Back

@eludom AFAIK there is no gateway from clearnet into Yggdrasil. However, #Yggdrasil appears as just another interface on the box - tun0 by default. A public webserver that listens on port 80 would be instantly accessible both places. There is something of a convention of prepending "y." before a domain name for an Yggdrasil in-net version.

In the other direction, at least one person operates a public proxy from Yggdrasil out. And of course, the entire thing can run atop current Internet.

@jgoerzen So it's an isolated overlay. Fine for Geeks and privacy nerds who want a place to play, but not going mainstream (maybe a Good Thing) any time soon.

@eludom Not necessarily wrong.. .But, the only way progress is going to happen is if the geeks adopt it first. Whatever your opinion on Blockchain, I heard the exact same things at the beginning and now it's pretty big. I'm using it, not necessarily for privacy reasons, but for utilitarian and decentralization reasons. The more people jump aboard these ships, the more we can start to re-democratize the Internet.

@jgoerzen I ran cjdns on several of my machines, and a cjdns service on a VPS to provide an "infrastructure" node, for this very reason for a number of years.
I have since abandoned that for practical reasons (I was not keeping up with the network news, and it was changing rather fast at the time), but in general I am in support of this kind of effort.

It's hard to trust a service like this on an important machine, though.

@elb Totally got it, and am with you on that. I modified the systemd service file so it runs as a non-root user and have it heavily firewalled.

Incidentally, tinc has some similarities but is specifically targeting only private installations (no global network there). Yggdrasil can be used as a private VPN also but obviously it's targeting bigger things.