undefined | Better HN

0 pointsmrkurt5y ago0 comments

To be fair, what Tailscale is doing is much harder than our private networking. They have to deal with NAT, mobile OSes, etc.

We mostly just try to pick the right primitives. And frequently get that wrong. Like that time we wrote our own JS runtime ...

0 comments

mwcampbell5y ago

> They have to deal with NAT, mobile OSes, etc.

Does this imply that the user-space TCP/IP-over-WireGuard trick described here wouldn't work through NAT, or on a mobile OS (assuming you can get a Go toolchain up and running)?

mrkurtOP5y ago

It'll work through NAT for sure. We just don't have to think about NAT because we're connecting clients to a network we control. Tailscale is making a mesh across clients behind different NATs.

I know they did a bunch of work to get wireguard-go working on iOS. It sounds hard to me!

j / k navigate · click thread line to collapse