I wonder how developers at Tailscale, Zoom, the Google Meet team, etc. test restrictive firewall and NAT scenarios in their office or, these days, home-office environments. Do they get cheap routers with OpenWrt or the like to emulate the external firewall products that corporate IT types use? Do they buy those actual firewall appliances? Do they set up a virtual network on their workstation inside VMware or the like? Something else?
@matt You can set up arbitrarily complicated network configurations on a single Linux box using network namespaces. For the purposes of networking, each network namespace is essentially a distinct device. You can "wire" them together using veth (virtual Ethernet) and a bridge (virtual switch)
Then if you know what the restrictive firewall looks like, you can emulate it without bothering with the proprietary router box, bespoke config, etc
Though, Tailscale probably affords to use the real deal