[paulmooreparks]

I'm building my own cloud (I actually typed claude instead of cloud there... wow). There's no IaaS or PaaS; it's much simpler. I wanted my own way of connecting to machines and the TCP services on those machines without having to install Tailscale (not allowed on a locked-down corporate PC) or pay for Azure or AWS or GCP or even Hetzner or Linode. I've got 10gbps fibre and a huge workstation at home, and I've got lots of laptops and VMs and other outboard stuff that I want to work in concert with that workstation, so I started building something I call Tela (Filipino for fabric; I was sitting in Ninoy Aquino International Airport waiting for a flight when I had the idea, and it's implemented as a network fabric).

https://github.com/paulmooreparks/tela

[InfraScaler]

You are rebuilding tailscale but requiring a centralised hub. I did the same in 2016 (pre-tailscale?) https://web.archive.org/web/20160304013451/https://wormhole....

I am not sure WireGuard existed at the time, and I used SoftEther and based it all on doing outbound tunnels to TCP/443* to avoid firewall blocks in corporate networks.

You could explore full P2P by leveraging UDP hole punching: https://cloudnetworking.pro/firewall-bypass-series-1-2/ https://cloudnetworking.pro/firewall-bypass-encapsulating-tr...

(WireGuard may already do it, dunno)

Also, fun fact, tela is also Spanish for fabric. Given the Filipino history, I guess it comes from there.

* I know I know, TCP in TCP is a bad idea https://cloudnetworking.pro/tcp-over-tcp-is-a-bad-idea/

[paulmooreparks]

Thanks! Yes, Tela already does UDP hole-punching. I made Tela because I wasn't allowed to install Tailscale on my new corporate laptop, and no other available solution seemed to tick the right boxes. It started as a simple way to RDP to my home workstation, but then I realised that if I could do that, I could finally pull my ad-hoc home cloud into one tool. The hub model is very much by design, for organisational purposes. The hole-punching feature gives me the P2P speed (and even STUN, if available). An upcoming version will allow hub-to-hub topologies.

It should have occurred to me that tela is also Spanish, since about every third word I hear in a Tagalog sentence seems to be of Spanish origin.

[InfraScaler]

Does tela create an L3 network? if that's the case, what do you do to avoid IP addressing clashes? In Wormhole I decided by default to use CGNAT addressing (100.64.0.0/10)

I did not go too far unfortunately, so I did not face problems such as discoverability (do you have to know/remember all the IP addresses from the devices connected? DNS? etc).

[paulmooreparks]

No, it doesn't create an L3 like Tailscale. A client (a machine running the tela CLI) connects to an agent (a machine running telad) via a hub (a machine running telahubd), but once they connect they negotiate a P2P route if they can. That's all managed by Wireguard an gVisor. The remote service is forwarded to a port on localhost, so SSH to a VM somewhere else would just be ssh to, say, localhost:10022. I'm investigating a local DNS so that users can instead type `ssh paul@dev-vm` instead of `ssh -p 10022 paul@localhost`.

[InfraScaler]

Very nice!

[noodlebreak]

You should add this comment in your project's readme - because this is far easier to understand why the project even exists.

[paulmooreparks]

That's good advice. I just added that to the new project site, https://telaproject.org/ .