Zero-Config Multi-Site Network Mesh Manager
0
Seamlessly connect your home labs, cloud services, and self-hosted apps across multiple sites with automatic DNS, routing, and reverse proxy configuration.
Added Feb 19, 2026
6 signals
The Problem
Homelabbers and self-hosters struggle to interconnect services across multiple networks—home LANs, school labs, cloud VPCs, and VPS instances—especially behind NAT or CGNAT. Setting up proper inter-site routing, DNS resolution for internal services, reverse proxies for public exposure, and subdomain management requires juggling multiple complex tools (Tailscale, CoreDNS, Nginx, Cloudflare tunnels) with fragile, manual configurations that break easily.
Potential Solution
A unified network mesh appliance (lightweight agent or VM image) that auto-discovers services across sites, establishes encrypted WireGuard tunnels between locations, configures DNS resolution so services can find each other by name, and generates reverse proxy rules for public-facing services—all from a single dashboard. Users define their sites and services once, and the tool handles routing, certificate management, split-DNS, and subdomain allocation under a single domain.
Why Now?
The explosion of self-hosting driven by privacy concerns (e.g., Discord exodus to Matrix) and affordable mini-PCs has created a wave of multi-site homelabbers who need enterprise-grade networking without enterprise complexity. Existing overlay networks like Tailscale solve point-to-point access but leave gaps in site-to-site routing, service discovery, and public exposure.
How much can I host under one domain? (Multiple services with one main domain
So I want to host a few services but don't want to buy multiple domains. I'm wondering if (with subdomains and proxies) could I use one domain for all of it The services I want to host are: A Minecraft proxy so I only need one port open A reverse proxy with a matrix server and a jellyfin server behind it And an email provider server (could that also be behind the reverse proxy?) and if so how many ports would I need in total open?
What is everyone's traceroute for 192.168.200.101?
I mean, it's internal. It should just die, right? On 3 different types of Internet connections it will respond to pings and resolve to: `et‑0‑0‑59‑10.cr11‑dal3.ip4.gtt.net` is a **router‑interface hostname** inside **GTT’s global IP backbone network**, specifically in Dallas (`dal3`)
Accessing CloudMap URL from a lambda
I am setting up some ECS Fargate tasks using CloudMap, one of which is an API and in the service connect configuration, I am giving it a DNS name of "my-api". The CloudMap namespace name is "internal.local". I want to be able to access the API from within a lambda using my-api.internal.local:8080. I am able to fetch from within the lambda if I use the private IP address of the task, but I get ENOTFOUND if I try to use the DNS name. Is it possible to use the DNS name without using the Service Discovery API? My code looks something like this: CDK code: ``` const cluster = new ecs.Cluster(this, "MyECSCluster", { vpc, clusterName: "my-cluster", containerInsightsV2: ecs.ContainerInsights.ENABLED, defaultCloudMapNamespace: { name: "internal.local", // The DNS name for your namespace type: serviceDiscovery.NamespaceType.DNS_PRIVATE, useForServiceConnect: true, }, }); ... this.appService = new ecs.FargateService(this, "MyFargateService", { cluster, serviceName: "my-api-service", taskDefinition: taskDefinition, // def. omitted assignPublicIp: false, desiredCount, enableExecuteCommand: true, securityGroups: [privateSG], serviceConnectConfiguration: { services: [ { portMappingName: "my-api", dnsName: "my-api", port: 8080, }, ], }, }); ``` The lambda code looks something like this: ``` const handler = async (event) => { const response = await fetch('http://my-api.internal.local:8080'); const result = await response.json(); console.log(result); } ``` The lambda resides in the same VPC and security group that the ECS cluster does.
Exposing Self Hosted Services
I wanted to get some input on my thought process for exposing my services. I've got a main server running Promox with a few VMs including truenas, which has my arr stack in it. I've been happy to use tailscale for the time being as its only me and one or two friends accessing offsite so its been easily to manage. However with the Discord news I was asked to build a Matrix server to replace our moderately sized Discord server. Our larger friend group has about 15-20 active server members, so getting them to all commit to tailscale is a non-starter. I started on the process and got some basics up and running but my ISP sucks and changes my IP regularly. My first go to was to implement cloudflare tunnels, but after some research it seems that VOIP can be difficult/won't work with tunnels. My next thought was to purchase a super cheap VPS install Caddy and tailscale, and use that to proxy traffic back to my homelab without having to expose any ports locally or rely on my home IP. Thoughts?
coredns question
hi everyone, I have the following custom server for coredns: ``` --- apiVersion: v1 kind: ConfigMap metadata: name: coredns-custom namespace: kube-system data: custom.server: | custom-domain.tld:10953 { log errors cache 30 health forward . 192.168.10.20:10953 } ``` however, when I try to resolve against names that I would expect to work, I don't. am I missing something? ETA: I fixed it after I realized I had the port in the server set to 10953 (the actual server is listening on that port) thanks!
+9 more signals