The purpose of this list is to track and compare tunneling solutions. This is primarily targeting toward developers and self-hosters who want to do things like exposing a local webserver via a public address.

The dream

I started this list because I'm looking for a simple tool/service that does the following:

• Allows me to register a domain name and set the records to point it at the server.
• Automatically sets up HTTPS (apex and wildcard) for the domain.
• Provides a client tool that tunnels TCP connects through the server without requiring root on the client.
• Provides a web interface to allow me to map X domain/subdomain to Y port on Z client, and proxy all connections to that domain.

So far I haven't found it.

The list

Open source

• frp - Seems to be a pretty comprehensive open alternative to ngrok.
• ngrok 1.0 - Original version of ngrok. No longer developed in favor of the commercial 2.0 version.
• localtunnel - Written in node. Popular suggestion.
• inlets - Open source ngrok alternative. Has pro option.
• sshuttle - Open source project originally from one of the founders of Tailscale. Server doesn't require root; client does. Explicitly designed to avoid TCP-over-TCP issues.
• chisel - Another HTTPS+SSH option.
• expose - ngrok alternative written in PHP.
• teleconsole - SSH-based, but uses special client script. Focused on forwarding SSH console sessions, but can also forward ports.
• go-http-tunnel - Uses a single HTTP/2 connection for muxing. Need to manually generate certs for server and clients.
• sish - Open source ngrok/serveo alternative. SSH-based but uses a custom server written in Go. Supports WebSocket tunneling.
• PageKite - Comprehensive open source solution with hosted options.
• slt - Open source TLS proxy from the creator of ngrok. Supports SNI.
• tunneller - Open source. Written in Go.
• jprq - Another home-grown Golang solution. Proxies over WebSockets.
• docker-tunnel - Simple Docker-based nginx+SSH solution.
• holepunch.io - Has nice hosted solution. Uses SSH for muxing.
• tnnlink - SSH-based. Golang. Not maintained.
• StaqLab Tunnel - SSH-based. Client is open source. Server doesn't appear to be.
• Telebit - Written in JS. Code.

Commerical/Closed source

• ngrok 2.0 - Probably the gold standard and most popular. Closed source. Lots of features, including TLS and TCP tunnels. Doesn't require root to run client.
• CloudFlare Argo Tunnel - $5/mo + $0.1/GB. Integrates with Argo smart routing. Client source code is available.
• serveo - Mentioned quite a bit the last couple years, but appears to be down currently. Simply uses SSH for tunneling.
• Tailscale - Built on WireGuard. Closed source. Easy to use. Doesn't include an HTTPS proxy on the public side, but could be combined with nginx/Caddy/etc.

Blog posts

• Roll your own Ngrok with Nginx, Letsencrypt, and SSH reverse tunnelling
• Poor man's ngrok with tcp proxy and ssh reverse tunnel
• How I built Ngrok Alternative (jprq)

Discussions

• HN comment about needing Namecheap + CloudFlare + ngrok.