top | item 47063590

(no title)

tda | 11 days ago

I just set this up the other day, and I got my ping to drop from 16 to 10ms, and my bandwidth tripled, when connecting from a remote natted site to a matter desktop my house. Together with Moonlight/Sunshine I can now play Windows games on my Linux desktop from my MacBook, with 50mbps/10ms streaming. So far so good!

Not a single port forwarded, I just set my router up as peer node.

discuss

FrenchTouch42|11 days ago

May want to give Apollo a try: https://github.com/ClassicOldSong/Apollo (re Sunshine)

langarus|11 days ago

Any idea how this solution compares to parsec?

stavros|11 days ago

Why?

nickburns|11 days ago

Neat use case. But in fairness, you've simply 'offloaded' NAT traversal/port forwarding to automagic helper protocols over which you have no control even if you wanted it.

RulerOf|10 days ago

I recently tried whitelisting IPv6 prefixes at the network border and running straight IPv6 traffic from end to end.

It works really well so long as there's an encrypted transport, although I'm a little annoyed that the routes are very different and the ping times are different too. Although at the moment I can't remember if they're worse ¯\_(ツ)_/¯

jak6jak|11 days ago

That seems really exciting! If you wanted to share game streaming to a general public would they have to install tailscale on their device/login? How does that work? Am I right in assuming that tailscale is built mostly for sharing resources with people you trust instead of the general public?

unknown|11 days ago

[deleted]

flowstraume|11 days ago

I'm confused. I wanted to do this too with an OpenWRT router, but I was under the impression I still had to open a 40000 port so my NAT devices can see it. Wouldn't it still be on the exposed public Internet?

arjie|11 days ago

What hardware do you use on the networking side?

tda|11 days ago

Nothing special, an edgerouter that allows installing tailscale

aborsy|11 days ago

There are several ports open (you dont open them, Tailscale does), including for peer relay. Some are vpn ports, but the ports for relay servers are not for VPN so my guess is that the software that listens to those ports is a lot less secure (compared to Wireguard or OpenVPN).

tda|11 days ago

Yes my router has open ports, but it does not do any port forwarding. So I can 'directly' connect any device behind my router without my router needing to know any specifics of which device that is. And I don't need to do any port forwarding of anything on my network and thus expose them to the whole internet; I just expose them to the users of my tailscale network (only me)