21
VPN and port forwarding
(lemmy.dbzer0.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 22 Jul 2023
21 points (100.0% liked)
Technology
37708 readers
405 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
I would go with Tailscale over ZeroTier though. Tailscale should perform better because it uses WireGuard as its protocol and WireGuard is extremely efficient.
No experience with Tailscale, but can confirm that performance-wise, WireGuard is a huge improvement over any other mainstream VPN protocol. It's also pretty robust and generally easier to use.
When configured and tuned properly, I've seen WireGuard able to move data at a little bit better than 90% of the provisioned bandwidth of the line. This in of itself is amazing and an order of magnitude better than OpenVPN or even IPSEC considering the overhead that encryption introduces into the packet size. Also, if you consider extra data processing going on, i.e. packets are being encapsulated, encrypted, transmitted, decrypted, and de-encapsulated, this is even more amazing.
Oh is that so, I didnt try tailscale yet. When I tried to figure out what to do with zerotier, not sure what I was planning to use it for then, it felt like I am in over my head a little bit. Is tailscale somewhat straightforward to set up/learn?
These two form a "mesh VPN" which use direct encrypted links between any number of devices. You can think of it as forming a virtual LAN where you can communicate with devices, including open ports. A lot of them have clever tricks to overcome CG-NATs, which you seem to be struggling with.
Another option is to just rent a server. You can get massive storage space for less than some VPNs cost and you don't need powerful hardware if your device supports the codecs you're using. You could even get a cheapy VPS and reverse proxy to your Jellyfin server through an SSH tunnel or similar. Lots of options here.
I would recommend hosting a wireguard server yourself instead of using tailscale or zerotier (both go through their own servers with your data, instead of your data remaining within your reach). Wireguard is really easy to deploy using docker using the wg-easy image.