This is a really well written write-up, but I do want to point out that NAT traversal like this is not a new idea at all and this is by no means the first such write-up.
Here's an RFC from 2010 describing not only NAT traversal but a protocol for cryptographic addressing, which is another technique used by both ZeroTier and Tailscale:
I can keep going. I first learned about NAT traversal around 2002 and cryptographic addressing in the mid-2000s.
A lot of ideas in computing get invented and re-invented or at least re-popularized over and over again. Another such idea from networking is zero trust, which was originally called deperimeterisation and was developed by a group called the Jericho Forum in 2003-2005:
It then got re-invented by Google as BeyondCorp in 2013, then by Forrester and Gartner as Zero Trust most recently. In this case we maybe had to wait for a more confusing term. Deperimeterisation more accurately describes what's happening and there seems to be a rule in networking that prohibits clear language that is not misleading. Zero Trust is a lie since (1) there is no such thing, and (2) the way it's usually deployed today delegates all trust to a single third party like Google or Okta that now has root on the entire universe. This is actually centralized trust.
My intent here is just to remind HN readers that what's new around here is often not new at all. Our field has an incredibly short memory and re-discovers things constantly. I've been on HN since the start and feel like I've watched several generations re-discover things that date back to the 1980s. Hell I watched the entire history of databases get speed run starting with the NoSQL trend (1970s hierarchical data models) and proceeding through the re-discovery of why the RDBMS became popular.
Yeah, except for the DERP protocol, my impression is that it's what they do in Tailscale but don't claim that what they have done is new. They even referenced STUN's RFCs, so I don't think that they are misrepresenting anything as new but simply describing in detail how their product works.
Here is one from 2014:
https://www.zerotier.com/2014/08/25/the-state-of-nat-travers...
Here's an earlier one from what seems to be the late 2000s:
https://bford.info/pub/net/p2pnat/
Here's an RFC from 2010 describing not only NAT traversal but a protocol for cryptographic addressing, which is another technique used by both ZeroTier and Tailscale:
https://datatracker.ietf.org/doc/html/draft-ietf-hip-nat-tra...
Here's an RFC for NAT traversal with STUN from 2008:
https://www.rfc-editor.org/rfc/pdfrfc/rfc5389.txt.pdf
I can keep going. I first learned about NAT traversal around 2002 and cryptographic addressing in the mid-2000s.
A lot of ideas in computing get invented and re-invented or at least re-popularized over and over again. Another such idea from networking is zero trust, which was originally called deperimeterisation and was developed by a group called the Jericho Forum in 2003-2005:
https://twitter.com/jonoberheide/status/1505160010371895299
It then got re-invented by Google as BeyondCorp in 2013, then by Forrester and Gartner as Zero Trust most recently. In this case we maybe had to wait for a more confusing term. Deperimeterisation more accurately describes what's happening and there seems to be a rule in networking that prohibits clear language that is not misleading. Zero Trust is a lie since (1) there is no such thing, and (2) the way it's usually deployed today delegates all trust to a single third party like Google or Okta that now has root on the entire universe. This is actually centralized trust.
My intent here is just to remind HN readers that what's new around here is often not new at all. Our field has an incredibly short memory and re-discovers things constantly. I've been on HN since the start and feel like I've watched several generations re-discover things that date back to the 1980s. Hell I watched the entire history of databases get speed run starting with the NoSQL trend (1970s hierarchical data models) and proceeding through the re-discovery of why the RDBMS became popular.