// Engineering Log
090 | ZeroTier and NetBird: When a Mesh Network Is Needed Here and Now
Published on 2025-08-22
// Fast route
This article belongs to the topic Networking and routing.
When Zero-config VPN Means More Than Just Tailscale
Although Tailscale has become the benchmark for simplicity, it’s not the only player in the Zero-config VPN field. ZeroTier and NetBird offer similar functionality but with important architectural and ideological differences.
ZeroTier: A Virtual Ethernet Switch
ZeroTier is one of the first and most well-known services implementing the mesh network concept. It works on the principle of a virtual local network. Instead of relying on the WireGuard protocol, ZeroTier uses its own protocol and creates a virtual L2 switch (Layer 2) that unites all devices into a single local network. Each device gets an IP address from a virtual subnet and can “see” other devices as if they were connected to the same physical switch.
Pros:
- Reliability: The ZeroTier protocol works through any firewalls and NAT.
- Flexibility: Allows you to create separate networks for different tasks.
- Stability: A mature and time-tested project.
Cons:
- Performance: ZeroTier’s custom protocol is usually slower than WireGuard.
- Complexity: Setting up L2 networks may feel unusual for those accustomed to classic routing.
NetBird: Open-source and Full Control
NetBird is a relatively new but actively developing open-source project built on top of WireGuard. Its main advantage is the ability to self-host.
NetBird consists of two parts:
- Client: An application installed on the device (similar to Tailscale).
- Control Plane server: You can use the cloud version like Tailscale or deploy your own server on a VPS.
Pros:
- Full control: You own the data and infrastructure. Critical for those who don’t trust third-party services.
- WireGuard: Uses the proven, fast WireGuard protocol.
- Clear architecture: Working with NetBird helps you better understand how WireGuard-based mesh networks function.
Cons:
- Setup complexity: Deploying your own control server requires some knowledge.
- Less mature: Compared to ZeroTier and Tailscale, it’s a younger project.
Comparison: The Choice Depends on the Task
| Service | Base Protocol | Core Value | Use Case |
|---|---|---|---|
| Tailscale | WireGuard | Simplicity. Works “out of the box.” | For those who value time and don’t want to deal with configurations. Ideal for everyday users. |
| ZeroTier | Custom | Virtual L2 network. Flexibility. | For IoT devices, complex networks where a transparent local network is needed. |
| NetBird | WireGuard | Self-hosting. Full control. | For companies and tech enthusiasts who want to own their infrastructure. |
Conclusion
The choice between Tailscale, ZeroTier, and NetBird depends on your priorities. If you need maximum simplicity — choose Tailscale. If you want flexibility and L2 networks — ZeroTier. If full control and an open-source solution matter most — NetBird.
In the next and final article of this series, we’ll show you how to create your own Tailscale alternative using Headscale and set up “pure” WireGuard to gain complete control over your network.
// Similar task
If you are dealing with something similar
This article belongs to one of the main working topics. You can keep reading on the topic, go to the homepage to understand what I do, or open the service pages directly.
Article topic
Networking and routing
MikroTik, VPN, routing, DNS, BGP, connectivity, and access troubleshooting.
Typical tasks behind this topic
- Set up VPN and secure access to office or cloud
- Fix routing, DNS, or unstable connectivity
- Configure MikroTik, firewall, and external links
// Next step
If you need help with this topic, not just another article, it is better to go straight to the service page. The homepage and topic collection stay available as secondary routes.
Open services// Reviews
Related reviews
Huge thanks to Mikhail for the work — I'm very pleased with the result. Special thanks for his recommendations during setup: from my rather muddled brief (I know little about servers), Mikhail, through clarifying questions and suggestions, formed a clear understanding of what the final build would accomplish and how best to organize everything. I recommend him!
Many thanks to Mikhail for the work, I am very pleased with the result. I especially thank him for the recommendations during the setup process — from my rather muddled brief (and I know little about servers) Mikhail, …
MikroTik hAP router setup. I'll set up a MikroTik Wi‑Fi router for you.
2025-07-21 · ★ 5/5
An excellent specialist, a savvy expert, and a wonderful person. In an hour he fixed what we'd been racking our brains over for days! I'm sure this won't be the last time we rely on his boundless professionalism.
An excellent specialist, a savvy expert, and a wonderful person. In an hour he fixed for us what we had been scratching our heads over for days! I'm sure this won't be the first time we make use of his boundless …
MikroTik hAP router setup. I'll configure a MikroTik Wi-Fi router for you.
2025-05-28 · ★ 5/5
A professional approach to the job!
Professional approach to the job!
MikroTik hAP router setup. I'll set up a MikroTik Wi-Fi router for you.
2025-03-31 · ★ 5/5
Knows their stuff, gets things done. Everything was prompt and to the point; I was satisfied with the collaboration.
Knows, can, does. Everything was prompt and to the point; I was satisfied with the collaboration.
MikroTik hAP router setup. I'll set up a MikroTik Wi‑Fi router for you.
2025-03-14 · ★ 5/5
Thanks! We set up the router according to my technical specification, with a full explanation of what we're doing.
Thank you! The router was configured according to my technical specification, with a full explanation of what we are doing
MikroTik hAP router setup. I'll configure a MikroTik Wi‑Fi router for you.
2025-03-09 · ★ 5/5
Everything's great! Thanks! I recommend it.
Everything's great! Thank you! I recommend it
// Contact
Need help?
Get in touch with me and I'll help solve the problem
// Related