Hacker News new | ask | show | jobs
by mrkurt 1941 days ago
To be fair, what Tailscale is doing is much harder than our private networking. They have to deal with NAT, mobile OSes, etc.

We mostly just try to pick the right primitives. And frequently get that wrong. Like that time we wrote our own JS runtime ...
1 comments
mwcampbell 1941 days ago
> They have to deal with NAT, mobile OSes, etc.

Does this imply that the user-space TCP/IP-over-WireGuard trick described here wouldn't work through NAT, or on a mobile OS (assuming you can get a Go toolchain up and running)?

link
mrkurt 1941 days ago
It'll work through NAT for sure. We just don't have to think about NAT because we're connecting clients to a network we control. Tailscale is making a mesh across clients behind different NATs.

I know they did a bunch of work to get wireguard-go working on iOS. It sounds hard to me!

link