Firezone and Zero-Trust Network Security with Thomas Eizinger

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/c8/b7/bf/c8b7bf5b-e07b-d311-66bf-82adb0e060e4/mza_11183718116199647259.jpeg/600x600bb.jpg

netstack.fm

Plabayo BV

20 episodes

5 days ago

A podcast about networking, Rust, and everything in between. Join us as we explore the stack: from protocols and packet flows to the people and projects building the modern internet — all through the lens of Rust. Featuring deep dives, crate spotlights, and expert interviews.

Technology

RSS

All content for netstack.fm is the property of Plabayo BV and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://hosting-media.rs-prod.riverside.fm/media/podcasts/874b786e-9d30-4991-9787-f0ef69593261/logos/a8ace878-ac40-4a7e-8470-d56fe5cc79dc.jpeg

Firezone and Zero-Trust Network Security with Thomas Eizinger

netstack.fm

1 hour 16 minutes 2 seconds

2 weeks ago

Firezone and Zero-Trust Network Security with Thomas Eizinger

episode 19 — Firezone and Zero-Trust Network Security with Thomas Eizinger.

In this episode of Netstack.fm, Glen talks with Thomas Eizinger from Firezone about designing a zero trust enterprise VPN built on top of WireGuard. They break down how modern VPNs work in practice, covering virtual network adapters, split tunneling, DNS interception, policy based access, and secure packet routing using WireGuard, ICE, and TURN relays.

The discussion highlights how Firezone differs from legacy VPNs by focusing on performance, reliability, and minimal user friction, while also touching on the role of Rust and Elixir in Firezone’s architecture and the long term importance of IPv6 adoption.

Learn more:

https://github.com/firezone/firezone — Firezone main repository
https://github.com/firezone/firezone/tree/main/rust/relay/ebpf-turn-router — Firezone eBPF in kernel relay router
https://www.firezone.dev/kb/architecture/critical-sequences#detailed-connection-setup — Firezone Connection Setup
https://www.wireguard.com/papers/wireguard.pdf — WireGuard whitepaper
https://github.com/firezone/boringtun — Firezone fork of boringtun user space WireGuard
https://www.rfc-editor.org/rfc/rfc8656 — TURN RFC 8656
https://x.com/firezonehq — Firezone on X
https://x.com/oetzn — Thomas Eizinger on X
https://hachyderm.io/@wheezle — Thomas Eizinger on Mastodon
https://github.com/thomaseizinger — Thomas Eizinger on GitHub

Rama

If you like this podcast you might also like our modular network framework in Rust: https://ramaproxy.org

Chapters

00:00 Intro
00:42 Introduction to Thomas Eizinger
05:19 Firezone's Turn implementation
11:00 Understanding VPNs and Firezone's Approach
29:27 Legacy VPNs vs. Firezone: A New Era of Networking
36:19 Firezone is opensource
37:27 Zero-Trust VPNs
40:28 What is WireGuard
43:36 Firezone's Integration with WireGuard
50:19 Handling Connection Failures
58:00 Geolocation and Relay Selection
01:04:45 Elixir Developer Experience (DX)
01:10:19 IPv6 Adoption and Future Considerations
01:15:03 Outro

Netstack.FM

More information: https://netstack.fm/#episode-19
Join our Discord: https://discord.gg/29EetaSYCD
Reach out to us: hello@netstack.fm

Music for this episode was composed by Dj Mailbox. Listen to his music at https://on.soundcloud.com/4MRyPSNj8FZoVGpytj