I-Headscale, ukuqaliswa komthombo ovulekile we-Tailscale

Darkcrizt

Imizuzu ye-4

Zimbalwa izinsuku ezedlule besikhuluma lapha kubhulogi ngeFirezone, okuwusizo oluhle kakhulu lokwakha amaseva weVPNGWard-based.

Futhi manje manje yisikhathi sokukhuluma ngokusetshenziswa okufana ncamashi okubizwa nge- "Headscale" okungukuthi iphrojekthi ekhiqizwa njengokusetshenziswa komthombo ovulekile ingxenye yeseva kusuka kunethiwekhi ye-Tailscale VPN, ekuvumela ukuthi udale amanethiwekhi we-VPN afana neTailscale endaweni yakho, ngaphandle kokuxhunyaniswa nezinsizakalo ezivela eceleni.

I-Tailscale ivumela ukuhlanganisa inani elingenakuphikiswa labasingathi abahlakazeke ngokwendawo kunethiwekhi, eyakhelwe emfanekisweni wenethiwekhi enezikhala, lapho i-node ngayinye ixhumana khona namanye ama-node ngqo (i-P2P) noma ngama-node angomakhelwane, ngaphandle kokudlulisa ithrafikhi ngamaseva angaphandle aphakathi komhlinzeki we-VPN.

Ngaphandle kwalokho Indlela esekwe ku-ACL nokulawulwa kokufinyelela kuyasekelwa nokuthi ukuze kusungulwe iziteshi zokuxhumana ngaphansi kwezimo zokusetshenziswa kwabahumushi bekheli (i-NAT), izindlela ze-STUN, ICE ne-DERP (ezifana ne-TURN, kepha ezisuselwa ku-HTTPS) ziyasekelwa. Uma ishaneli yokuxhumana phakathi kwama-node athile ivinjiwe, inethiwekhi ingaphinde ihambe futhi ukuhambisa ithrafikhi ngamanye ama-node.

I-Tailscale snokwehluka kuphrojekthi yeNebula eklanyelwe ukudala amanethiwekhi we-VPN asatshalalisiwe anemizila ye-mesh, kusetshenziswa umthetho olandelwayo we-Wireguard ukuhlela ukudluliswa kwedatha phakathi kwama-node, ngenkathi uNebula esebenzisa intuthuko yephrojekthi yeTinc, esebenzisa i-algorithm ye-AES-256 ukubethela amaphakethe we-GSM (i-Wireguard isebenzisa ukubethela kwe-ChaCha20, okuhlola ekuboniseni ukusebenza okuphezulu nokuphendula).

Enye iphrojekthi efanayo, i-Innernet, ithuthukiswa ngokwehlukana, lapho kwenziwa khona umthetho olandelwayo we-Wireguard ibuye isetshenziselwe ukushintshanisa idatha phakathi kwama-node. Ngokuphambene nalokho, kusuka eTailscale naseNebula e-Innernet kwasetshenziswa uhlelo oluhlukile lokuhlukaniswa kokufinyelela olususelwa ku-ACL Amathegi awaboshelwe kuma-node ngamanye nakuma-subnet ngokuhlukaniswa nokuhlukaniswa kwamabanga ahlukahlukene wamakheli we-IP, njengakuxhumana okuvamile kwe-Intanethi.

Futhi, i-Innernet isebenzisa iRust esikhundleni seGo futhi kufanelekile ukuthi sisho ukuthi i-Innernet 1.5 enokuxhaswa okuthuthukile kwe-NAT kudedelwe ezinsukwini ezimbalwa ezedlule. Kukhona nephrojekthi yeNetmaker, ekuvumela ukuthi uxhume amanethiwekhi anezindlela ezahlukahlukene usebenzisa i-Wireguard, kepha ikhodi yayo inikezwa ngaphansi kwe-SSPL (Server Side Public License), engavuleki ngenxa yokuba khona kwezidingo zobandlululo.

I-Tailscale isatshalaliswa kusetshenziswa imodeli ye-Freemium esetshenziswa mahhala yabantu ngabanye nokufinyelela okukhokhelwayo kwezinkampani namaqembu. Izingxenye zeklayenti le-Tailscale, ngaphandle kwezicelo zokuqhafaza zeWindows ne-MacOS, zakhiwa ngendlela yamaphrojekthi womthombo ovulekile ngaphansi kwelayisense ye-BSD.

Isoftware yakwaTailscale ethunyelwa ngaphandle eqinisekisa amaklayenti amasha, ixhumanisa ukuphathwa okuyisihluthulelos futhi ihlela ukuxhumana phakathi kwama-node kungokuphathelene. Iphrojekthi ye-Headscale ixazulula le nkinga futhi inikezela ngokuqaliswa okuhlukile komthombo ovulekile wezingxenye zeseva ye-Tailscale.

I-Headscale ithatha imisebenzi yokushintshanisa ukhiye womphakathis futhi ibuye yenze imisebenzi yokwabela amakheli e-IP nokusabalalisa amatafula wokuhambisa phakathi kwama-node.

Ngendlela elikuyo manje, I-Headscale isebenzisa zonke izici eziyinhloko zeseva yokuphatha, ngaphandle kokusekelwa kweMicrosoftDNS ne-Smart DNS. Ngokuqondene, isekela imisebenzi yokubhalisa izindawo (ngisho nangaphezu kwewebhu), shintsha inethiwekhi ukwengeza noma ukususa ama-node, ukwahlukanisa ama-subnet usebenzisa ama-namespaces (ungakha inethiwekhi ye-VPN yabasebenzisi abaningi), hlela ukufinyelela okwabiwe kusuka kuma-node kuya kuma-subnets ezindaweni ezahlukahlukene zamagama, ukulawulwa komzila (kufaka phakathi ukunikezela izindawo zokuphuma ukufinyelela umhlaba wangaphandle), ukufinyelela okwabiwe nge-ACL, nokwenziwa kwe-DNS.

Ikhodi ye-Headscale ibhalwe ku-Go futhi isatshalaliswa ngaphansi kwelayisense le-BSD. Le phrojekthi yathuthukiswa nguJuan Font we-European Space Agency.

Ekugcineni, uma unentshisekelo yokwazi okwengeziwe ngakho, ungaxhumana nemininingwane Kulesi sixhumanisi esilandelayo.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.