What is a tailnet?
A tailnet is your private network. When you log in for the first time to Tailscale on your phone, laptop, desktop, or cloud VM, a tailnet is created.
For users on the Free plan, you are a tailnet of many devices and up to 3 users. Each device gets a private Tailscale IP address in the CGNAT range and every device can talk directly to every other device, wherever they are on the internet.
For businesses, organizations, and other plan users, a tailnet is many devices and many users. It can be based on your Microsoft Active Directory, your Google Workspace, a GitHub organization, Okta tenancy, or other identity provider namespace.
All of the devices and users in your tailnet can be seen by the tailnet administrators in the Tailscale admin console. There you can apply tailnet-wide configuration, such as access control lists (ACLs) that affect visibility of devices inside your tailnet, DNS settings, and more.
It is also possible to share access to devices between tailnets. This gives you the ability to share internal organization services with tailscale users outside your organization (or share your personal Minecraft server with your friends).
Your tailnet is your space. The internet cannot reach it. Think of it like a conference room with only people you have invited inside. Your tailnet can be a safe network where you are free to explore without the rest of the internet watching.
Each tailnet has both a tailnet name and an organization name.
A tailnet name is provided by Tailscale to avoid publicizing your organization name. The tailnet name is used
by features such as MagicDNS, HTTPS, and sharing. You can choose whether a default tailnet name
tailfe8c.ts.net) or a fun tailnet name (such as
yak-bebop.ts.net) is your active tailnet name. You can view your tailnet
name and switch between the default and fun names in the DNS page of the admin console.
A tailnet is for users on the same domain. A tailnet’s organization name is based on your corporate domain, email address, or GitHub username. The organization name is used by the Tailscale API. You cannot change your organization name. You can view your organization name in the General settings page of the admin console.