Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Ah, by using their servers:

> How do we break the deadlock? That’s where STUN comes in. [...] In Tailscale, our coordination server and fleet of DERP (Detour Encrypted Routing Protocol) servers act as our side channel





Yes, NAT traversal is used widely. It is only needed at the start of the connection to get both firewalls to open ports. The encrypted wireguard tunnel is point to point

reply


What I find crazy is that people describe "not self hosting" as a "like magic" solution to self hosting

reply


You can run your own DERP server if you really want to

docker run -d --name derper -p 443:443 -p 3478:3478/udp \ ghcr.io/tailscale/derper:latest

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: