Wireguard / tailscale or similar vpn should be fine?
I've toyed with tailscale and ZeroTierOne - both should work fine with Bonjour/zeroconf if you need it - and handle routing (using lan when devices are on same net, routing over the internet when not).
There's also Nebula from slack (but I've not tried it).
Would love to see tailscale work with kernel wireguard clients (for better performance) - AFAIK today you'll have to pick one: easy setup with smart routing (ZeroTierOne / nebula / tailscale) - or - best in class performance with kernel space wireguard.
I've toyed with tailscale and ZeroTierOne - both should work fine with Bonjour/zeroconf if you need it - and handle routing (using lan when devices are on same net, routing over the internet when not).
There's also Nebula from slack (but I've not tried it).
Would love to see tailscale work with kernel wireguard clients (for better performance) - AFAIK today you'll have to pick one: easy setup with smart routing (ZeroTierOne / nebula / tailscale) - or - best in class performance with kernel space wireguard.