🕵️ netsec from tier zero

Just give up doing port forwards, seriously

remember Himatchi? (Developed by Alex Pankratov in 2004, used a lot by gamers for WAN/LAN games?)

cringe

The idea is sound, there is no reason why networks nowadays should be constrained by the physical mapping of a network. And there's a new player on the market that seems to be checking a lot of the boxes and gaining momentum.

Zerotier

ZeroTier combines the capabilities of VPN and SD-WAN, simplifying network management
~ dec0dOS/zero-ui/README#Wait, I haven't heard about ZeroTier yet

I can confirm it works nicely. Why even bother with reverse ssh tunnels?! Just remember to ☑ the device you want to accept onto the network :P

It's so simple you'll forget about it once it's in place. Zerotier free allows up to 50 devices (1 admin user) on a private network for free.. and there's a way to host it yourself for free + have a friendly UI.

If you're still not convinced:

Mikrotik

Since 2021/2022, there's Zerotier support, both as client and controller for MikroTik routers!

This opens an interesting door, any device on your physical network would be able to talk to any device on a remote physical network as long as both are members of the same Zerotier network.

RouterOS implements ZeroTier functionality in the role of a node where most of the network configuration must be done on the ZeroTier webpage dashboard. However, in situations where you would prefer to do all the configuration on your own device, RouterOS offers to host your own controller

Alternatives

Tailscale seems to be the closest direct alternative, being less decenteralized but offering SSO.

Status

It's still a work in progress, but here's the todo:

• have our main laptops/smartphones networked over Zerotier ☑️
• Have our home server networked over Zerotier
• Install Zerotier on our router ☑️
• full tunnel mode, like a VPN
• Have dns
• run own controller
• fail-over for controller

Todo

Look into https://zrok.io/ (hn)