Oddbean new post about | logout
BTCMcBoatface | 1 years ago (raw) | root | parent | reply | flag 
 Ok I think I see. So I would still need a VPN provider (I have one I pay for) and Wireguard is a superior client that can connect to that VPN provider. I was thinking there was some kind of magical tech that didn't involve any third party.
eximpius | 1 years ago (raw) | root | parent | reply | flag 
 No, you dont need a "provider". You will be the provider
BTCMcBoatface | 1 years ago (raw) | root | parent | reply | flag 
 Oh my god. This sounds like magic and I'm simply not grokking. How would a peer node know how to find the service I'm providing?
lucas | 1 years ago (raw) | root | parent | reply | flag 
 My setup is entirely free.

WireGuard is a VPN protocol. You run the open source server somewhere on the network you want to get into and the client(s) on the devices you want to connect in using. You can do quite creative things with the config(s), but they pretty much mirror each other.

My IP is dynamic and I catch it using DuckDNS.
BTCMcBoatface | 1 years ago (raw) | root | parent | reply | flag 
 I understand this part: it is a VPN protocol and would run on same server as my nodes. The thing I don't understand is how any other Lightning peers would connect to me, unless they are also running a Watchguard client and I whitelist them.
BTCMcBoatface | 1 years ago (raw) | root | parent | reply | flag 
 But even then, a VPN endpoint needs an IP address. So instead of having my node IP showing, I'd have my Watchguard IP showing. (Which is also my home).
eximpius | 1 years ago (raw) | root | parent | reply | flag 
 Your node won't be going through the VPN.. all the VPN will be doing is giving you access into your network from the outside.. your node will be connected however you would normally do it through clearnet, hybrid, tor, or i2p.
jb55 | 1 years ago (raw) | root | parent | reply | flag 
 This was my point. If your LN node is already on public clearnet there’s no reason to not just use lightning itself to connect to your node. It’s basically the wireguard protocol anyways (noise). If it’s a tor-only node then yeah wireguard might make more sense since tor is shit.
BTCMcBoatface | 1 years ago (raw) | root | parent | reply | flag 
 Ok. I see the disconnect here. I'm currently running my nodes over Tor. It is shit. I'm considering going over clearnet for the nodes but not sure if I'm ready to share my home IP address. I believe all the suggestions were about how I could contact/admin my own node. I'm looking for options on how to change my node itself to no longer use Tor. 
It seems like clearnet is maybe the only option, or I could maybe build a ssh-style on a VPS IP address or whatnot.
eximpius | 1 years ago (raw) | root | parent | reply | flag 
 Just use a Cloudflare tunnel if you don't want your IP public
tal | 1 years ago (raw) | root | parent | reply | flag 
 Why not both? it makes more sense to only use the lightning network itself with onion messages without using the node clearnet ip & port. in the case of "direct" connection - isn't limit incoming clearnet node traffic only from the wiregaurd tunnel a better practice?
tal | 1 years ago (raw) | root | parent | reply | flag 
 *limiting
eximpius | 1 years ago (raw) | root | parent | reply | flag 
 A VPN coming into your local network has nothing to do with all the other devices connected to your internal network. Its just a way into your network