Nebula Review ruclips.net/video/94KYUhUI1G0/видео.html ZeroTier Review ruclips.net/video/Bl_Vau8wtgc/видео.html How To Work Remotely Using Zerotier & Windows Remote Desktop (RDP) ruclips.net/video/ZShna7v77xc/видео.html zerotier.com/ tailscale.com/ How To Build Your Own Wireguard Server forums.lawrencesystems.com/t/getting-started-building-your-own-wireguard-vpn-server/ Reddit Post www.reddit.com/r/selfhosted/comments/ny4b6i/benchmark_bandwidth_direct_ssh_zerotier_zerotier/ ⏱ Timestamps ⏱ 00:00 Tailscale VS ZeroTier 02:58 Nebula and other Solutions 03:58 How Tailscale & ZeroTier Work 07:16 Why Not Just Wireguard? 09:12 Data Encryption & Threat Surface 11:14 Lab Demo and Test 22:15 Final Thoughts
@@teachonlywhatiseasy I finally got around to creating a video of some bash scripts I use to self-host a controller when I saw your post here. ruclips.net/video/C2HS3cQZY5U/видео.html github.com/thedunston/bash_cli_zt
One thing of significance, to me, is that the devs building TailScale are heavy weight hitters/very skilled people in the tech industry, and are seemingly doing this startup out of pure nerd itch scratching. Hence you can expect really clean and well built stuff from them.
Even if you only use it to play old-school LAN games with friends, tailscale is a killer experience because I could explain to my non techy friends how to set it up no problem. All they sent me is the authorization link.
@@owlmostdead9492 did you use a subnet router or exit node? For some games where you could type in the IP they just joined that way and it worked great.
The first ping on ZeroTier always took ~1000ms while TailScale always seemed to be consistent. I wonder whether ZeroTier waits until communication begins to find the best route between the two while TailScale figures one out in advance, even if not quite as optimal for throughput. In some applications I could imagine that latency being a problem.
After this video, I'd consider the user interface, reporting, setup and maintenance as more important. The video showed Zerotier as faster throughput (for whatever reason) but it wasn't as smoothly consistent on latency. Tailscale wasn't as fast (for whatever reason) but showed very consistent latency across the board. I'll probably look into the software that doesn't require me to punch holes and redirects into my double NAT.
I started with tailscale a few weeks ago, and decided to move over to Zerotier. I looked at Nebula but it seems like setting it up is well above my skill & knowledge levels.
I was thinking about implementing Tailscale for my work but when it all adds up with the x amount of users it just costs way to much. I will probably end up using Zerotier.
What a great video... your approach to testing these and with some added complexity to show the setup and how each of these solutions and how they could work was awesome. Concise, effective and efficient, thanks for your work.. I was totally considering Cloud Flare tunnels until I saw your TOS video on it then I watched a few other videos.. intrigued by zerotier and tailscale. I've used wireguard in the past but I think zerotier is definitely worth a look/try.
So I have an app to watch tv from anywhere using a mobile device from my cable provider, but certain channels and recordings on my PVR only work if I’m connected to my home wifi. I’m thinking that connecting to a computer at home when I’m out and about via, Nebula, Tailscale, or Zerotier would allow me to get full functionality - which one would you recommend i go with for this one requirement?
Great video! I recently installed Tailscale and created a network for my Synology NAS’s so I could move one offsite and use Hyper Backup for a remote backup solution completing a 3-2-1 backup strategy. This was very easy to setup and is working flawlessly. I am also able to access the remote NAS’s DSM. The only thing I haven’t been able to conquer is joining the remote NAS to CMS. 🤷🏻♂️ I worked when it was local and I was doing my first Hyper Backup. 😞 Anyway would love to see a dedicated Tailscale video, including Synology, more so if it is possible to get CMS working through Tailscale. Thanks again!! Great stuff! 😊👍🏻👍🏻
Had some issues with ZeroTier where sometimes my devices can't see each other. Same issues happened to my IT Staff when I asked them to try it. They said they had to add some firewall exceptions to make it work. I didn't get this issue on my end, though I had to disconnect and reconnect my devices to the ZeroTier network a few times to make it work. Now I tried Tailscale and it worked right off the bat. No issues so far.
Yeah, we use Zerotier for SSH access and have experienced the same. 95% of the time it works, just 5% of the time it doesn't. Have been troubleshooting with Zerotier and they believe they found the issue (discuss.zerotier.com/t/coma-bug-update/3138). Requires the secondary port to be changed in zerotier's config for now. Tailscale is a lot more $, so we've just stuck with Zerotier.
Is Tailscale capable of establishing a direct peer to peer connection or is it all DERP relays? I am getting high latency on all my Tailscale client devices because the connections are all DERP relay. Is there a way to fix this?
Great video. I've been using ZT for a few years now and i wondered if I was missing out on not using tailscale. I was wondering if you've had a look at Headscale?
The same subnet.. why do you say hole punching? Looks like speed difference is purely encryption speed. Which means 0T is either extremely Genius or has weaker encryption.
Hmm wondering if this will solve my problem of not being able to use Wireguard thru Cloudflare Proxy 🤔 and now I'm debating what's more secure - opening up a single UDP port on my fw or opening myself up to the potential threat of other nodes compromising my network. It's always 6 of 1, half a dozen of the other with this stuff - you can never have it all and need to make compromises EVERYWHERE
I really enjoy using Zerotier to get my phone connected to my home network. But connection speed really isn't on par with my LAN experience. Maybe because I'm European and their servers are probably located overseas?
Thank you for the great video, I followed your cloudflare tunnel video previously, and now installed tailscale based on your very useful and easy to follow tutorials. I'm wondering if you can create a video implementing/comparing subnet routing on tailscale vs. Zerotier? I was able to set it up for tailscale but tailscale's app breaks my android internet connection when using mobile (Toggling all combinations of DNS options didnt help), I'm wondering if it works better in ZeroTier.
@@LAWRENCESYSTEMS you mentioned if anyone wants more tutorials on Tailscale to comment. Primarily how can I edit my .conf files to integrate my 3rd party VPN service to my server (or can this be done manually within Linux cmds)??? Where when my clients connect to my server they connect to the desired wireguard server that connects to the internet.
@@LAWRENCESYSTEMS ohhhh 🤨🤨🤨 the .conf files look no different so I figured just changing the interface( I thought) might allow for my peers/ clients to tunnel to the chosen outside internet wireguard server??? Since Tailscale's backbone is wireguard isn't it?
Great video, but I still can't get Zerotier to treat one node as a gateway to allow network access to other machines on it's local network! I've tried allsorts and nothing works... Zerotier does have good documentation for sure, but much of it is irrelevant to day to day getting the blooming thing to work as intended. If anyone knows of a decent and to the point tutorial to get this working, please post it! thanks
you should to iptables masquerade it is beyond Zerotier you need linux skills and it is also documented on ZT knowledgebase , but masquerating routing is being handled on TS userspace implementation which is tightly integrated with the client. If you can be specific about your issue , i will do my best to help you.
@@aliihsandonmezer6667 But ZT has options for bridging, both in the web interface and the app, no combination seems to work at all... Why have the options if they still need substantial Linux knowledge to get to work...?
@@dougle03 I Do agree Peter but they could not release v2 on time it is beyond this topic but they are developing the software with low resources they have to pay the bills. they received 2 M fundraising let`s hope things will change soon they could be a major open source SDN provider something happened on the way of heaven. They wanted to be small player that s their choice.
Compared to say PiVPN this seems incredibly laborious. All I had to do with install PiVPN on a Pi, create a client, connect via my phone, and I have access to everything on my home network without having to manually add/config individual devices. I don't understand how people think Tailscale is easier. Or is it just everyone trying to explain Tailscale is doing a very poor job of it.
I suggest that everyone who uploads on youtube use dark themes in every situation possible. The white is just too much. Seriously, who are these people that enjoy curb-stomping their pupils?
They offered to pay me for a video like they did Network Chuck, but I passed on the product. Not open source and did not have good public facing documentation
hello, I work as an ISP admin I made a zerotier controller on a mikrotik 5009 on a 1Gb/s symmetric connection; I have two clients who also have a 1Gb/s connection and mikrotik 3011 - iperf3 shows performance of about 50-55 Mb/s in your configuration the iperf transfer is very high - what is the secret regards Daniel
Nebula Review
ruclips.net/video/94KYUhUI1G0/видео.html
ZeroTier Review
ruclips.net/video/Bl_Vau8wtgc/видео.html
How To Work Remotely Using Zerotier & Windows Remote Desktop (RDP)
ruclips.net/video/ZShna7v77xc/видео.html
zerotier.com/
tailscale.com/
How To Build Your Own Wireguard Server
forums.lawrencesystems.com/t/getting-started-building-your-own-wireguard-vpn-server/
Reddit Post
www.reddit.com/r/selfhosted/comments/ny4b6i/benchmark_bandwidth_direct_ssh_zerotier_zerotier/
⏱ Timestamps ⏱
00:00 Tailscale VS ZeroTier
02:58 Nebula and other Solutions
03:58 How Tailscale & ZeroTier Work
07:16 Why Not Just Wireguard?
09:12 Data Encryption & Threat Surface
11:14 Lab Demo and Test
22:15 Final Thoughts
hi lawrence, could you do a video on zerotier (self hosted). I believe tailscale has some maturing time ahead of itself.
@@teachonlywhatiseasy I finally got around to creating a video of some bash scripts I use to self-host a controller when I saw your post here. ruclips.net/video/C2HS3cQZY5U/видео.html github.com/thedunston/bash_cli_zt
One thing of significance, to me, is that the devs building TailScale are heavy weight hitters/very skilled people in the tech industry, and are seemingly doing this startup out of pure nerd itch scratching. Hence you can expect really clean and well built stuff from them.
This is an absurdly high quality and easy to understand video explanation for an IT guy with a weaker networking background, great job!
Feels backhanded 😂
Love it, thank you so much. Would be awesome to see a ZeroTier bridging setup for remote branch deployment
Even if you only use it to play old-school LAN games with friends, tailscale is a killer experience because I could explain to my non techy friends how to set it up no problem. All they sent me is the authorization link.
Funny I tried using tailscale for LAN over internet games but it never really worked.
@@owlmostdead9492 did you use a subnet router or exit node? For some games where you could type in the IP they just joined that way and it worked great.
@@owlmostdead9492 same, i wonder whats wrong
Yes! I was hoping someone creditable would review tailscale. Thanks Lawrence!
his name is Tom...
The first ping on ZeroTier always took ~1000ms while TailScale always seemed to be consistent. I wonder whether ZeroTier waits until communication begins to find the best route between the two while TailScale figures one out in advance, even if not quite as optimal for throughput. In some applications I could imagine that latency being a problem.
Love using Tailscale on SBC - and I love the easy share with other function.
After this video, I'd consider the user interface, reporting, setup and maintenance as more important. The video showed Zerotier as faster throughput (for whatever reason) but it wasn't as smoothly consistent on latency. Tailscale wasn't as fast (for whatever reason) but showed very consistent latency across the board. I'll probably look into the software that doesn't require me to punch holes and redirects into my double NAT.
Great video! This makes learning so much easier!!
I started with tailscale a few weeks ago, and decided to move over to Zerotier. I looked at Nebula but it seems like setting it up is well above my skill & knowledge levels.
I have been using ZeroTier about 6 years now even on Windows 7,which wasn't supported and it's been rock solid.
I was thinking about implementing Tailscale for my work but when it all adds up with the x amount of users it just costs way to much.
I will probably end up using Zerotier.
What a great video... your approach to testing these and with some added complexity to show the setup and how each of these solutions and how they could work was awesome. Concise, effective and efficient, thanks for your work.. I was totally considering Cloud Flare tunnels until I saw your TOS video on it then I watched a few other videos.. intrigued by zerotier and tailscale. I've used wireguard in the past but I think zerotier is definitely worth a look/try.
Network overlays. I dig it. This is the future.
Just like subnetting must have been revolutionary.
Thank you. I have just started using Tailscale and wondered if Zerotier would be better. For my personal use it appears either would do just fine.
Thank for the video tom! I would like to see you reviewing wiretrustee and netmaker too, thank before
And could you doing a review to cloudflare magic-wan too?
Did you measure the system load while testing the encrypted streams?
You’re just the boss ! Thank you.
So I have an app to watch tv from anywhere using a mobile device from my cable provider, but certain channels and recordings on my PVR only work if I’m connected to my home wifi. I’m thinking that connecting to a computer at home when I’m out and about via, Nebula, Tailscale, or Zerotier would allow me to get full functionality - which one would you recommend i go with for this one requirement?
Great video! I recently installed Tailscale and created a network for my Synology NAS’s so I could move one offsite and use Hyper Backup for a remote backup solution completing a 3-2-1 backup strategy. This was very easy to setup and is working flawlessly. I am also able to access the remote NAS’s DSM. The only thing I haven’t been able to conquer is joining the remote NAS to CMS. 🤷🏻♂️ I worked when it was local and I was doing my first Hyper Backup. 😞 Anyway would love to see a dedicated Tailscale video, including Synology, more so if it is possible to get CMS working through Tailscale. Thanks again!! Great stuff! 😊👍🏻👍🏻
Had some issues with ZeroTier where sometimes my devices can't see each other. Same issues happened to my IT Staff when I asked them to try it. They said they had to add some firewall exceptions to make it work. I didn't get this issue on my end, though I had to disconnect and reconnect my devices to the ZeroTier network a few times to make it work. Now I tried Tailscale and it worked right off the bat. No issues so far.
Yeah, we use Zerotier for SSH access and have experienced the same. 95% of the time it works, just 5% of the time it doesn't. Have been troubleshooting with Zerotier and they believe they found the issue (discuss.zerotier.com/t/coma-bug-update/3138). Requires the secondary port to be changed in zerotier's config for now.
Tailscale is a lot more $, so we've just stuck with Zerotier.
Same boat here, totally random clients just refuse to participate. Looking for alternatives now. :-(
Is Tailscale capable of establishing a direct peer to peer connection or is it all DERP relays? I am getting high latency on all my Tailscale client devices because the connections are all DERP relay. Is there a way to fix this?
Yes, they have a great write up here tailscale.com/blog/how-nat-traversal-works/
Thank you for this video and the explanations.
Nebula does not have nat traversal. I would not put it in the same category yet.
Partially correct, at least one node has to public
@@LAWRENCESYSTEMS Yep. If both are behind nat, if fails but can still ping the lighthouse.
*Tom puts out a zero tier video*
Dammit Tom! I have work I should be doing...
+1 on Tailscale exploration
Great video. I've been using ZT for a few years now and i wondered if I was missing out on not using tailscale. I was wondering if you've had a look at Headscale?
The same subnet.. why do you say hole punching? Looks like speed difference is purely encryption speed. Which means 0T is either extremely Genius or has weaker encryption.
right, and wireguard is supported directly in the kernel...
Are ZeroTier and Tailscale similar in nature to Zscaler Private Access (ZPA) or am I way off base?
Thank You tom!
For reason mentioned at 9:50, I am out. Great video BTW.
Can we use one of these for our video monitoring and cloud flare for html access?
Possibly
Hmm wondering if this will solve my problem of not being able to use Wireguard thru Cloudflare Proxy 🤔 and now I'm debating what's more secure - opening up a single UDP port on my fw or opening myself up to the potential threat of other nodes compromising my network. It's always 6 of 1, half a dozen of the other with this stuff - you can never have it all and need to make compromises EVERYWHERE
I really enjoy using Zerotier to get my phone connected to my home network.
But connection speed really isn't on par with my LAN experience.
Maybe because I'm European and their servers are probably located overseas?
It's p2p, traffic doesn't go through their servers, just the initial handshake stuff.
Looking at Tailscale's route advertising and exit nodes. 2 points up over Zerotier 😎
Please explain!
+1 please explain.
Thanks for the demo and info, let's get ready to NETWORK LOL
ZeroTier is backed by its founder Adam I. In February 2021, it raised $2 million in venture funding from Anorak Ventures and Bonfire Ventures.
Thank you for the great video, I followed your cloudflare tunnel video previously, and now installed tailscale based on your very useful and easy to follow tutorials.
I'm wondering if you can create a video implementing/comparing subnet routing on tailscale vs. Zerotier? I was able to set it up for tailscale but tailscale's app breaks my android internet connection when using mobile (Toggling all combinations of DNS options didnt help), I'm wondering if it works better in ZeroTier.
So both are Hub and spoke techs that allow you to set VPNs seamlessly. Got it.
Please do more tutorials on TailScale!!!
what was left out of this one?
@@LAWRENCESYSTEMS you mentioned if anyone wants more tutorials on Tailscale to comment. Primarily how can I edit my .conf files to integrate my 3rd party VPN service to my server (or can this be done manually within Linux cmds)??? Where when my clients connect to my server they connect to the desired wireguard server that connects to the internet.
@@Juhsga Tailscale can only connect to Tailscale servers not other Wireguard servers.
@@LAWRENCESYSTEMS ohhhh 🤨🤨🤨 the .conf files look no different so I figured just changing the interface( I thought) might allow for my peers/ clients to tunnel to the chosen outside internet wireguard server??? Since Tailscale's backbone is wireguard isn't it?
@@Juhsga Yes, it is using Wireguard for transport
Is it better to launch wiregaurd in the cloud or home server?
a headscale home server connected to tailscale would be best
Great video, but I still can't get Zerotier to treat one node as a gateway to allow network access to other machines on it's local network! I've tried allsorts and nothing works... Zerotier does have good documentation for sure, but much of it is irrelevant to day to day getting the blooming thing to work as intended. If anyone knows of a decent and to the point tutorial to get this working, please post it! thanks
you should to iptables masquerade it is beyond Zerotier you need linux skills and it is also documented on ZT knowledgebase , but masquerating routing is being handled on TS userspace implementation which is tightly integrated with the client. If you can be specific about your issue , i will do my best to help you.
@@aliihsandonmezer6667 But ZT has options for bridging, both in the web interface and the app, no combination seems to work at all... Why have the options if they still need substantial Linux knowledge to get to work...?
@@dougle03 I Do agree Peter but they could not release v2 on time it is beyond this topic but they are developing the software with low resources they have to pay the bills. they received 2 M fundraising let`s hope things will change soon they could be a major open source SDN provider something happened on the way of heaven. They wanted to be small player that s their choice.
Compared to say PiVPN this seems incredibly laborious. All I had to do with install PiVPN on a Pi, create a client, connect via my phone, and I have access to everything on my home network without having to manually add/config individual devices. I don't understand how people think Tailscale is easier. Or is it just everyone trying to explain Tailscale is doing a very poor job of it.
Selfhosting ZeroTier is not that hard.
That was really interesting, thanks Tom.
Tailscale free tier - 100 devices, 3 users... that's a no-brainer for homelab enthusiasts.
It makes things easy, but also makes you reliant on a company that is currently offering a service for free.
you misspelled debian, lol
i know, right?
支持!
I suggest that everyone who uploads on youtube use dark themes in every situation possible. The white is just too much. Seriously, who are these people that enjoy curb-stomping their pupils?
Now twingate came along do a vid about it pls
They offered to pay me for a video like they did Network Chuck, but I passed on the product. Not open source and did not have good public facing documentation
if it is not open source, it is NOT trustworthy
Decaf. It will help you slow down your explanation.
hello,
I work as an ISP admin
I made a zerotier controller on a mikrotik 5009 on a 1Gb/s symmetric connection;
I have two clients who also have a 1Gb/s connection and mikrotik 3011 - iperf3 shows performance of about 50-55 Mb/s
in your configuration the iperf transfer is very high - what is the secret
regards
Daniel