Sorry, my autocorrect changed its into it’s.
Sorry, my autocorrect changed its into it’s.
Tailscale surprisingly was the fastest, even faster than plain Wireguard, despite being userspace. But it also consumed more memory (245 MB after the iperf3 test!) and CPU.
Do we know if this is a variation due to the test protocol or Tailscale is using wireguard with specific settings to improve, slightly, its speed?
With Tailscale and other mesh VPN, by default all your machines are client and servers. If you have 3 machines A, B and C, when machine A wants to send something to B it will connect to the server that B has.
These mesh VPN have a central server that is used to help with the discovery of the members, manage ACLs, and in the case one machine is quite hidden and not direct network access can be done act as a relay. Only in that last case do the traffic go through the central server, otherwise the only thing the central server knows is that machine A requested to talk to machine B.
You still have to trust them if you want to use their server, but you can also host your own server (headscale for Tailscale). Though at this point you still need to somewhat trust Tailscale anyway since they re the ones doing the client releases. They could absolutely insert a backdoor and it would work for a while until is is discovered and would then totally ruin their reputation.
I have been using Bookstack, I like it though it is missing a few features I would love: