I find myself a bit confused, as I’m not an expert in this field. I’m looking for advice on what to use: ZeroTier, HeadScale, or Netmaker. My goal is to place my services behind a VPN for added security. I’m wondering which of these options is better and more secure. Is it worth comparing Netmaker to HeadScale and ZeroTier, or are they best suited for different purposes? If I opt for ZeroTier, is self-hosting a better choice, or should I go with their free plan?
I tried netmaker, nebula, and ended up using netbird. My issue with all the others was traversing my corporate network. Netmaker and Nebula UDP hole punching failed while Netbird just did it without issues by relying on coturn.
I did not test headscale, which could have worked by using DERP relays, because user space wireguard on Linux clients and registry editing to make the client work on Windows are a setback for me. Also, access control is far less user friendly with respect to what netmaker and netbird developed.
The only thing to know before selfhosting netbird is that it requires an identity provider, zitadel as installed by default or any other selfhostable solutions take a lot of resources so if running on a base VPS one should look instead for a managed IDP.