this post was submitted on 17 Sep 2023
        
      
      91 points (98.9% liked)
      Linux
    59170 readers
  
      
      232 users here now
      From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
        founded 6 years ago
      
      MODERATORS
      
    you are viewing a single comment's thread
view the rest of the comments
    view the rest of the comments
TLDR: Unequivocally yes.
I've managed to eventually establish a two-point OpenVPN link after reading a lot and fiddling with two dozen settings in both the server and client. I can now generate keys for clients, wrap them into .ovpn files and can get people connected to my server.
However:
If you think that's hairy, I hear that WireGuard is even more complicated to set up than OpenVPN.
With Tailscale I install one thing on each device and run one command (or tap a checkbox on Android/iOS). It gives me a link to open, to enroll that device. And that's it. It works.
Not only does it work but it comes out of the box with:
Edit: Yes I know I can use Headscale on a VPS to achieve something very similar to Tailscale. Leaving aside the need for VPS, and while I'm thankful that WireGuard exists and that Headscale is keeping Tailscale honest, and while fully acknowledging my hypocrisy, I'm still going to be a cheap lazy asshole and use Tailscale and get a free ride until Tailscale starts charging. At which point I will weigh their offer against the cheapest VPS out there and either keep using Tailscale or start using Headscale unapologetically while eating crow from all the people shouting "told you so!". Or maybe I'll get a CCNA and finish setting up OpenVPN, we'll see.
I don't know where you heard that. The exact opposite is true in my experience. OpenVPN is a shitshow compared to Wireguard.
FWIW OpenVPN can use DNS names so you can use DDNS.
Point taken on the rest though. Everything you mentioned IS possible but the point that it's beyond most hobbyists is valid. I'm really wary of relying on a centrally managed pay service that is 'free' (for now).
CGNAT says no.
:shrug:, never had to deal with it
You will have to at some point; whether you want to or not. CGNAT is the future of IPv4.
May IPv4 just die.
It's dead already. Problem is that in the year of the lord 2023 ipv6 still isn't really a thing yet, so IPv4 remains on life support.
If you're already using IPv6 for everything, you don't need to care about CGNAT in IPv4. I highly doubt that's the case however.