dark

开源网状VPN解决方案

Total
0
Shares
0
0
0



与我们联系———————————————– —- +雇用我们参与项目:https://lawrencesystems.com/hire-us/ + Tom Twitter?https://twitter.com/TomLawrenceTech +我们的网站https://www.lawrencesystems.com/ +我们的论坛https://forums.lawrencesystems.com/ + Instagram https://www.instagram.com/lawrencesystems/ + Facebook https://www.facebook.com/Lawrencesystems/ + GitHub https://github.com / lawrencesystems / + Discord https://discord.gg/ZwTz3Mh Lawrence Systems衬衫和赃物——————————- ——————–►?https://teespring.com/stores/lawrence-technology-services会员和推荐链接——— —————————————— Amazon Affiliate Store?https:// www.amazon.com/shop/lawrencesystemspcpickup我们所有的会员都可以帮助我们,并可以为您带来折扣! Kit https://www.lawrencesystems.com/partners-and-affiliates/我们在套件上使用的装备?https://kit.co/lawrencesystems免费试用ITProTV并享受30%的折扣! ?https://go.itpro.tv/lts使用OfferCode LTSERVICES可在at https://www.techsupplydirect.com/ Digital Ocean优惠代码?https://m.do.co/c上获得10%的订单折扣。 / 85de8d181725 HostiFi UniFi云托管服务?https://hostifi.net/?via=lawrencesystems通过VPN专用互联网保护您的隐私?https://www.privateinternetaccess.com/pages/buy-vpn/LRNSYS Patreon? https://www.patreon.com/lawrencesystems⏱️Timestamps⏱️0:00开源Mesh VPN 1:46星云Mesh VPN 3:32零层4:43隐私VPN 5:28站点到站点VPN解决方案6:34星云和Zerotier工作10:10 UDP打孔工作原理14:08解决方案摘要https://www.defined.net/ https://slack.engineering/introducing-nebula-the-open-source-global-overlay-network -from-slack / https://github.com/slackhq/nebula#what-isnebula https://www.zerotier.com/自托管Zeroitier工具(我尚未测试)https://key-networks.com/ ztncui /我对Zerotier的评论https://youtu.be/Bl_Vau8wtgc。

35 comments

  2. Cool, you explained the same thing again. But what about performance compared to a traditional VPN? Especially when considering remote desktop.

  3. 14:20 You can install zerotier on your routers, this way it basically acts like a bridge between the routers and you don't have to do anything else besides adding some static routes on the zerotier UI. Edgerouters work very nicely for that. And then it's just business as usual configuring your firewalls

  4. After speaking with one of the developers of Nebula their update for IPV6 support will be coming soon, allowing more situations where Nebula will work, especially when involving CGNATs.

    I'm running the development branch of their outside_ipv6 and it works flawlessly. Punching through EEs CGNAT.

    I moved away from Tailscale as I don't appreciate that they can add any devices to my network0. If/when they open source the server, Ill reconsider.

  6. I am using the key-networks self hosted controller. It does work as advertised, and I have had no major issues – but it is a little rough. A few issues here and there with values being cached, or taking several attempts to update properly.

  7. I just want to thank you for all of the videos you upload and all of the work you do for us. You help to keep me up to date and informed and you really help to provide stability in sometimes a very all over the place profession of IT. Keep up the great work! I will continue watching and trying to grow and prepare myself in IT thanks to your help! 🙂

  9. What a complete waste of time that nebula was. I have been testing this over the weekend, don't waste your time. Nebula does not currently support relaying through the lighthouse so with devices behind multiple NAT you just get problems. They have been trying to get hole punching better but it looks like its way behind the current zerotier offering.

  10. Interesting video. It seems like you may get some benefits running this over DMVPN which that local network example you gave. I assume you could just setup on of these servers and possibly point your routed LAN interfaces default gateway to the server and then point the default gateway of the server to your nat firewall then? Are these tunnels pretty much ipsec/gre meshes? It would be interesting to see a video demo on nebula.

  12. the question is do they include default 'multicast' video and related 'one to many' streaming options to bypass the likes YouTube censorship and passthrough etc, ie a far better data saving than unicast video streaming for the end users and small scale self hosted providers on mass, as per its original intent before the world's consumer isp's unilaterally blocked native end user 'multicast' data streaming at their isp end point routers etc.

    basic good multicast real life setup https://www.youtube.com/watch?v=fIg_9wJlQX4
    Multicast
    30,398 views•Jul 30, 2016,CWNE88

    https://www.youtube.com/watch?v=KI0LuIcFM98
    Raspberry Pi Multicast TV server
    1,415,977 views•Aug 2, 2016,CWNE88

    https://www.youtube.com/watch?v=ZPzYKVar13c
    TV Technology – Part 10 – Raspberry Pi TCP IPTV Server (aka multicast to unicast video streaming)
    16,455 views•Apr 7, 2019,CWNE88

  13. How is UDP punch through different from WebRTC? You have a STUN server that coordinates two clients and sort of spoofs for that initial connection to allow direct client-client UDP traffic (potentially falling back to a relay just like zerotier) and usually firewalls don't matter unless they are blocking the STUN servers. Great video thanks!

  15. Thanks Tom – Awesome info. I would definitely like to see Nebula in action. I found out about Zerotier from one of your videos and it has been useful to maintain connectivity to my home and work labs. Keep them coming!!

  19. A couple of months ago I did looked into Nebula and thought it's a cool project to link two sites together and room to grow when more sites get added. Would love to see the video about it on here.

  21. My solution to UDP holes is not to allow anything outbound unless a rule says so, mainly 80, DNS server 53, and 443. There is zero reason for anything else unless its vendor related in which you build an outgoing rule for.

  22. • The ability to push DNS configuration to members, a long requested feature that will be valuable in enterprise environments with internal DNS servers or Windows domain controllers. The network controller side of this can be edited in ZeroTier Central by adding ?dns=1 to the end of the /network/<network ID> URL when viewing or editing a network. This will reveal a DNS configuration box in the network settings area beneath multicast configuration. On the client you must allow DNS setting management for a network in the ZeroTier UI or via the command-line interface with zerotier-cli set <network ID> allowDNS <true|false>.

  26. Interesting concept for sure. I do agree with Tom that a traditional VPN is more suitable for a use case such as connecting to your home (or office) network remotely.

  27. I made the experience that virtual network adapters added by third party software will often be removed by windows updates. Is that an issue with this product?

  28. Love zeroteir. Use it for both my vpn access (split tunnel) to internal resources and cross site transport (eoip for layer 2 bridge + routed subnets)

  29. I was ready to use Zerotier Edge appliances everywhere (cabin, parents house etc.), but now it's EOL so looking for another solution where the client does not have to be on / routing to other non PC devices.

  30. The problem that i can see here is that Wireguard is at least twice fast compared to nebula. I prefer to do more configuration to know that i'm getting the best in terms of speed and performance. If the throughput you need is very low, nebula could be take into consideration. Imagine that i can put Wireguard on Ubiquiti ER-4 and get minimum 300Mbps in throughput (with wireguard) and 70-80Mbps with Zerotier.

  34. Great video. Do you have plan to upgrade your video to 2k or 4k any time soon? Hope we can see Hi Res video from you. Thank you!

Comments are closed.