Great interview, I think I have been using Tailscale about as long as Wendell has and I have referenced that "How NAT traversal works" many times as a great way to better understand the complexity behind making Tailscale seem like "magic"
Use Tailscale for my home server, no ports to open, no complex configuration. Just fire it up and log in and it works, for free! Outstanding piece of software
Have been avoiding Tailscale for a while since I thought it sounded too good to be true. I finally caved in early this year and tried it… and yes it just works. Love it.
I just added a Tailscale exit node to my homelab yesterday, and it has become hands down my most useful tool of all my systems. Great tool, can never go back!
This is some insane timing, I've been spending all day reading the TailScale documentation! Then I open RUclips and this is the very first thing I see! I think the universe is telling me something.
@chaemelion I thought so at first, but I was on a work PC reading the docs completely detached from my phone with RUclips, from a different IP, location, and account. If it was the algorithm, they're doing some damn clever data association.
@@zeppelins4ever I don't doubt they do exactly that. I've had some very similar experiences. I wouldn't put it past Google to analyze visits to a website associated with an advertisement client of theirs, and bump that content suggestion a few points for related public IPs by common current or historical clients, by location (again, by IP or otherwise), etc..
I've actually used Tailscale before! Tailscale is awesome if you just want to connect computers. But it's kind of sad that we need something like Tailscale to replace IPv4 instead of having just IPv6 and E2E encryption by default everywhere.
Same here. I hadn't been able to get my head around Tailscale before but this video made everything click. I'm just a personal user so they won't make much money from me right now, but at least I can be an evangelist now. 😀
How is this not just another VPN? Genuine question. The word "VPN" is not mentioned even once in the interview but their site's title is "Best VPN Service for Secure Networks"
@Level1Techs would it be possible to use IPSec to encrypt connections at the internet level instead of using TLS on the transport level like HTTPS does so that P2P encryption is not reliant on the transfer protocol.
Wendel, please add a video on using an exit node with Ring cameras! The statement that everyone can see my footage freaked me out more than a little bit!! 😮
Tailscale has been great for years - set it up on my dad's machine as an exit node and my homelab also as an exit node. If I need to change something on his network (e.g. change his inverter parameters), I just activate his machine as a exit node and do what I need to. Easily run nightly backups of all his most important files e.g. .docx, .pptx, .xlsx, .pdf etc. on his machine to my homelab. I wish the ACLS were more easily editable by non-technical people through the web GUI but maybe one day that'll be added. Think if the video streaming platforms get more aggressive in enforcing family accounts must all live together, tailscale would be my go-to solution for that too.
Been using it for a while and found out my company uses it internally on some teams too. Really nice way of providing a lot of customisability while having the kind of UX where it’s easy to use for personal use.
I've only been using tailscale for a few months and it's awesome. No matter what I tried, I could never get wireguard to work and it was the only thing that got past the double nat and my ISPs cg-nat. Exit node for me is my pfsense router so I can see my server, cameras - everything on my home network. Yes, it just works and yes, just 5 minutes to set up.
I literally downloaded and set up tailscale on my Linux and Android device while I was watching this video. Amazing ! will be definitely sharing this video.
I use and enjoy Tailscale but I would like to see a bit of discussion of alternatives, Netbird, Nebula, ZeroTier etc. It just kind of bothers me that using Tailscale means either trusting their infrastructure for key exchange, or running Headscale, the latter of which doesn't seem to really be considered stable and has unclear security properties (whereas at least Netbird and Nebula let you host the direct enterprise code to run your own backend rather than a reverse engineered host, even if Headscale is written with Tailscale's blessing it's still reverse engineered)
I tried Netbird first but I couldn't get it to work, switched to tailscale so easy. I'm using it with the unraid plugin. So even if my server reboots for whatever reason, I do not need to hope my docker container starts up correctly.
One of the devs putting in a bunch of work on headscale, is employed by tailscale. They've got a nice article on why it didn't make sense to just release the headend source as-is.
Ok this all sounds good... BUT... why do I need a google, microsoft or apple account to use tailscale? I thought the purpose was to being able to avoid these companies! I have recently put an effort of de-googleing my digital life and thinking Tailscale would be a nice addition, was I wrong?
This seems like an awesome idea, but how do we run it locally? relying on tailscale's admin interface and key exchange is just yet one more cloud provider. is this FOSS? can we spin it up on our own servers?
So this guy is basically doing a "do not cite the deep magic to me, witch. I was there when it was written" to the big tech companies when it comes to basic networking and FTP.
Been using Tailscale for years now; I have VPN internet gateways in GCP and AWS, and use Tailscale to choose which one I wish to access the internet from on all my devices. An example; I have my web server hosting the Ollama UI in GCP. The computer running the model is in my house. I can run the model using the UI, on my phone. Anywhere in the world. It’s absolutely rad. On top of that any device on the tailnet is served DNS from a pihole I have running in docker
It'd be cool if you could interview the ZeroTier guys, they did most of this stuff before wireguard was a thing. The result is more of an integrated whole rather than a control layer on top of wireguard. Besides that their all-in-one binary hosts all functionality (controller, root servers and end nodes) besides the web portal. The "controller" or "control server" in tailscale is closed source, so if it wasn't for the headscale project we'd be stuck with tailscale as the single provider and authority over what and who enters the network.
I have a laptop 'server' running a large number of services using proxmox with tailscale for networking. Besides having to have a VPN connection and remembering to shut it down while i'm on the same LAN back home to reduce latency and bottlenecks (which already barely exist) it works as if everything is just a public website instead of * my own jerryrigged laptop masquarading as a server, behind a flimsy 1gbit router *
Yeah, but it takes time, money and a long-term interruption to migrate to IPv6. Perhaps if there were a GLOBAL internet outage for 1 day, the world could FINALLY shift over to IPv6.
Luckily my ISP gives a public IP on my connection so I can just open ports for things when needed. That said my only ISP option here is centurylink and their DSL is quite slow even if we’re talking internet speeds 10 years ago. I could go and get myself Starlink but their monthly pricing is still a tough sell. Still it’s nice to know that if I go Starlink or another new ISP arrives and goes CGNAT I can use this to run NAS and servers.
Sounds cool! I'm still in a bit of configuration hell with my setup. Got my home network all set, couple of basic services (plex, torrents, vpn access) and recently added VPN... still trying to figure out how to get the ports open correctly without being completely in the open... would this be able to help?
Owh no.. Limited by the amount of users. And then you need to pay again. And maybe it's cheap now. But you know how it goes, this will increase in price over time. The internet we use today became big because it's free (aside from the isp and physical media).
I don't like the notion of "You don't need to secure your Wordpress instance because it's behind a VPN". There are many security scenarios where this will still get you in the end. Tailscale might help prevent access from the entire internet, but not to all other people. Imagine if you had an ex-employee that left the company, but still has login credentials. Or one of your client computers is compromised, giving whoever access to your vulnerable Wordpress instance. You really can't get away from updating often.
if your setup is simply a site-to-site tunnel, then yes, just a simple straight up wireguard is supperior, EXCEPT if you CAN connect the 2 locations. Some places have double router setups and it become impossible to set something like that up.
So if the "firewall" is distributed among the nodes, and nodes can be scattered globally, then wouldn't bandwidth-intensive operations be unnecessarily slowed to a crawl as a simple large file transfer between two geographically close clients would be distributed across (potentially) the whole globe, inducing large amounts of latency in the process?
The notion of wireless being faster than wired seems alien to me. Hooking up a 25ft patch cable to an ethernet over power adapter is leagues better than trying to use wifi through three walls.
This sounds good, but then you make yourself dependent on some cloud service for the key exchange part. Which I don't like. If since learned about headscale which enables that part as self-hosted. So that's even nicer.
How does tailscale get around the NAT? Synology for example will connect your laptop to your NAS over the net but that requires software for each device to talk to a synology server first. The NAS and the laptop independently talk to the synology server. The synology server then looks at the packets and pulls the port info and allows the laptop to talk to the NAS by crafting an IP packet with the correct incoming/outgoing ports to get around the NAT. Does tailscale open new ports as well through UPNP? [EDIT] OOPS, I should have waited till 14:39 but there were no details.
One thing I'd like is for on my phone, the client that keeps Nextcloud autosynced and whatever else I decide to go through Tailscale to reach my network but regular stuff not to, and with minimal battery impact. Can Tailscale do this? At the moment I've just got my own domain and am open port that forwards to my reverse proxy.
If you don't point your phone to an exit node, what you want is already the default tailscale behaviour. Your traffic to the wider Internet still goes straight out without going through a tunnel, but there is a second subnet you can reach that magically has all of your devices on it. If you want to access devices in your home network that don't have tailscale and don't want to turn on an exit node (full tunnel ie normal self hosted vpn) you can set up your server to be a subnet router. My subnet router means that my nas (that doesn't have tailscale on it) is always accessible to me by it's local ip no matter what network I'm on
@ Thanks for the info. I’m meaning to migrate my setup from being on my NAS to being on a MS-01 Proxmox VM / LXC and using the NAS shares over NFS for storage, while migrating from swag to traefik. I guess I’ll look into using Tailscale while I’m at it.
Love Tailscale but you both hand-waved at the scenario where “my” Tailscale instance can be used to exfil data from someone else’s (e.g. “Corporate”) network very very easily. Especially if that entity implicitly trusts Tailscale traffic because they also use it. Unless I’m missing something Tailscale has no ACL that says “only allow these Tailnets when sourced from this public IP [range-s]. Touting ACLs inside various Tailnets that can’t block an unauthorized user from running Tailscale from your network - isn’t the solution the example the fictitious corporate firewall manager wants in his example.
I love tailscale, but I'm worried about generalized usage if it grows too much and it is used by ignirant people. Think about this: - you use it in your mother's house on her laptop to access your home pc (which has your media library...). - A friend of your mother (who you dont even know) did exactly the same thing in your mothers laptop a week ago - If the computer of this 3rd person (or somebody else on its own tsilscale network) was compromised by virus and malware, now your home pc can also be compromised
It's not completely magic, it wasted me a couple of hours because it doesn't work with quite a few LAN games for some reason I forgot while a similar software instantly worked for those without any hiccup. Edit: I think it was broadcast/multicast, I think wake on lan didn't work either
Engineer for over 40 years. - I never post. This is my first ever. . This is a great idea except for 1 thing. I have to log into some remote site to allow me to operate this thing. That is a 0 go for me. As I trust nobody. . I was hoping a lot for this magic bullet where I configure from one site to the next with no other external part ever in the process. . I hope I am wrong with what I understand. regards
7:00 - well, I assume that the WiFi will ultimately be wired into something that is even faster, right? So wired will always be faster than crappy consumer electronics devices... no surprise there...
Airdrop is hot, wet garbage. Airdrop works 50% of the time for me _and_ it takes SO long to set up _and_ I don't want to leave Airdrop enabled because of possible vulnerabilities.
Just tried downloading this and it's asking me for a login. This is strange for 2 reasons. 1. You need to give it a personal Google/Microsoft/Github/Apple account and that's a privacy issue. 2. You have an option to just input an email. Which, to me, sounds like you could use an account not tied to a service but it then redirects you to Google or Microsoft for example. It's not just an email/password login. I really wanted to use this but I do not understand why a login in is even necessary. You could just link nodes by sharing a private key for example. An account is not necessary at all. Hard pass.
Download here! tailscale.com/download
Read our article summary here: forum.level1techs.com/t/tailscale-interviewing-the-ceo-and-co-creator-avery-pennarun/220053
Thanks for watching! ~ Amber
have you heard of nostr
Great interview, I think I have been using Tailscale about as long as Wendell has and I have referenced that "How NAT traversal works" many times as a great way to better understand the complexity behind making Tailscale seem like "magic"
Use Tailscale for my home server, no ports to open, no complex configuration. Just fire it up and log in and it works, for free! Outstanding piece of software
Have been avoiding Tailscale for a while since I thought it sounded too good to be true. I finally caved in early this year and tried it… and yes it just works. Love it.
headscale.
I just added a Tailscale exit node to my homelab yesterday, and it has become hands down my most useful tool of all my systems. Great tool, can never go back!
"Every time you're going to the cloud, you're paying rent to somebody."
Perfect expression of how I've felt about cloud services for so long.
This is some insane timing, I've been spending all day reading the TailScale documentation! Then I open RUclips and this is the very first thing I see! I think the universe is telling me something.
Or the algorithm is. 😉
@chaemelion I thought so at first, but I was on a work PC reading the docs completely detached from my phone with RUclips, from a different IP, location, and account. If it was the algorithm, they're doing some damn clever data association.
@@zeppelins4ever I don't doubt they do exactly that. I've had some very similar experiences. I wouldn't put it past Google to analyze visits to a website associated with an advertisement client of theirs, and bump that content suggestion a few points for related public IPs by common current or historical clients, by location (again, by IP or otherwise), etc..
Yes to pay 10 dollars per month to them.
@@MelroyvandenBerg Or, now hear me out, I use the free version.
I've actually used Tailscale before! Tailscale is awesome if you just want to connect computers.
But it's kind of sad that we need something like Tailscale to replace IPv4 instead of having just IPv6 and E2E encryption by default everywhere.
Tailscale + Nextcloud is an actual lifechanging combination. You will feel like a wizard.
Ok, I didn't understand tailscale before this, but now I'm sold.
Same here. I hadn't been able to get my head around Tailscale before but this video made everything click. I'm just a personal user so they won't make much money from me right now, but at least I can be an evangelist now. 😀
Used tailscale for a couple of years and it just works. What a wonderful product!
Tailscale is an awesome product that has already revolutionized networking everywhere I know, simply because it's so simple to use.
How is this not just another VPN? Genuine question. The word "VPN" is not mentioned even once in the interview but their site's title is "Best VPN Service for Secure Networks"
full mesh. it's like a VPN but each point tries to talk directly to each other point unlike a VPN where all points connect centrally
@Level1Techs would it be possible to use IPSec to encrypt connections at the internet level instead of using TLS on the transport level like HTTPS does so that P2P encryption is not reliant on the transfer protocol.
@@Loanshark753 it would probably be better to check the official site instead of youtube comments
Wendel, please add a video on using an exit node with Ring cameras! The statement that everyone can see my footage freaked me out more than a little bit!! 😮
Tailscale has been great for years - set it up on my dad's machine as an exit node and my homelab also as an exit node. If I need to change something on his network (e.g. change his inverter parameters), I just activate his machine as a exit node and do what I need to. Easily run nightly backups of all his most important files e.g. .docx, .pptx, .xlsx, .pdf etc. on his machine to my homelab. I wish the ACLS were more easily editable by non-technical people through the web GUI but maybe one day that'll be added. Think if the video streaming platforms get more aggressive in enforcing family accounts must all live together, tailscale would be my go-to solution for that too.
Been using it for a while and found out my company uses it internally on some teams too. Really nice way of providing a lot of customisability while having the kind of UX where it’s easy to use for personal use.
I've only been using tailscale for a few months and it's awesome. No matter what I tried, I could never get wireguard to work and it was the only thing that got past the double nat and my ISPs cg-nat. Exit node for me is my pfsense router so I can see my server, cameras - everything on my home network. Yes, it just works and yes, just 5 minutes to set up.
I literally downloaded and set up tailscale on my Linux and Android device while I was watching this video. Amazing ! will be definitely sharing this video.
Fellow Canadian 👋🏼 🇨🇦 thanks for the great chat and amazing software!
Feels like Distracted Boyfriend meme. Holding Wireguard's hand while looking at Tailscale.
Tailscale uses wireguard internally. Wireguard is the core building block, Tailscale is a full-featured service.
I use and enjoy Tailscale but I would like to see a bit of discussion of alternatives, Netbird, Nebula, ZeroTier etc. It just kind of bothers me that using Tailscale means either trusting their infrastructure for key exchange, or running Headscale, the latter of which doesn't seem to really be considered stable and has unclear security properties (whereas at least Netbird and Nebula let you host the direct enterprise code to run your own backend rather than a reverse engineered host, even if Headscale is written with Tailscale's blessing it's still reverse engineered)
I'm currently exploring Headscale vs Nebula myself. Oh and now Netmaker, that one looks interesting.
I tried Netbird first but I couldn't get it to work, switched to tailscale so easy. I'm using it with the unraid plugin. So even if my server reboots for whatever reason, I do not need to hope my docker container starts up correctly.
One of the devs putting in a bunch of work on headscale, is employed by tailscale.
They've got a nice article on why it didn't make sense to just release the headend source as-is.
Add twingate to the list 😊
@@peegee101 Twingate is closed source and not self-hostable right? Only known because of paid sponsorships to a bunch of RUclipsrs.
This sounds absolutely incredible, I hate how most home labers have to rely so heavily on cloud flare. I cant wait to download and play around!
So how does the user count work? What does a user mean in this licensing model? Do you have to log in somewhere for it to work?
I love that WebVM integrated Tailscale to allow an in-browser Linux to be part of your own network as a full host 🤯
Tailscale user here. I love it. Great Work.
Ok this all sounds good... BUT... why do I need a google, microsoft or apple account to use tailscale? I thought the purpose was to being able to avoid these companies!
I have recently put an effort of de-googleing my digital life and thinking Tailscale would be a nice addition, was I wrong?
I may be wrong but I think headscale is what you’re after.
yeah i did a U-turn as soon as i saw that lol
just use wireguard frfr
It's an incredible application, love using it
This seems like an awesome idea, but how do we run it locally? relying on tailscale's admin interface and key exchange is just yet one more cloud provider. is this FOSS? can we spin it up on our own servers?
think you can self host it via: headscale
So this guy is basically doing a "do not cite the deep magic to me, witch. I was there when it was written" to the big tech companies when it comes to basic networking and FTP.
Reminds me of Hamachi about 15 years ago
Tailscale is just a fancy beginner friendly VPN but still cool tech.
Tailscale has completely changed how I access resources on my home network.
Looking forward to more Tailscale tutorials, thanks for the great work you do!
Great video! Thank you, Wendell, I had no idea this existed, but it looks really useful!
TailScale can be used on every server and/or VM to create a ZeroTrust environment.
I have not even watched the video yet. I just have to say that I love and use WireGuard, and I LOVE!!! Tailscale.
I wanted to setup wireguard btn my home pc n laptop. But port forwarding was an issue. Will try it today💯
Been using Tailscale for years now; I have VPN internet gateways in GCP and AWS, and use Tailscale to choose which one I wish to access the internet from on all my devices. An example; I have my web server hosting the Ollama UI in GCP. The computer running the model is in my house. I can run the model using the UI, on my phone. Anywhere in the world. It’s absolutely rad. On top of that any device on the tailnet is served DNS from a pihole I have running in docker
It'd be cool if you could interview the ZeroTier guys, they did most of this stuff before wireguard was a thing. The result is more of an integrated whole rather than a control layer on top of wireguard. Besides that their all-in-one binary hosts all functionality (controller, root servers and end nodes) besides the web portal. The "controller" or "control server" in tailscale is closed source, so if it wasn't for the headscale project we'd be stuck with tailscale as the single provider and authority over what and who enters the network.
sounds like consul/envoy/istio wrapped together. love it
I would like:
1) to have a nerdier friend than i am, to guide/push me to try stuff
2) be more knowledgeable
t.t
thats what the forums are for
The amount of automation i have been able to leverage with Tailscale being the highway is the best. Also SSH keys handling is a breeze
I have a laptop 'server' running a large number of services using proxmox with tailscale for networking. Besides having to have a VPN connection and remembering to shut it down while i'm on the same LAN back home to reduce latency and bottlenecks (which already barely exist) it works as if everything is just a public website instead of * my own jerryrigged laptop masquarading as a server, behind a flimsy 1gbit router *
Love that "Service unavailable for legal reasons"
This is amazing technology making our life easy. ❤
Ipv6 was supposed to do these things.
I'm running ipv6 right now! No problems. And more importantly no 3 users limit or whatever
Yeah, but it takes time, money and a long-term interruption to migrate to IPv6. Perhaps if there were a GLOBAL internet outage for 1 day, the world could FINALLY shift over to IPv6.
I wish I could just run ipv6 but my ISP makes it impossible
Definitely going to have to check this out for my new network overhaul.
arguably the best piece of software in my network
but now, ARE THERE ANY BACKDOORS?????
YESSSSS I HAVEN'T EVEN LISTENED TO IT YET BUT I LOVE TAILSCALE
Theres an entire ADS-B community that uses tailscale to manage their raspberry pi recievers, wingbits.
Wow, this sounds amazing. Thanks.
Luckily my ISP gives a public IP on my connection so I can just open ports for things when needed. That said my only ISP option here is centurylink and their DSL is quite slow even if we’re talking internet speeds 10 years ago. I could go and get myself Starlink but their monthly pricing is still a tough sell. Still it’s nice to know that if I go Starlink or another new ISP arrives and goes CGNAT I can use this to run NAS and servers.
Sounds cool! I'm still in a bit of configuration hell with my setup. Got my home network all set, couple of basic services (plex, torrents, vpn access) and recently added VPN... still trying to figure out how to get the ports open correctly without being completely in the open... would this be able to help?
Owh no.. Limited by the amount of users. And then you need to pay again. And maybe it's cheap now. But you know how it goes, this will increase in price over time. The internet we use today became big because it's free (aside from the isp and physical media).
😮 just installed this two days ago. This looks like foreshadowing 😆
I don't like the notion of "You don't need to secure your Wordpress instance because it's behind a VPN". There are many security scenarios where this will still get you in the end. Tailscale might help prevent access from the entire internet, but not to all other people. Imagine if you had an ex-employee that left the company, but still has login credentials. Or one of your client computers is compromised, giving whoever access to your vulnerable Wordpress instance. You really can't get away from updating often.
Tailscale is cool and all, but I find just wireguard is what I want 99% of the time, maybe when my ISP removes my IP It will be handy
if your setup is simply a site-to-site tunnel, then yes, just a simple straight up wireguard is supperior, EXCEPT if you CAN connect the 2 locations. Some places have double router setups and it become impossible to set something like that up.
So if the "firewall" is distributed among the nodes, and nodes can be scattered globally, then wouldn't bandwidth-intensive operations be unnecessarily slowed to a crawl as a simple large file transfer between two geographically close clients would be distributed across (potentially) the whole globe, inducing large amounts of latency in the process?
Always wanted something like this, will have to give it a go.
Yay, down with software feudalism!
The notion of wireless being faster than wired seems alien to me. Hooking up a 25ft patch cable to an ethernet over power adapter is leagues better than trying to use wifi through three walls.
This sounds good, but then you make yourself dependent on some cloud service for the key exchange part. Which I don't like. If since learned about headscale which enables that part as self-hosted. So that's even nicer.
Currently using it on my Synology!
How does tailscale get around the NAT? Synology for example will connect your laptop to your NAS over the net but that requires software for each device to talk to a synology server first. The NAS and the laptop independently talk to the synology server. The synology server then looks at the packets and pulls the port info and allows the laptop to talk to the NAS by crafting an IP packet with the correct incoming/outgoing ports to get around the NAT. Does tailscale open new ports as well through UPNP? [EDIT] OOPS, I should have waited till 14:39 but there were no details.
6:45 It will be mind blowing to see that happen
looking very promising. im in.
This is like a breath of fresh air, thanks so much for making this and sharing. Kudos o7
So that's a video from level1 and from Jim's Garage today on Tailscale - are they running a marketing campaign?
just coincidence, I did this free :) tail scale has huge potential for many people
@@Level1Techs just curious - no hate from me haha, I love tailscale lol
i just setup up tailscale on my truenas last month and i wish i would have done it sooner.
Real Truman Show opening
Game changer is an understatement.
Thank you ALL!!
I tried it, its slower than Wireguard.
One thing I'd like is for on my phone, the client that keeps Nextcloud autosynced and whatever else I decide to go through Tailscale to reach my network but regular stuff not to, and with minimal battery impact. Can Tailscale do this? At the moment I've just got my own domain and am open port that forwards to my reverse proxy.
If you don't point your phone to an exit node, what you want is already the default tailscale behaviour. Your traffic to the wider Internet still goes straight out without going through a tunnel, but there is a second subnet you can reach that magically has all of your devices on it.
If you want to access devices in your home network that don't have tailscale and don't want to turn on an exit node (full tunnel ie normal self hosted vpn) you can set up your server to be a subnet router.
My subnet router means that my nas (that doesn't have tailscale on it) is always accessible to me by it's local ip no matter what network I'm on
@ Thanks for the info. I’m meaning to migrate my setup from being on my NAS to being on a MS-01 Proxmox VM / LXC and using the NAS shares over NFS for storage, while migrating from swag to traefik. I guess I’ll look into using Tailscale while I’m at it.
Love Tailscale but you both hand-waved at the scenario where “my” Tailscale instance can be used to exfil data from someone else’s (e.g. “Corporate”) network very very easily. Especially if that entity implicitly trusts Tailscale traffic because they also use it.
Unless I’m missing something Tailscale has no ACL that says “only allow these Tailnets when sourced from this public IP [range-s].
Touting ACLs inside various Tailnets that can’t block an unauthorized user from running Tailscale from your network - isn’t the solution the example the fictitious corporate firewall manager wants in his example.
You mean it’s a NETwork instead of a NOTwork?
Is that intro song from uplink?
brilliant content
I love tailscale, but I'm worried about generalized usage if it grows too much and it is used by ignirant people. Think about this:
- you use it in your mother's house on her laptop to access your home pc (which has your media library...).
- A friend of your mother (who you dont even know) did exactly the same thing in your mothers laptop a week ago
- If the computer of this 3rd person (or somebody else on its own tsilscale network) was compromised by virus and malware, now your home pc can also be compromised
It's not completely magic, it wasted me a couple of hours because it doesn't work with quite a few LAN games for some reason I forgot while a similar software instantly worked for those without any hiccup.
Edit: I think it was broadcast/multicast, I think wake on lan didn't work either
Thank you Tailscale!
Engineer for over 40 years. - I never post. This is my first ever.
.
This is a great idea except for 1 thing.
I have to log into some remote site to allow me to operate this thing.
That is a 0 go for me. As I trust nobody.
.
I was hoping a lot for this magic bullet where I configure from one site to the next with no other external part ever in the process.
.
I hope I am wrong with what I understand.
regards
7:00 - well, I assume that the WiFi will ultimately be wired into something that is even faster, right? So wired will always be faster than crappy consumer electronics devices... no surprise there...
Airdrop is hot, wet garbage. Airdrop works 50% of the time for me _and_ it takes SO long to set up _and_ I don't want to leave Airdrop enabled because of possible vulnerabilities.
I'm trying it out now...
probably the only VPN I will actually pay for
Just tried downloading this and it's asking me for a login. This is strange for 2 reasons.
1. You need to give it a personal Google/Microsoft/Github/Apple account and that's a privacy issue.
2. You have an option to just input an email. Which, to me, sounds like you could use an account not tied to a service but it then redirects you to Google or Microsoft for example. It's not just an email/password login.
I really wanted to use this but I do not understand why a login in is even necessary. You could just link nodes by sharing a private key for example. An account is not necessary at all.
Hard pass.
So it's a VPN with NAT traversal?
log me in hamachi
Wendel... video idea: Open Source Tailscale alternatives 🙏
Would I run...
a messageboard with this?
make video calls?
make a website so that I don't have to pay a hosting website, pay for a domain name??
Its a set and forget software. It gets out of the way. You install it and you can reach your server from anywhere like it was on lan
Would love if SMB would work better, have a lot trouble with Timemachine
I tried and am still using it but the speed is too slow and yeah I am doing inter continental communication.
Apple continuity without the walled garden ?
So a bit like shortest path bridging except for VPNs...
thanks for the sponsored ad - NOT!
i set it up while watching the video. It's awesome, I can air drop between my android and my iPad, and it was super easy to set up.
to bad tailscale requires you to use a third-party to use the service, I dont need other company's having access to my network.
Respect!
I love Tailscale ❤