Blog

A combination of our newsletter and other posts, where we talk about Tailscale, WireGuard®, 2-factor auth, and other networking-related topics.

Subscribe via email, RSS or follow our Twitter.

Tailscale Rhyme Time crossword

This is our inaugural Tailscale crossword puzzle. The answer key will be published in our December newsletter, and on our blog.

November Tailscale newsletter

Laura Franzese on
Photo of Laura Franzese
November brought fascinating community contributions, including creating private Among Us game servers, and Tailscale on a Kobo Sage e-reader.

Thanks for all the code!

This Thanksgiving, Tailscale is thankful for all the people whose code we build upon. One might say we stand upon the shoulders of giants, but looking at our dependencies, a castell might be more accurate. In any case, we couldn’t have done it alone. As a small gesture of gratitude, we’re giving out free Personal Pro accounts to people who’ve contributed to Tailscale’s repos or to code that Tailscale depends on, even if it was written years before Tailscale existed. If you log in to the Tailscale admin panel and you’re on our list, a “Thanks!” heart will appear in the top right corner, letting you upgrade to Personal Pro for free. If you don’t see a heart, though, we might’ve missed you or have you under a different account or account type. If you’re either the creator of or a past or current notable contributor to code we use, please contact us with details and we’ll update our list and make sure the Gmail or GitHub account you want to use with Tailscale is on our list.

Manage access to the admin console with Network Admin, IT Admin, and Auditor roles

We’ve added more user roles to make it easier to manage access to your network. Now, in addition to your tailnet Owner, Admins, and Members, you can give users the roles of Network Admin, IT Admin, and Auditor. This lets users access the admin console without the full permissions of an Admin.

October Tailscale newsletter

Laura Franzese on
Photo of Laura Franzese
It has been another productive month for the team here at Tailscale. We have got a slew of amazing community contributions, including a powershell based updater for Windows by Nick Clark and a video tutorial by Sauber-Lab UK on installing Tailscale on Home Assistant.

Tailscale for developers: Connect to your resources from GitHub Codespaces

Maya Kaczorowski and Denton Gentry on
Photo of Maya Kaczorowski
Photo of Denton Gentry

Have you moved to a remote development environment? In reality, you can rarely develop fully in isolation—you need access to internal tools and services to make sure your code works as expected. So although your development environment moved, well, it’s likely nothing else did.

If you already didn’t have a great way to access internal development resources before, then having an ephemeral VM in a cloud provider spinning up and down as you need it for development doesn’t make that any easier. Especially if it’s not just your development environment, but every user in your organization’s.

GitHub Codespaces connecting to package repositories, and on-prem licensing servers, all over Tailscale.

Luckily, Tailscale works as part of a devcontainer with a reusable auth key, so that every GitHub Codespace you spin up can automatically connect to your tailnet. You can use Tailscale to access resources on your tailnet, or to share your development environment with others.

Tailscale for developers: Connect to your resources from Coder

Photo of Maya Kaczorowski
Maya Kaczorowski on

When you’re developing software, you need to access all kinds of resources, including package registries, container image registries, databases, and other network services. You want to work with those services securely and with low latency, wherever they are, even if they’re behind a firewall or don’t have a public IP address. Most importantly, though, you need to be able to access your coworkers: when you need a code review, or you’re pair programming, you want to be able to easily share your development environment with others so they can see what you’re working on. From a development workspace in Coder, you can access resources you need for development, and share what you’re working with your coworkers with Tailscale.

Tailscale for developers: Connect to your resources from Gitpod

Maya Kaczorowski and Denton Gentry on
Photo of Maya Kaczorowski
Photo of Denton Gentry

Remote development is hard. You need access to all the things from wherever you happen to be working from this week. It could be a coffee shop, the train, or even (gasp!) the office. In an ideal world, it shouldn’t take longer to gain access to what you need to get your work done, including cloud and on-prem resources, than it does to complete the tasks at hand.

Developing remotely should be a boon, not a bottleneck, that’s why we’re excited to partner with Gitpod. We aim to make it easy to connect a running workspace in Gitpod to your resources and your colleagues using Tailscale—with Tailscale available by default in Gitpod workspaces, and Gitpod free for a year to Tailscale customers.

Tailscale logo connected to a Gitpod logo

Rolling out the red carpet for remote meetings

Photo of Josh Bleecher Snyder
Josh Bleecher Snyder on

The world doesn’t need more words about remote meetings. So here’s a picture:

Tailscale team members queued on a red carpet in front of a microphone

Tailscale joins the Synology Package Center

Laura Franzese on
Photo of Laura Franzese

Tailscale is officially supported in the Synology package center. Tailscale + Synology makes it effortless to securely access your Synology NAS from anywhere in the world, on any device. You can also use it as a relay back to other devices on your LAN.

You can use Tailscale with Kubernetes, you know

Maisem Ali and Maya Kaczorowski on
Photo of Maisem Ali
Photo of Maya Kaczorowski

Given that this week is the epic all-things-cloud-native reunion in LA, we thought we might crash your little party and mention that Tailscale already works well with containers and Kubernetes. Many of us here at Tailscale used to work on Kubernetes, and keep it close to our hearts even if we’re not at KubeCon this week (and sorry, we love YAML, but use HuJSON now).

Tailscale v1.16

Photo of Laura Franzese
Laura Franzese on

Tailscale 1.16 is out! The latest Linux, Windows, and Android clients are available today (see our update instructions), while macOS and iOS will be available over the next few days, pending App Store reviews.

We break down the work that’s happened in and around the release of Tailscale 1.16.

Enable device authorization and set key expiry in the admin console

Sonia Appasamy and Ross Zurowski on
Photo of Sonia Appasamy
Photo of Ross Zurowski

We’ve made a few settings easier for you to manage in the admin console: device authorization and key expiry.

Authentication Settings in the admin console showing the new options.

Hey linker, can you spare a meg?

Photo of Josh Bleecher Snyder
Josh Bleecher Snyder on

Tailscale on iOS runs as a special kind of app, a Network Extension. This lets us run in the background, so we can secure traffic from all of your applications, without them having to change anything. But with this power comes a memory straightjacket. Normal iOS apps can use 5GB or so of memory before iOS kills them. We get 15MB. With an “M”.

That has been a constant pain point for our users—and especially for us. When we use too much memory, iOS snipes our network extension, and your VPN access goes down. And the knowledge that doing more work caused more crashes caused us to leave important improvements out of the iOS app, like http2 and UPnP support. It was a constant low level drain on our engineering team and our product.

This blog post is about how we tackled the problem, with a bit of philosophizing and a surprise twist at the end.

September Tailscale newsletter

Laura Franzese on
Photo of Laura Franzese
A new month, a new set of updates! The team has been busy building new features, including HTTPS certificate support and GitHub Marketplace integration. We also launched free pricing for open source GitHub orgs.

Action required: Upgrade Tailscale to 1.14.4+ prior to updating Windows

Photo of Maya Kaczorowski
Maya Kaczorowski on

Due to recent changes in Windows Update, upgrading the operating system on a Windows 10 or Windows 11 machine running Tailscale may break Tailscale connectivity. If this happens, your machine will no longer be able to connect to your tailnet. To avoid this issue, upgrade Tailscale on your Windows machines to Tailscale 1.14.4 or later before running Windows Update.

Provision TLS certificates for your internal Tailscale services

Connections between Tailscale nodes are already secured with end-to-end encryption—that’s a huge benefit of being built on WireGuard. However, browsers are not aware of that because they rely on verifying the TLS certificate of a domain.

To protect a website with an HTTPS URL, you need a TLS certificate from a public Certificate Authority. Tailscale now makes that easily available for the machines in your Tailscale network, also known as a tailnet, with certificates provisioned from Let’s Encrypt.

Even more for free: Tailscale for open source projects

Tailscale loves open source. We know that it can be tough to develop a project in the open, and collaborate with individuals and organizations around the world.

We’re excited to announce that Tailscale is free for GitHub organizations using Tailscale for open source projects. And given Tailscale is good at, well, making connections, friends and family who coordinate using GitHub organization accounts can also benefit from this free plan.

We get stuck opening the socket

Photo of David Crawshaw
David Crawshaw on
I have a soft spot for the Unix sockets API. Yes, it is clunky to get started and has grown some odd options over the decades. It is usually buried now under higher level programming layers. But at the heart of it is a small and versatile interface that is easy to build on and easy to recreate: read(socket, bytes) write(socket, bytes) What bytes, how many bytes, and in what order are up to you. Under the hood TCP gives you reliable transmission. It is a quick and fun way to write a network program. Streams of bytes can contain discrete request-response messages, be used as a message bus, A/V streams, they can be multiplexed and demultiplexed… there are many ways to use them. As a bonus, most programming languages can represent streams of bytes efficiently, so sockets make for good protocol boundaries. It also has the great benefit of being a stable technology.

Private DNS with MagicDNS

Brad Fitzpatrick and David Crawshaw on
Photo of Brad Fitzpatrick
Photo of David Crawshaw
MagicDNS runs a DNS server on each Tailscale device to quickly and securely serve DNS.

Connect a GitHub Action to your Tailscale network — now in GitHub marketplace!

A few months back we released a GitHub Action to make it easier for you to access Tailscale. This allows a GitHub Action you’re running to first connect to Tailscale using an ephemeral authentication key, then perform other steps. Ephemeral auth keys clean up their state after the runner finishes, meaning you’re not persisting a connection to your network.

We’re excited that our GitHub Action is now available in the marketplace! This means that with the Connect Tailscale action, you can easily pull this into whatever actions you write.

RBAC like it was meant to be

Photo of Avery Pennarun
Avery Pennarun on

Most of us have heard of role-based access control (RBAC) and its slightly updated successor, attribute-based access control (ABAC). But we don’t always appreciate all the great ideas they contain.

August Tailscale newsletter

Laura Franzese on
Photo of Laura Franzese
This month’s newsletter has guides on running Tailscale on a Mango Router, running a Minecraft server on Tailscale, how to manage a Windows Firewall from Go, and Tailscale v1.14.

Programming the Windows firewall

David Anderson on
Photo of David Anderson
An introduction to the Windows Filtering Platform, and how to make your software program the Windows firewall.

July Tailscale newsletter

Laura Franzese on
Photo of Laura Franzese
Lots of community contributions to highlight this month! Thank you to everyone writing and sharing their enthusiasm for Tailscale. This month includes a community AWS Lambda Layer for Tailscale, Tailscale v1.12, and Taildrop for Android.

How to set up a private Minecraft server

Laura Franzese on
Photo of Laura Franzese
This post will guide you through the process on how to set up a secure, fast, and private Minecraft server with Tailscale.

June Tailscale newsletter

Laura Franzese on
Photo of Laura Franzese
It has been another productive month for the team here at Tailscale, and we are brimming with community contributions including a getting started video tutorial from David Burgess and a new guide by Justin Rhee on setting up a Tailscale VPN on Kubernetes. Let us jump in!

New Pricing

David Carney, Ross Zurowski and Sonia Appasamy on
Photo of David Carney
Photo of Ross Zurowski
Photo of Sonia Appasamy

Today, we’re announcing a new pricing model for Tailscale that makes it less expensive for everyone, and easier to scale from a small test deployment to something your whole friend group, startup, or organization can use.

Check out the new pricing, or read on for details about what’s changed and why.

Tailscale v1.10 & GitHub Auth

Laura Franzese on
Photo of Laura Franzese
Tailscale 1.10 is now available on all platforms (pending iOS approval to the App Store — we expect it to go through this weekend). Learn how to update or read on for details. While this was generally a bug fix and cleanup release, a few noteworthy changes happened in and around this release worth highlighting.

Taildrop was kind of easy, actually

Avery Pennarun on
Photo of Avery Pennarun
Taildrop was the first test of an experimental p2p app discovery layer in Tailscale. Let’s talk about why it was so easy to build, and where we go from here.

How to access your NAS drive remotely

Laura Franzese on
Photo of Laura Franzese
Use Tailscale to set up your NAS for access from any device

NAS 101: An intro chat about Network Attached Storage

Naman Sood and Christine Dodrill on
Photo of Naman Sood
Photo of Christine Dodrill

A lot of people use Tailscale with Network Attached Storage (NAS) devices. In an effort to make this technology more accessible we’re publishing this transcript of a conversation about the basics of Network Attached Storage between our past co-op student Naman Sood, and our Archmage of Infrastructure, Christine Dodrill. Enjoy!

May Tailscale newsletter

Laura Franzese on
Photo of Laura Franzese
This has been a busy month, with the launch of Tailscale v1.8 and a new feature, Taildrop, that lets you easily send files between your devices.

Sending Files with Taildrop

Sonia Appasamy on
Photo of Sonia Appasamy
Taildrop is a feature that makes it easy to send files between your personal devices on a Tailscale network. Unlike cloud-based file transfer services, Taildrop’s peer-to-peer design makes it well-suited for lots of kinds of files you might want to send.

The long wondrous life of a Tailscale packet

Photo of Josh Bleecher Snyder
Josh Bleecher Snyder on
We track a single packet from creation in one process to arrival in another, far away.

Using GitHub Actions and Tailscale to build and deploy applications securely

Naman Sood on
Photo of Naman Sood
Automating deployment of a web server using GitHub Actions should be DevOps 101, so as a university student, it is the perfect time for me to be learning this. But what if, for security reasons, the server is accessible only over Tailscale?

Tailscale v1.8 is here!

Laura Franzese on
Photo of Laura Franzese
The latest version of Tailscale is available today! Learn how to update or read the full release notes on Github. This release contains a lot of general improvements, along with support for some upcoming feature previews.

April Tailscale newsletter

Laura Franzese on
Photo of Laura Franzese
April has us hard at work on our 1.8 stable release. We’ve got lots of great community contributions to highlight this month.

The Sisyphean Task Of DNS Client Config on Linux

Christine Dodrill and David Anderson on
Photo of Christine Dodrill
Photo of David Anderson
A brief history of DNS on Linux systems and what steps we are taking to ensure it is configured consistently in Tailscale 1.8.

March Tailscale newsletter

Ross Zurowski on
Photo of Ross Zurowski
March brings Tailscale v1.6, including IPv6 support, exit nodes, netstack integration, and more. We also have writing about using Tailscale to create a Dropbox-like system, and details about the new library Tailscale uses for IP addresses behind the scenes.

Subscribe for monthly updates

Product updates, blog posts, company news, and more.

Too much email? RSS Twitter