Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

There's nothing wrong with wireguard at all if you already have the hosting service available. The core value add for Tailscale is that they provide/host the service coordinating your wireguard network.

If I'm not mistaken, there's a self-hosted alternative that let's you run the core of Tailscale's service yourself if you're interested in managing wireguard.



I believe you are referring to Headscale https://github.com/juanfont/headscale


What kind of "hosting service" are you referring to? Just run wireguard on the home server, or your router, and that's it. No more infra required.


I meant to say hosted service there, I.e. running a wireguard server to negotiate the VPN connections.

The main reason I haven't jumped into hosting wireguard rather than using Tailscale is mainly because I reach for Tailscale to avoid exposing my home server to the public internet.


What could be the issue with exposing WireGuard at a random port to the public internet?

It works over UDP so it doesn't even send any acknowledgement or error response to unauthenticated or non-handshake packets.


There may not be an issue at all, I'm just gun shy about opening any ports publicly. I don't do networking often and have never focused on it enough to feel confident in my setup and maintenance.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: