Does it include reconnection logic? I presume that's not considered "low level", but it does always annoyingly have to be reimplemented every time you deal with long-lived socket connections in production.

Part of the problem with libp2p is that the canonical implementations are in Go which isn’t really well-suited to use from C++, JS, or Rust. The diversity of implementations in other languages makes for varying levels of quality and features. They really should have just picked one implementation that would be well-suited to use via C FFI and provided ergonomic wrappers for it.

...and DNS, and host provisioning, and SSO, and RBAC, and other stuff you need to sell to enterprises.

Well, WireGuard and WebRTC, but yes.

The real feature of Tailscale is being able to connect to devices without worrying about where they are.

I've met a lot of people who think Tailscale invented what it does.

Prior to Tailscale there were companies -- ZeroTier and before it Hamachi -- and as you say many FOSS projects and academic efforts. Overlay networks aren't new. VPNs aren't new. Automated P2P with relay fallback isn't new. Cryptographic addressing isn't new. They just put a good UX in front of it, somewhat easier to onboard than their competitors, and as you say had a really big marketing budget due to raising a lot when money was cheap.

Very few things are totally new. In the past ten years LLMs are the only actually new thing I've seen.

Shill disclosure: I'm the founder of ZeroTier, and we've pivoted a bit more into the industrial space, but we still exist as a free thing you can use to build overlays. Still growing too. Don't have any ill will toward Tailscale. As I said nobody "owns" P2P and they're doing something a bit different from us in terms of UX and target market.

These "dumb pipe" tools -- CLI tooling for P2P pipes -- are cool and useful and IMHO aren't exactly the same thing as ZT or TS etc. They're for a different set of use cases.

The worst thing about the Internet is that it evolved into a client-server architecture. I remain very cautiously optimistic that we might fix this eventually, or at least enable the other paradigm to a much greater extent.

I've managed a Wireguard-based VPN before Tailscale. It's pretty straightforward[0].

Tailscale makes it even more convenient and adds some goodies on top. I'm a happy (free tier) user.

[0] I also managed an OpenVPN setup with a few hundred nodes a few decades back. Boy do we have it easy now...

They provide a default relay. It’s not clear to me whether you can manually specify a different relay.

Thanks for the response. This statement confuses me a bit. What is a relay? Does traffic go through it at all, or is it for connection negotiation, or some of both?

I feel it was the same for IFTTT over a decade ago. People always move on to the next shiny thing.

> ... that are secure ...

That's a huge assumption I wouldn't make after reading "dumb".

And from the article:

> Easy, direct connections that punch through NATs & stay connected as network conditions change.

This sounds more like a pipe that is trying to be smart. According to your principle, not something to build a secure system with.

You could describe this same project as "a smart pipe that punches through NATs & stays connected (...)" and it wouldn't be any more surprising or inaccurate than the current description. So maybe it is not that descriptive.

Wireguard doesn't do most of those either

Ah right, but this does not support bidirectional streaming so I won't be able to get the remote stdout on the client, I guess.