If you’re concerned about privacy I don’t know why you’d use Tailscale over Wireguard directly. The latter is slightly more fiddly to configure, but you only do it once and there’s no cloud middleman involved, just your devices talking directly to each other.
Yes and because wiregurad is stateless you’ll need a script that checks if your DNS endpoint has updated and restart the wireguard interface so it pulls the fresh DNS/updated IP address. I had to make said bash script for my nodes.
Nope, just an open port. Works directly with public IP. I guess if some ISPs IP lease time is short and they keep changing it regularly, it might become a hassle.
If you’re concerned about privacy I don’t know why you’d use Tailscale over Wireguard directly. The latter is slightly more fiddly to configure, but you only do it once and there’s no cloud middleman involved, just your devices talking directly to each other.
Yes, fair. I was just attracted by the no-hassle method of Tailscale.
Do you not need DDNS for that?
Yes and because wiregurad is stateless you’ll need a script that checks if your DNS endpoint has updated and restart the wireguard interface so it pulls the fresh DNS/updated IP address. I had to make said bash script for my nodes.
Nope, just an open port. Works directly with public IP. I guess if some ISPs IP lease time is short and they keep changing it regularly, it might become a hassle.
Wait, this could work behind a provider NAT? That’s something I never ever solved
I’m afraid if you’re behind CGNAT it won’t work. Your router should have unique public IP. I’m not too well versed though…
Thanks, that’s sort of what I thought