Hey HN,<p>This is Misha and Maycon from (finally) sunny Berlin. We built NetBird (https://github.com/netbirdio/netbird) - an open-source, peer-to-peer WireGuard-based private networking platform.<p>You'd probably say: "C'mon, there is a bunch of other similar solutions out there, and one more?" And you'd be right - there are a few, and there will be more. NetBird is not new and has been on the market since 2021 though.<p>We need more solutions like that because private networking is complex. But, luckily it has changed in the past few years, shifting toward simplicity with minimal configuration. Give it two-three years, and most IT pros won't use anything but 0-configuration networks to connect their multi-cloud, office, on-premise, and home environments. Simple connectivity will become a commodity.<p>But how is NetBird different?<p>First, here is our story. We started working on p2p networking technology as part of our privacy-focused home storage solution for personal data. The technology was aimed at individuals with no technical knowledge wanting to connect to their home network and access personal data like photos and documents securely end-to-end from anywhere in the world without involving third-party servers that could decrypt traffic. Our hardware went viral in early 2021. Some of you might remember this video from Jeff Geerling: https://youtu.be/ahrdx3TYxZc<p>The pandemic hit the semiconductor market, making it hard to produce hardware at scale, especially for small teams like ours. We realized that our p2p technology could be applied to corporate networks, saving hours for engineering teams. We paved a new direction for the company - a p2p overlay network, no hardware.<p>Second, simple and secure connectivity should be available to every company. Therefore NetBird is 100% open-source and self-hosted, including our network management service. BSD-3.<p>Third, NetBird uses kernel WireGuard and applies advanced NAT traversal techniques using Berkley Packet Filters (BPF) to "punch" a hole in the firewall and automatically configure a p2p connection between the machines, thus making the network fast, efficient, and secure.
Check the code out: https://github.com/netbirdio/netbird/tree/main/sharedsock<p>Fourth, you can run userspace NetBird on platforms that don't support kernel WireGuard (e.g., Windows or macOS). The userspace WireGuard is also fast, thanks to recent developments in wireguard-go by Jordan Whited from Tailscale. It consumes more CPU than the kernel version, though.
Our implementation: https://github.com/netbirdio/netbird/blob/main/iface/bind/bind.go.<p>Fifth, NetBird uses Interactive Connectivity Establishment (ICE) to discover the best connection path between resources. ICE is commonly used in WebRTC for video conferencing apps like Zoom.
Heads up to folks from Pion https://github.com/pion/ice.<p>Sixth, NetBird supports MFA and popular OpenID-compliant Identity Providers (IdP) like MS Azure, Okta, Google, Auth0, Keycloak, Zitadel, Authentik, etc. Available in the self-hosted version as well.<p>Seventh, NetBird is a European company headquartered in Berlin, Germany. Hence this might interest local European companies looking for local networking platforms.<p>Eighth, NetBird joined the CISPA Helmholtz Center for Information Security incubator - the #1 cybersecurity research university. The program gives us direct access to cutting-edge research that we will use to optimize the technology.
https://cispa.de/en<p>Bottom line. Our open-source platform aims to simplify the complexity of IT infrastructure and networks through an automated p2p connectivity model that bypasses the gateways commonly used in traditional perimeter-based Virtual Private Networks (VPNs).<p>We will use the funding to develop the technology further and make it available across other platforms, including mobile, serverless, and others.<p>Check it out at https://netbird.io/<p>Cheers,
Misha & Maycon