tailscale vs cloudflare tunnel? which is better a homelab - eviltoast

Hello I’ve been using cloudflare to get remote access for the couple apps I selfhost, but lately I’ve been hearing about the wonders of tailscale.

It seems that the free tier is enough for my use. Which would be a safe option to have remote access for my 3D printer? Also how are both in terms of privacy?

  • RaisinBrand@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I think you have a misunderstanding about wireguard clients.

    As long as the server isn’t behind a cgnat, a connection from the client to the server can be made. It does not matter if the client is behind a cgnat or not. If that were true, privacy vpns like proton and mullvad would not work.

    That said, tailscale is easy to setup compared to a wireguard tunnel, but wireguard has potentially more performance because tailscale uses wireguard-go rather than wireguard kernel.

    • lud@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I haven’t tried reversing it like that, but I was under the impression that there were no specific servers or clients in WireGuard land and that both devices had to connect to each other and authenticate.

      I have never really thought about how the servers of VPN providers are supposed to work if this was the case.

      I guess I just got confused when I tried setting it up someday.

      I haven’t benchmarked it personally but apparently tailscale and WireGuard are very similar in performance due to optimization done by tailscale. I think they wanted to push the improvements upstream but I am not sure if that happened or if it’s still waiting.

      • RaisinBrand@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I believe performance is situationally dependent, so it may or may not be faster, but it theoretically is. I personally choose wireguard over tailscale because it’s one less 3rd party involved, not for potential performance increases.

        • lud@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          That’s fair. I use Wireguard somewhere else for the same reason.