Hacker News new | past | comments | ask | show | jobs | submit login

Not sure about that, I use Tailscale (wireguard based) and none of my devices have a public IP.



It seems that the value-add magic sauce of TailScale is the work they've put into NAT traversal etc. There are some interesting blog posts from the team regarding work in this area.


I wonder if the work they put in can be extracted to some kind of tool the other projects can use as well. NAT traversal always seems like the limiting factor in projects like this.


NAT traversal is an impossible problem in practice in the general case (boo symmetric NATs), and the best-effort version is a solved problem since at least 2003 with the STUN protocol[1] which is part of WebRTC, and there are STUN implementations available in many languages[2].

[1]: https://datatracker.ietf.org/doc/html/rfc3489 [2]: For instance, Rust: https://github.com/webrtc-rs/stun & Go:https://github.com/pion/stun, and see this HN comment listing a few WebRTC implementations (which include STUN): https://news.ycombinator.com/item?id=26739253


Sorry, I meant to add this to my original comment. Link to pertinent blog entry: https://tailscale.com/blog/how-nat-traversal-works/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: