Product
Solutions
Enterprise
Customers
Docs
Blog
Pricing
Download
Get started
Login
© 2024

Performance best practices

Tailscale continuously looks for ways to improve performance. For example, making significant changes to wireguard-go (the userspace WireGuard® implementation that Tailscale uses) and taking advantage of transport layer offloads to push Tailscale to 10Gb/s, and beyond.

In most cases, Tailscale will provide the best performance possible without needing additional configuration or customization. This document describes best practices and recommendations to achieve the highest performance possible in various environments, operating systems, and Tailscale modes of operation (exit nodes, subnet routers, and the like).

Direct connections

Tailscale uses both direct and relayed connections, opting for direct connections where possible. Direct connections will nearly always result in better performance in the form of lower latency and higher throughput.

Expose a public IP address for your Tailscale nodes to ensure a direct connection or open a firewall port to establish a direct connection when necessary.

Operating system recommendations

Use a recent version of your preferred operating system as it will typically have the most recent software and hardware optimizations.

When maximum performance is desired, use Linux and kernel version 6.2 or later. This will provide the best performance, enabling Tailscale to use the latest kernel features.

Linux optimizations for subnet routers and exit nodes

Tailscale version 1.54 or later used with a Linux 6.2 or later kernel enables UDP throughput improvements via transport layer offloads. If Tailscale is acting as an exit node or subnet router, ensure the following network device configuration is in place for the best results:

NETDEV=$(ip route show 0/0 | cut -f5 -d' ')
sudo ethtool -K $NETDEV rx-udp-gro-forwarding on rx-gro-list off
Enable on each boot

Changes made via ethtool are not persistent and will be lost after the machine shuts down. On Linux distributions using networkd-dispatcher (which you can verify with systemctl is-enabled networkd-dispatcher), copy and run the following commands to create a script that will configure these settings on each boot.

printf '#!/bin/sh\n\nethtool -K %s rx-udp-gro-forwarding on rx-gro-list off \n' "$(ip route show 0/0 | cut -f5 -d" ")" | sudo tee /etc/networkd-dispatcher/routable.d/50-tailscale
sudo chmod 755 /etc/networkd-dispatcher/routable.d/50-tailscale

Test the created script to ensure it runs successfully on your machine:

sudo /etc/networkd-dispatcher/routable.d/50-tailscale
test $? -eq 0 || echo 'An error occurred.'

Machine sizing recommendations

For best performance use the most recent CPU generation available to you. In general, higher CPU clock speed is more important than more cores.

Provider-specific recommendations

See the following for provider-specific sizing recommendations: