dark

開源網狀VPN解決方案

Total
0
Shares
0
0
0



與我們聯繫———————————————– —- +僱用我們參與項目:https://lawrencesystems.com/hire-us/ + Tom Twitter?https://twitter.com/TomLawrenceTech +我們的網站https://www.lawrencesystems.com/ +我們的論壇https://forums.lawrencesystems.com/ + Instagram https://www.instagram.com/lawrencesystems/ + Facebook https://www.facebook.com/Lawrencesystems/ + GitHub https://github.com / lawrencesystems / + Discord https://discord.gg/ZwTz3Mh Lawrence Systems襯衫和贓物——————————- ——————–►?https://teespring.com/stores/lawrence-technology-services會員和推薦鏈接——— —————————————— Amazon Affiliate Store?https:// www.amazon.com/shop/lawrencesystemspcpickup我們所有的會員都可以幫助我們,並可以為您帶來折扣! Kit https://www.lawrencesystems.com/partners-and-affiliates/我們在套件上使用的裝備?https://kit.co/lawrencesystems免費試用ITProTV並享受30%的折扣! ?https://go.itpro.tv/lts使用OfferCode LTSERVICES可在at https://www.techsupplydirect.com/ Digital Ocean優惠代碼?https://m.do.co/c上獲得10%的訂單折扣。 / 85de8d181725 HostiFi UniFi雲託管服務?https://hostifi.net/?via=lawrencesystems通過VPN專用互聯網保護您的隱私?https://www.privateinternetaccess.com/pages/buy-vpn/LRNSYS Patreon? https://www.patreon.com/lawrencesystems⏱️Timestamps⏱️0:00開源Mesh VPN 1:46星雲Mesh VPN 3:32零層4:43隱私VPN 5:28站點到站點VPN解決方案6:34星雲和Zerotier工作10:10 UDP打孔工作原理14:08解決方案摘要https://www.defined.net/ https://slack.engineering/introducing-nebula-the-open-source-global-overlay-network -from-slack / https://github.com/slackhq/nebula#what-isnebula https://www.zerotier.com/自託管Zeroitier工具(我尚未測試)https://key-networks.com/ ztncui /我對Zerotier的評論https://youtu.be/Bl_Vau8wtgc。

35 comments

  2. Cool, you explained the same thing again. But what about performance compared to a traditional VPN? Especially when considering remote desktop.

  3. 14:20 You can install zerotier on your routers, this way it basically acts like a bridge between the routers and you don't have to do anything else besides adding some static routes on the zerotier UI. Edgerouters work very nicely for that. And then it's just business as usual configuring your firewalls

  4. After speaking with one of the developers of Nebula their update for IPV6 support will be coming soon, allowing more situations where Nebula will work, especially when involving CGNATs.

    I'm running the development branch of their outside_ipv6 and it works flawlessly. Punching through EEs CGNAT.

    I moved away from Tailscale as I don't appreciate that they can add any devices to my network0. If/when they open source the server, Ill reconsider.

  6. I am using the key-networks self hosted controller. It does work as advertised, and I have had no major issues – but it is a little rough. A few issues here and there with values being cached, or taking several attempts to update properly.

  7. I just want to thank you for all of the videos you upload and all of the work you do for us. You help to keep me up to date and informed and you really help to provide stability in sometimes a very all over the place profession of IT. Keep up the great work! I will continue watching and trying to grow and prepare myself in IT thanks to your help! 🙂

  9. What a complete waste of time that nebula was. I have been testing this over the weekend, don't waste your time. Nebula does not currently support relaying through the lighthouse so with devices behind multiple NAT you just get problems. They have been trying to get hole punching better but it looks like its way behind the current zerotier offering.

  10. Interesting video. It seems like you may get some benefits running this over DMVPN which that local network example you gave. I assume you could just setup on of these servers and possibly point your routed LAN interfaces default gateway to the server and then point the default gateway of the server to your nat firewall then? Are these tunnels pretty much ipsec/gre meshes? It would be interesting to see a video demo on nebula.

  12. the question is do they include default 'multicast' video and related 'one to many' streaming options to bypass the likes YouTube censorship and passthrough etc, ie a far better data saving than unicast video streaming for the end users and small scale self hosted providers on mass, as per its original intent before the world's consumer isp's unilaterally blocked native end user 'multicast' data streaming at their isp end point routers etc.

    basic good multicast real life setup https://www.youtube.com/watch?v=fIg_9wJlQX4
    Multicast
    30,398 views•Jul 30, 2016,CWNE88

    https://www.youtube.com/watch?v=KI0LuIcFM98
    Raspberry Pi Multicast TV server
    1,415,977 views•Aug 2, 2016,CWNE88

    https://www.youtube.com/watch?v=ZPzYKVar13c
    TV Technology – Part 10 – Raspberry Pi TCP IPTV Server (aka multicast to unicast video streaming)
    16,455 views•Apr 7, 2019,CWNE88

  13. How is UDP punch through different from WebRTC? You have a STUN server that coordinates two clients and sort of spoofs for that initial connection to allow direct client-client UDP traffic (potentially falling back to a relay just like zerotier) and usually firewalls don't matter unless they are blocking the STUN servers. Great video thanks!

  15. Thanks Tom – Awesome info. I would definitely like to see Nebula in action. I found out about Zerotier from one of your videos and it has been useful to maintain connectivity to my home and work labs. Keep them coming!!

  19. A couple of months ago I did looked into Nebula and thought it's a cool project to link two sites together and room to grow when more sites get added. Would love to see the video about it on here.

  21. My solution to UDP holes is not to allow anything outbound unless a rule says so, mainly 80, DNS server 53, and 443. There is zero reason for anything else unless its vendor related in which you build an outgoing rule for.

  22. • The ability to push DNS configuration to members, a long requested feature that will be valuable in enterprise environments with internal DNS servers or Windows domain controllers. The network controller side of this can be edited in ZeroTier Central by adding ?dns=1 to the end of the /network/<network ID> URL when viewing or editing a network. This will reveal a DNS configuration box in the network settings area beneath multicast configuration. On the client you must allow DNS setting management for a network in the ZeroTier UI or via the command-line interface with zerotier-cli set <network ID> allowDNS <true|false>.

  26. Interesting concept for sure. I do agree with Tom that a traditional VPN is more suitable for a use case such as connecting to your home (or office) network remotely.

  27. I made the experience that virtual network adapters added by third party software will often be removed by windows updates. Is that an issue with this product?

  28. Love zeroteir. Use it for both my vpn access (split tunnel) to internal resources and cross site transport (eoip for layer 2 bridge + routed subnets)

  29. I was ready to use Zerotier Edge appliances everywhere (cabin, parents house etc.), but now it's EOL so looking for another solution where the client does not have to be on / routing to other non PC devices.

  30. The problem that i can see here is that Wireguard is at least twice fast compared to nebula. I prefer to do more configuration to know that i'm getting the best in terms of speed and performance. If the throughput you need is very low, nebula could be take into consideration. Imagine that i can put Wireguard on Ubiquiti ER-4 and get minimum 300Mbps in throughput (with wireguard) and 70-80Mbps with Zerotier.

  34. Great video. Do you have plan to upgrade your video to 2k or 4k any time soon? Hope we can see Hi Res video from you. Thank you!

Comments are closed.