Get started - it's free!
Login
© 2025

IP pool

IP pool is currently in beta.

By default, Tailscale assigns IPv4 addresses to nodes in your tailnet from the 100.64.0.0/10 CGNAT range. This is a private IP range not used on the public internet.

The following IP ranges are reserved by Tailscale, and cannot be used in IP Pools:

  • 100.100.0.0/24
  • 100.100.100.0/24
  • 100.115.92.0/23

For corporate networks that use parts of the same range for other purposes, you can configure Tailscale to use a specific smaller subset of the CGNAT range.

To do this, you can configure an "IP pool" in your tailnet policy file. This is done using a node attribute that specifies an ipPool:

    {
        "acls": ["..."],
        "nodeAttrs": [
            {
                "target": ["autogroup:admin"],
                "ipPool": ["100.81.0.0/16"],
            },
            {
                "target": ["group:dev"],
                "ipPool": ["100.85.0.0/16"],
            },
        ],
    }

With this node attribute set, all new nodes managed by admins in your tailnet will be assigned an IP from the range: 100.81.0.0/16, whereas nodes managed by members of group:dev will be assigned an IP from a subset from the range: 100.85.0.0/16.

You can also change the IPv4 address of a node at any time by an admin in your tailnet.

IPv4 Edit Dialog

Last updated Mar 10, 2025