Sign up to save your podcasts
Or
Share Firezone and Zero-Trust Network Security with Thomas Eizinger
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Firezone and Zero-Trust Network Security with Thomas Eizinger
episode 19 — Firezone and Zero-Trust Network Security with Thomas Eizinger.
In this episode of Netstack.fm, Glen talks with Thomas Eizinger from Firezone about designing a zero trust enterprise VPN built on top of WireGuard. They break down how modern VPNs work in practice, covering virtual network adapters, split tunneling, DNS interception, policy based access, and secure packet routing using WireGuard, ICE, and TURN relays.
The discussion highlights how Firezone differs from legacy VPNs by focusing on performance, reliability, and minimal user friction, while also touching on the role of Rust and Elixir in Firezone’s architecture and the long term importance of IPv6 adoption.
Learn more:
- https://github.com/firezone/firezone — Firezone main repository
- https://github.com/firezone/firezone/tree/main/rust/relay/ebpf-turn-router — Firezone eBPF in kernel relay router
- https://www.firezone.dev/kb/architecture/critical-sequences#detailed-connection-setup — Firezone Connection Setup
- https://www.wireguard.com/papers/wireguard.pdf — WireGuard whitepaper
- https://github.com/firezone/boringtun — Firezone fork of boringtun user space WireGuard
- https://www.rfc-editor.org/rfc/rfc8656 — TURN RFC 8656
- https://x.com/firezonehq — Firezone on X
- https://x.com/oetzn — Thomas Eizinger on X
- https://hachyderm.io/@wheezle — Thomas Eizinger on Mastodon
- https://github.com/thomaseizinger — Thomas Eizinger on GitHub
Rama
If you like this podcast you might also like our modular network framework in Rust: https://ramaproxy.org
Chapters
- 00:00 Intro
- 00:42 Introduction to Thomas Eizinger
- 05:19 Firezone's Turn implementation
- 11:00 Understanding VPNs and Firezone's Approach
- 29:27 Legacy VPNs vs. Firezone: A New Era of Networking
- 36:19 Firezone is opensource
- 37:27 Zero-Trust VPNs
- 40:28 What is WireGuard
- 43:36 Firezone's Integration with WireGuard
- 50:19 Handling Connection Failures
- 58:00 Geolocation and Relay Selection
- 01:04:45 Elixir Developer Experience (DX)
- 01:10:19 IPv6 Adoption and Future Considerations
- 01:15:03 Outro
Netstack.FM
- More information: https://netstack.fm/#episode-19
- Join our Discord: https://discord.gg/29EetaSYCD
- Reach out to us: [email protected]
Music for this episode was composed by Dj Mailbox. Listen to his music at https://on.soundcloud.com/4MRyPSNj8FZoVGpytj
View all episodes
By Plabayo BVepisode 19 — Firezone and Zero-Trust Network Security with Thomas Eizinger.
In this episode of Netstack.fm, Glen talks with Thomas Eizinger from Firezone about designing a zero trust enterprise VPN built on top of WireGuard. They break down how modern VPNs work in practice, covering virtual network adapters, split tunneling, DNS interception, policy based access, and secure packet routing using WireGuard, ICE, and TURN relays.
The discussion highlights how Firezone differs from legacy VPNs by focusing on performance, reliability, and minimal user friction, while also touching on the role of Rust and Elixir in Firezone’s architecture and the long term importance of IPv6 adoption.
Learn more:
- https://github.com/firezone/firezone — Firezone main repository
- https://github.com/firezone/firezone/tree/main/rust/relay/ebpf-turn-router — Firezone eBPF in kernel relay router
- https://www.firezone.dev/kb/architecture/critical-sequences#detailed-connection-setup — Firezone Connection Setup
- https://www.wireguard.com/papers/wireguard.pdf — WireGuard whitepaper
- https://github.com/firezone/boringtun — Firezone fork of boringtun user space WireGuard
- https://www.rfc-editor.org/rfc/rfc8656 — TURN RFC 8656
- https://x.com/firezonehq — Firezone on X
- https://x.com/oetzn — Thomas Eizinger on X
- https://hachyderm.io/@wheezle — Thomas Eizinger on Mastodon
- https://github.com/thomaseizinger — Thomas Eizinger on GitHub
Rama
If you like this podcast you might also like our modular network framework in Rust: https://ramaproxy.org
Chapters
- 00:00 Intro
- 00:42 Introduction to Thomas Eizinger
- 05:19 Firezone's Turn implementation
- 11:00 Understanding VPNs and Firezone's Approach
- 29:27 Legacy VPNs vs. Firezone: A New Era of Networking
- 36:19 Firezone is opensource
- 37:27 Zero-Trust VPNs
- 40:28 What is WireGuard
- 43:36 Firezone's Integration with WireGuard
- 50:19 Handling Connection Failures
- 58:00 Geolocation and Relay Selection
- 01:04:45 Elixir Developer Experience (DX)
- 01:10:19 IPv6 Adoption and Future Considerations
- 01:15:03 Outro
Netstack.FM
- More information: https://netstack.fm/#episode-19
- Join our Discord: https://discord.gg/29EetaSYCD
- Reach out to us: [email protected]
Music for this episode was composed by Dj Mailbox. Listen to his music at https://on.soundcloud.com/4MRyPSNj8FZoVGpytj