thank you for the great video. I used Tailscale in the past but switched to Netbird for many reasons. You already mentioned a lot already. For me there is one killa-feature and that is, that the company behind NetBird a German company so they have to stick to the GDPR. I love it!

Been running netbird from v0.6.0 and it’s great it’s come along way and it’s been extremely stable, the addition of IOS and Android has been amazing

ZeroTier is also available for ASUStor NAS devices, OPNsense, and even some retro gaming handheld custom firmwares like ArkOS.

My only issue with Tailscale is the ACL syntax isn’t clear from the documentation. The default is a permit any which isn’t great and it doesn’t integrate with firewall rules in pfsense the way ZeroTier does with opnsense. I’m not writing json rules for ACL…there needs to be a better way to do it and clearer documentation

Timely vid! I've dabbled with Tailscale, primarily because they have a good Terraform module, but I have yet to actually do stuff with this other than testing accessing my home setup from the office. Will check out alternatives.

Tailscale with headscale as coordination server works very well for me. I would like to test netbird but currently it lacks some features that are important for me. E.g. exit nodes (will be available in march) and dual stack networking with IPv4 and IPv6. These features are already running fine with Tailscale and headscale. GoodiesHQ is currently working on an ACL UI Builder which will be integrated into the open source Admin-UI. Interesting times to come :)

Opened this video exactly because I was made aware of Twingate, but the content I find is sponsored. Will be trying netbird, seems really easy to get things done and should be enough for my needs

Thanks for the video. Would really like to see a performance test comparing Tailscale and Netbird in terms of throughput and LATENCY. Everyon tests throughput, but for some reason you rarely see latency info included. Edit: Netmaker has phone apps for iOS and Android now.

is the "Exit Node" feature on the roadmap in Netbird ? I think that is a very important feature to have, or at least its a more common usecase. hopefully it is, because netbird looks very promising.

Would love to see a follow up to this of the performance of these networks. simple speed tests even.

very very nice disclosure at beginning. no sponsor here. by the way, nothings bad about sponsorship, I trust some youtubers and also with sponsor it's ok, but knowing before is a great choice. Thanks, now I can ssee the rest of the video.

I've been using Tailscale for a while. Their ACL syntax does require a bit getting used to but does the job really well. But their error messages when I mess up could be better. But after this video, Netbird peaked my intrest. I might try it with a test environment sometime.

Thanks for the demo and info. I am using Twingate, but will try Netbird. Have a great day

I use both zerotier and tailscale on same machines. They work together! zerotier and tailscale also work on my openwrt router

good timing. I'm a newbie to networking and just put express VPN configuration files on my Beryl Travel Router using OpenVPN. It was super easy. Not sure if this is related or not, but thought it was cool to be able to do that.

Zerotier here is the only option here that allows you to self host your controller without having a public IP address, even behind CG NAT. The "coordination" layer is split into routing and a controller. The routing handles connecting the nodes, and the controller (which counts as another node) authorizes nodes into the network, meaning that you don't have to give them the power of managing your network, just self host your controller and let them do the routing for you. The whole architecture is pretty well though out. Also there's a self hosted controller web GUI called ztnet that recently popped up, it looks pretty modern and has a lot of features.

I haven't found anything similar to ZeroTier's 6PLANE addressing for container based routing. It's especially useful as it makes use of IPv6 NDP emulation for finding the shortest route between container. I haven't found any Wireguard-based solution similar yet, but I guess it would not be as seamless as zerotier automatic adressing

I've been a happy Tailscale user for quite some time, and have considered going the Headscale route. However, I may well give Netbird a try. (That's what homelabs are for, right?)

ZeroTier *does* have a 3rd-party open-source web UI called "ZeroUI". I haven't touch the ZeroTier website web UI in over a year.

Apparently NetBird will receive exit node functionality in March 2024. Also, for NetMaker you can use Ingress Gateway nodes to allow any Wireguard capable device (e.g. smartphones) to connect to the network.

Exit node is possible on netbird on with Linux os right now

Would love to see NordVPNs meshnet in vids like this, I’ve been using it for a while now and have no complaints, super easy to setup and get going on all platforms including Linux/CLI.

Nebula could be mentioned as well, it's what i personally use as it's very easy to setup and provision new clients, it's only available as selfhosted and it's fully open source. Plus the fault us deny all and you allow the port/protocol/host that will have access and the lighthouse/manager node can be more that one, providing grrat availability.

Only issue I have with Tailscale is on a mobile device...when moving between Cellular and WiFi sometimes traffic does not move through Tailscale until one stops and restarts the Tailscale client. Easy enough to do but annoying. Would be great if Tailscale client would deactivate in known WiFi SSIDs and reactivate when moving to unknown WiFi SSIDs or cellular. When doing an internet search this has been mentioned multiple times by users.

Thanks so much for this video! I'm really excited about netbird, as I haven't seen yet an open source solution which you can easily self host. I just wonder what security aspects you got to look out for, such as separating directories of the DB files and the web server fikes etc. looking forward to Your video about netbird!! Shame is, that zerotier and any other wire guard based solution, doesn't work great.... Tinkered a lot with excluding IP ranges from zerotier, but still doesn't seem to work alongside.....

ok so which one would work best in a self hosted game server?

actually running it myself and loving netbird but i had 2 issues which is now 1 issue and you share the same is that that need to have an option for exit node

Thank you for the transparency about twingate. Instant sub.

Totally appreciate your channel!

Curious as homelaber , running pfsense+WireGuard, when would it make sense to use netbird?

Great video again. They seem to be good tools. As a noob, why do I as a home user want to use these over say a Wireguard VPN included in some modem/routers like a Fritzbox? It is fast and pretty easy to setup.

Is there any guidance on the horsepower required for the machines doing the wireguard encryption / decryption to ensure that this does not limit transfer rates.

My experience with Tailscale: works fine with one user, but I tried adding someone else as a user and couldn't figure out why it didn't work even with expiration turned off on everything.

Wouldn't consider netmaker as a stable product. It struggles with NAT traversal, broken GUI in windows and the web interface had a lot of bugs.

Great video I have created a small gateway with dpdk, vpp and use zerotier to route over it. Runs 100% line rate locally and maxs out the internet with little cpu use. Also makes my security bulletproof. I will add ipv6 as a next step.

I'd like (another) video comparing VPN and Network Overlays. My concern has been the need for Multiple Authentication methods which is fine in VPNs (eg either certificate + user creds or user creds + OTP), but network overlays seem to only be certificates which has been why I haven't taken them up. My use case involves an AD environment with remote users changing passwords and computer policies that run prior to users logging in.

Thanks for this! Awesome explanation as always

Netbird's Android app is a little buggy (from my experience prior to Aug 2023). But it works and is cool.

j'apprécie votre indépendance

I'd like to see a Twingate review.

How do you see this in the context of the commercial environment where site to site VPN / IPSec is still the standard ?

looks pretty much like cloudflare tunnels to me.. haven't found any comparison to tailscale and cloudflare tunnels so far.

Tailscale works great for my needs, its was super easy, even for me, to setup (most this command prompt stuff gives me a headache) and it just Works !! Just tunneled in checked up on my server from my phone while at the beach!! Would be nice if they made a Core plugin too though! as sometimes i dont have both NAS' turned on, and can only tunnel in if scale nas is on

has tailsacle + headscale gotten closer to raw wireguard performance. last I looked it wasnt worth it

Though tailscale (hosted by them) has a bunch of convenient features such as Tailscale SSH, taildrop and funnels. And for the most part, I think trusting that the coordination server hasn't been compromised is what tailnet lock is supposed to be for? According to them anyway. (I've actually integrated tailscale into my home network with full subnet routing and everything.)

What we need are VLESS Reality based mesh network solutions

Thanks for the video. Kinda missed some talking points about integrating OPNSense. And also wanted to ask is there any reason you use the google chrome browser on your Linux machine?

Hey.. thanks for a great video.. Very good comparison and details of the options. I wanted to ask a question... I have a VPN esque setup with Twingate at the moment and it works well. However, it doesn't and seems it can't do on thing I'd like for it to do.. Use my private DNS on my local network instead of using my provider (cell/remote wifi) DNS. I'd like for it to block ads but also appear as if I'm using my home IP rather than somewhere else. Thanks in advance for your time.

Does any of those services offer MDNS? I tried Tailscale and it doesn‘t, unfortunately.

can you make a video to explain how can I controle the traffic over my proxy server which people are connected to via SSH please

Tailscale adds features at a very fast pace and this looks to me like a security problem.

ZeroTier has plugin for Mikrotik routers

What is the IPv6-support situation with Tailscale/Netbird?

Hey do you know if Tailscale is also available for opensence?

Can you compare speed on each? I looked at netbird but was turned off by the fact you have to have an account for the self hosted option. Do you what data they collect when you self host?

Nice video!

Who's Lawrence?

Why didn't you just do a 360° rotation ok the first pilar to have the ladder under the non damaged part of the bridge?

Zerotier has a opnsense module

how can netbird cost 5$/user/month if I am selfhosting it? Or is this the "not selfhosted" version?

waiting for self hosted netbird setup and explanation

Netbird sounds very promised.

netbird ftw

Your channel is nice and informative, but your pfsense bias it's doing a disservice to other possibly better options, like OPNsense, specially if you care for the morality of the devs or vendors.

poorly carried out, biased towards pfsense omitting that zerotier also does have an opnsense plugin. also not really showing all mentioned solutions equally. barely a real comparison. sorry, I've seen better, less biased vids from you tom.

first