pro/
======
sdan
Tried inlets but wasn’t sure of reliability and it didn’t have a set price;
figured out a way to replicate this with WireGuard.

Also kind of annoying that every endpoint needs an entire new instance. I’m
serving millions of requests every week or so on a single gcp instance.

However, given my inexperience in Kubernetes(when I was using it) it was
pretty neat to see clear endpoints, so for that I’d use it (minus caddy).

~~~
_frkl
Do you have anything written up about your wireguard setup?

~~~
sdan
Very soon. You can always email me at hn@sdan.cc if you want immediate help
(although I'll probably go over every point in the blog posts).

But as a summary:

Small GCP instance as "hub"

Server #1 connects to the "hub" redirecting all traffic binded to 0.0.0.0 on
ports 80 and other specific ports

Server #2 connects to the "hub" redirecting exactly the same as server #1 but
on different ports for different reasons...

Then Traefik(loadbalancer) basically tunnels all traffic for the numerous
websites I have running through port 80 on server #1 (note that all my
websites are running on server #1, server #2 is just for other non-external
tasks).

I set it up such that there's only a single TCP connection from the user to
the server (instead of user ->gcp->my server).

Anyways, it's super cool, super efficient, super easy, and best of all, free.
I'll update you on when I make that blog post.

~~~
_frkl
Thanks, that'd be great and very much appreciated. I was about to look into
that direction, because it seems to make a lot of sense, but haven't gotten
around to it...

