> all these systems try to bring something new to the table
That's great, I just wish that they all didn't have to hurdle the same (very high) bar before they can get to the "something new" part.
> some tunnel magic that forwards all traffic coming in from the internet ... to my local side of the tunnel, and vice versa
Yes! I considered that too. It'd kinda be like tailscale funnel, which mostly targets web hosting scenarios. Hilariously, they poked fun at the $5/mo vps idea in their article about funnel back in November [1]:
> Yes, you could spin up a $5/month VM somewhere and forward a port from its public internet IP to your tailnet with one line in your rinetd.conf file. But is that fun? Do you really need a(nother) Linux VM in your life?
(we're definitely being called out here lol)
Sadly, funnel wouldn't work in our case because we need an unshared static IP. But that hint about rinetd could help, from the man page [2]:
> it is able to redirect a large number of connections without a severe impact on the machine. This makes it practical to run services on machines inside an IP masquerading firewall.
That's great, I just wish that they all didn't have to hurdle the same (very high) bar before they can get to the "something new" part.
> some tunnel magic that forwards all traffic coming in from the internet ... to my local side of the tunnel, and vice versa
Yes! I considered that too. It'd kinda be like tailscale funnel, which mostly targets web hosting scenarios. Hilariously, they poked fun at the $5/mo vps idea in their article about funnel back in November [1]:
> Yes, you could spin up a $5/month VM somewhere and forward a port from its public internet IP to your tailnet with one line in your rinetd.conf file. But is that fun? Do you really need a(nother) Linux VM in your life?
(we're definitely being called out here lol)
Sadly, funnel wouldn't work in our case because we need an unshared static IP. But that hint about rinetd could help, from the man page [2]:
> it is able to redirect a large number of connections without a severe impact on the machine. This makes it practical to run services on machines inside an IP masquerading firewall.
[1]: https://tailscale.com/blog/introducing-tailscale-funnel/
[2]: https://manpages.debian.org/unstable/rinetd/rinetd.8.en.html