Mintisan

Tailscale connects your team's devices and development environments for easy access to remote resources.

官方介绍如上，其实就是虚拟局域网组网，而且底层是基于 Wireguard 分布式的，相比于 Zerotier 使用起来更加简单，参考网友的说法，【如果 Zerotier 是手动挡的话，那么 Tailscale 就是自动挡】。自测联通宽带可以到达 50MB/s 还不错，移动运营商 0.5MB/s 左右，，，

套餐

虽然不是开源的，但是免费模式很良心，足够使用了。

Windows/macOS/iOS/Android/NAS

客户端非常齐全，各种你想得到的平台都可以下载。不过对于 macOS 需要手动下载，并在设置用允许打开。
【还不是国内区域不提供 AppStore 不提供下载，😓】

MT-3000

在用 R4S 的 OpenWRT 折腾时【见 iStore OS】，无法安装，突然想到 MT-3000 也是基于 OpenWRT 系统开发的，可能也可以整。

没想到还有惊喜，主页面都已经帮你弄好了，非常方便，虽然不是最新版本，但也可以使用，Happy～～～

iStore OS

执行 tailscale up 时遇到如下错误，感觉像是服务器端没有给到正确的文件名，后面再看吧，现在有 MT-3000 先顶着可以用。。。

root@iStoreOS:~# tailscale up --accept-dns=false --advertise-routes=192.168.31.0/24
--2023-06-17 16:20:57--  https://pkgs.tailscale.com/stable/
Resolving pkgs.tailscale.com... 199.38.181.239
Connecting to pkgs.tailscale.com|199.38.181.239|:443... connected.
Unable to establish SSL connection.
Downloading Tailscale _arm64 ..
--2023-06-17 16:20:58--  https://pkgs.tailscale.com/stable/tailscale__arm64.tgz
Resolving pkgs.tailscale.com... 199.38.181.239
Connecting to pkgs.tailscale.com|199.38.181.239|:443... connected.
Unable to establish SSL connection.
gzip: invalid magic
tar: Child returned status 1
tar: Error is not recoverable: exiting now
root@iStoreOS:~# gzip
gzip: compressed data not read from terminal, use -f to force it
root@iStoreOS:~# 

高级功能

• Subnet routes : 就是 MT-3000 中 允许远程访问 LAN，就是将其设置为局域网的 Tailscale 的路由器
• Exit node ： 提供跳转功能，可以拿来翻墙用，，，具体参考这篇
• headscale ：开源服务器实现
• Expiry disabled：设置授权一次，不会过期，默认6个月需要重新设置一次
• tailscale Funnel : 可以将内网映射到公网
• 修改设备名称啥的如下

• 共享网络

可以通过邀请用户加到你的网络

iperf3 测速

中国移动与深圳宽带联通，移动 4G 的速率还是差一些，大概 4.86 Mbits/sec

服务端

C:\Users\admin\Downloads\iperf-3.1.3-win64>iperf3 -s -i 2 -p 5201
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------
Accepted connection from 100.102.191.33, port 45016
[  5] local 100.127.221.18 port 5201 connected to 100.102.191.33 port 45024
[ ID] Interval           Transfer     Bandwidth
[  5]   0.00-2.01   sec  1.01 MBytes  4.23 Mbits/sec
[  5]   2.01-4.01   sec   594 KBytes  2.43 Mbits/sec
[  5]   4.01-6.00   sec  1.26 MBytes  5.30 Mbits/sec
[  5]   6.00-8.00   sec  1.43 MBytes  5.98 Mbits/sec
[  5]   8.00-10.01  sec  1.50 MBytes  6.27 Mbits/sec
[  5]  10.01-10.29  sec   199 KBytes  5.77 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth
[  5]   0.00-10.29  sec  0.00 Bytes  0.00 bits/sec                  sender
[  5]   0.00-10.29  sec  5.97 MBytes  4.86 Mbits/sec                  receiver
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------

客户端

./iperf3 -c 10.0.10.15 -p 5201 -i 2 -t 10 --get-server-output

如何时服务端和客户端都在联通宽带，大概 50.5 Mbits/sec 的速率，还行吧

Server listening on 5201
-----------------------------------------------------------
Accepted connection from 100.102.191.33, port 38660
[  5] local 100.127.221.18 port 5201 connected to 100.102.191.33 port 38664
[ ID] Interval           Transfer     Bandwidth
[  5]   0.00-2.01   sec  11.8 MBytes  49.6 Mbits/sec
[  5]   2.01-4.01   sec  11.7 MBytes  48.9 Mbits/sec
[  5]   4.01-6.00   sec  11.9 MBytes  50.1 Mbits/sec
[  5]   6.00-8.00   sec  12.6 MBytes  53.0 Mbits/sec
[  5]   8.00-10.00  sec  12.1 MBytes  50.7 Mbits/sec
[  5]  10.00-10.03  sec   253 KBytes  76.7 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth
[  5]   0.00-10.03  sec  0.00 Bytes  0.00 bits/sec                  sender
[  5]   0.00-10.03  sec  60.4 MBytes  50.5 Mbits/sec                  receiver
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------

参考资料

• https://tailscale.com/
• https://pkgs.tailscale.com/stable/
• OpenWrt安装配置Tailscale实现内网穿透，异地组网
• https://github.com/adyanth/openwrt-tailscale-enabler
• https://github.com/adyanth/openwrt-tailscale-enabler
• Tailscale 免费组建个人VPN，轻松外网访问所有设备，速度快、超简单。OpenWrt也可安装Tailscale，内网穿透如此简单。
• https://www.wundertech.net/how-to-set-up-tailscale-on-openwrt/
• Tailscale 出口节点功能配置流量出口
• TailScale 实现「出口节点」Exit Node（导向所有流量经这出口节点）
• 近期折腾 tailscale 的一些心得
• 不需要独立ip的公网访问（tailscale Funnel）|Tailscale高级功能篇

同类

• frp :A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
• cpolar : 公开一个本地Web站点至公网
• zerotier :ZeroTier lets you build modern, secure multi-point virtualized networks of almost any type. From robust peer-to-peer networking to multi-cloud mesh infrastructure, we enable global connectivity with the simplicity of a local network.
• Nebula : A scalable overlay networking tool with a focus on performance, simplicity and security
• Netmaker :Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
• innernet : A private network system that uses WireGuard under the hood.

iperf3

• https://iperf.fr/iperf-download.php
• Iperf3测速教程