Solution · Infrastructure
Unite every server, laptop, and service under one private address space
Replace a patchwork of VPNs, SSH tunnels, and bastion hosts with a unified mesh network. Every node — cloud, on-prem, or laptop — gets a persistent private IP and talks directly to any other node.
100.64
private address range
P2P
direct node-to-node tunnels
MagicDNS
hostname routing built-in
The problem
Your infrastructure is a patchwork quilt
Production lives in AWS. Staging is on bare metal. Developer laptops are behind CGNAT. Getting everything to talk requires a different hack for every pair.
SSH tunnels and port-forward scripts checked into repos
Bastion hosts that become critical infrastructure bottlenecks
Split-brain DNS — different hostnames depending on where you are
Every new service requires a new firewall exception
How Rabtly helps
One mesh. Every node. One hostname.
True mesh topology
Every node can reach every other node directly — no traffic hub, no single point of failure. If a relay fails, peers reconnect peer-to-peer.
Persistent private IPs
Each node gets a stable `100.64.x.x` address that never changes, even when the underlying public IP rotates.
MagicDNS hostname routing
Reach any node by hostname: `db.mesh`, `api.mesh`, `grafana.mesh`. No /etc/hosts files, no manual DNS config.
Works everywhere
Cloud VMs, bare metal, Docker containers, Raspberry Pis, developer laptops — if it runs Linux or macOS, it can join the mesh.
Getting started
How it works
Deploy Rabtly
Rabtly Cloud in 2 minutes, or self-hosted with `docker compose up` in 5.
Enroll every node
Run `rabtly up` on each server, VM, and laptop. Each gets a persistent mesh IP.
Set ACL policies
Default-deny means nothing is reachable without an explicit rule — zero implicit trust.
Remove the patchwork
Turn off your bastion, delete the SSH tunnels, close the legacy VPN. The mesh replaces them all.
Replace your entire access stack with one mesh
Start free, scale as you grow.