alt Hacker NewsThis is very cool!
But I also think it's worth a mention that for basic "I want to access my home LAN" use cases you don't need P2P, you just need a single public IP to your lan and perhaps dynamic dns.
Replies
kevin_thibedeau • today at 3:38 AM
A public IP and DDNS can be impossible behind CGNAT. A VPN link to a VPS eliminates that problem.
➕ show 2 replies
Where will you host the wg endpoint to open up?
- Each device? This means setting up many peers on each of your devices
- Router/central server? That's a single point of failure, and often a performance bottleneck if you're on LAN. If that's a router, the router may be compromised and eavesdrop on your connections, which you probably didn't secure as hard because it's on a VPN.
Not to mention DDNS can create significant downtime.
Tailscale fails over basically instantly, and is E2EE, unlike the hub setup.