Connet.dev – high performance reverse proxy to connect devices privately

10•Ingon•9mo ago

Comments

Ingon•9mo ago

Hi All,

This is a hosted version of connet[1]. In addition, it allows users to expose their endpoints directly on the internet (optional and still in progress)

[1] https://github.com/connet-dev/connet

andrewfromx•9mo ago

I like it. Here's how I see the marketplace:

Quick demonstrations & development: ngrok

Low-resource environments (IoT, embedded): rathole

Privacy-focused deployments: connet

Production with active community: FRP

Self-hosting with direct connections: connet

https://gist.github.com/andrewarrow/d0e41dd954485a8574b9ea74...

srichard16•9mo ago

Curious: why do you see ngrok as just for testing and dev when thousands of users use ngrok in production?

Full disclosure I work there.

ghoshbishakh•9mo ago

Why route all traffic through a tunnel for a production setup? On-premise solutions will use static IPs from their ISPs.

Full disclosure - I work at https://pinggy.io

Ingon•9mo ago

Very cool comparison, thank you!

One new feature I haven't highlighted yet, is that you can, in addition, encrypt traffic as it goes through relays (both via tls or noise-inspired protocol, dhxcp). This enhances privacy, even when you are using public (e.g. not owned by you relays), covering a case like https://connet.dev nicely.

PLG88•9mo ago

Sounds like what zrok.io does ... do you also support completely E2E private shares like it does - https://docs.zrok.io/docs/concepts/sharing-private/. This means the resource does not have a public IP at all (note, zrok also does public shares).

Ingon•9mo ago

If I understand correctly the terminology/case, all shares in connet a private. You access a remote resource as it was local, but that doesn't mean the resource is publicly visible. For example, my local network clients, do not need public IP or special firewall rules to communicate with remote clients.

What I was describing above is a specific way to route traffic - by default if direct connection between clients can be made (e.g. peer-to-peer), connet uses that. However, in cases where this is not possible, connet can use relays to send traffic between peers. In this scenario, you can in addition encrypt traffic end-to-end, so if you are using a public/untrusted relays, the relay itself cannot inspect/see traffic between peers.

Of course, you can also configure peers to never use relays and always communicate directly. A relay (or a third-party) is only used when both peers allow it and no direct route can be used.

yair99dd•9mo ago

I'm a zrok.io fan

PLG88•9mo ago

I would say zrok.io is more privacy-focused, particularly with its frontdoor and private sharing features.

Ingon•9mo ago

connet itself doesn't have a notion of public share at all - you need clients/peers on both ends (destination and source) to "project" a remote service. connet.dev do enhance this, by running the source clients publicly, but you need to specifically enable this, and it is best used as a break-glass option, since obviously makes things less-private.

In any case, zrok.io is cool, it is certainly more mature and feature rich project.

PLG88•9mo ago

Ahh, interesting, thanks for making it clear to me. You should check out OpenZiti too, that's what zrok is built on.

sylens•9mo ago

Interestingly I just did this with my own reverse proxy recently; nginx proxy manager in a container running on the network of a Tailscale container on the same host, connected to a Tailscale exit node on internal network. Will take a look at whether this is better.

Ingon•9mo ago

Thanks, it would be great to hear if you tried connet and how it went!

In any case, homegrown solutions are great, they offer the most flexibility, but also require the biggest time investment (and knowledge of course).

vimredo•9mo ago

This reminds me a bit about gsocket[1], except that it seems slightly more configurable and not just intended to be a backdoor.

[1]: https://gsocket.io/

Show HN: One-click AI employee with its own cloud desktop

Show HN: Poddley – Search podcasts by who's speaking

Same Surface, Different Weight

The Rise of Spec Driven Development

The first good Raspberry Pi Laptop

Seas to Rise Around the World – But Not in Greenland

Will Future Generations Think We're Gross?

State Department will delete Xitter posts from before Trump returned to office

Show HN: Verifiable server roundtrip demo for a decision interruption system

Impl Rust – Avro IDL Tool in Rust via Antlr

Stories from 25 Years of Software Development

minikeyvalue

Neomacs: GPU-accelerated Emacs with inline video, WebKit, and terminal via wgpu

Show HN: Moli P2P – An ephemeral, serverless image gallery (Rust and WebRTC)

How I grow my X presence?

What's the cost of the most expensive Super Bowl ad slot?

What if you just did a startup instead?

Hacking up your own shell completion (2020)

Show HN: Gorse 0.5 – Open-source recommender system with visual workflow editor

GLM-OCR: Accurate × Fast × Comprehensive

Local Agent Bench: Test 11 small LLMs on tool-calling judgment, on CPU, no GPU

Show HN: AboutMyProject – A public log for developer proof-of-work

Expertise, AI and Work of Future [video]

So Long to Cheap Books You Could Fit in Your Pocket

PID Controller

SpaceX Rocket Generates 100GW of Power, or 20% of US Electricity

Kubernetes MCP Server

I Built a Movie Recommendation Agent to Solve Movie Nights with My Wife

What were the first animals? The fierce sponge–jelly battle that just won't end

Sidestepping Evaluation Awareness and Anticipating Misalignment

Show HN: One-click AI employee with its own cloud desktop

Show HN: Poddley – Search podcasts by who's speaking

Same Surface, Different Weight

The Rise of Spec Driven Development

The first good Raspberry Pi Laptop

Seas to Rise Around the World – But Not in Greenland

Will Future Generations Think We're Gross?

State Department will delete Xitter posts from before Trump returned to office

Show HN: Verifiable server roundtrip demo for a decision interruption system

Impl Rust – Avro IDL Tool in Rust via Antlr

Stories from 25 Years of Software Development

minikeyvalue

Neomacs: GPU-accelerated Emacs with inline video, WebKit, and terminal via wgpu

Show HN: Moli P2P – An ephemeral, serverless image gallery (Rust and WebRTC)

How I grow my X presence?

What's the cost of the most expensive Super Bowl ad slot?

What if you just did a startup instead?

Hacking up your own shell completion (2020)

Show HN: Gorse 0.5 – Open-source recommender system with visual workflow editor

GLM-OCR: Accurate × Fast × Comprehensive

Local Agent Bench: Test 11 small LLMs on tool-calling judgment, on CPU, no GPU

Show HN: AboutMyProject – A public log for developer proof-of-work

Expertise, AI and Work of Future [video]

So Long to Cheap Books You Could Fit in Your Pocket

PID Controller

SpaceX Rocket Generates 100GW of Power, or 20% of US Electricity

Kubernetes MCP Server

I Built a Movie Recommendation Agent to Solve Movie Nights with My Wife

What were the first animals? The fierce sponge–jelly battle that just won't end

Sidestepping Evaluation Awareness and Anticipating Misalignment

Connet.dev – high performance reverse proxy to connect devices privately

Comments