Product
Solutions
Enterprise
Customers
Docs
Blog
Pricing
Download
Get started
Login
© 2024

What is 100.100.100.100?

If you’re using Tailscale, you might have seen the 100.100.100.100 IP (or fd7a:115c:a1e0::53 IPv6) address used in a number of places. This special IP service address is referred to informally as Quad100. This topic explains what 100.100.100.100 is, what it isn’t, and what it is used for.

100.x.y.z is a Tailscale address

Tailscale creates a private overlay network that securely connects your machines using WireGuard. We call this network a tailnet. Each machine in your tailnet is identified by an IP address in the 100.x.y.z address range (where x is a number in the 64-127 range).

100.100.100.100 is the localhost of Tailscale

Similar to how every IP networked machine responds to itself at 127.0.0.1, also known as localhost, every machine on your tailnet responds to 100.100.100.100, also known as Quad100.

Like localhost, Quad100 exposes various services meant only for use on your local machine, services that cannot be reached from other machines on your tailnet. Unlike localhost, Quad100 only exposes services provided by the Tailscale application, not other applications on your machine.

These are the services that run on Quad100.

100.100.100.100:53 is a DNS resolver

A DNS resolver is a service that allows easy-to-remember hostnames like google.com or macbook.tailnetname.ts.net to be resolved to IP addresses like 8.8.8.8 or 100.12.34.56.

The DNS service on Quad100 is used to resolve tailnet hosts locally (we call this MagicDNS) and forward DNS requests to exit nodes (when in use). Depending on the operating system, the Quad100 DNS service may also be used to implement Split DNS and/or Override Local DNS. Additionally, the DNS service uses DNS over HTTPS when feasible to encrypt your forwarded DNS queries in transit.

Tailscale does not log DNS queries sent to 100.100.100.100:53 as the resolver runs locally, but the DNS server(s) configured in your tailnet may log DNS queries after they have been forwarded.

The DNS service on Quad100 can be considered a stub resolver (similar to systemd-resolved) with some extra features. For more information about DNS in Tailscale, see DNS in Tailscale.

100.100.100.100:80 is a web server

On Tailscale clients running v1.64.0 or later, port 80 hosts the device web interface. This web interface allows you to manage Tailscale device settings locally. For instance, you can configure exit nodes, subnet routes, and Tailscale SSH by simply accessing http://100.100.100.100 on the device.

This is especially useful for any device that doesn’t have a native client UI supported, such as a computer running Linux. If you’re using a Tailscale version before v1.64.0, the web interface can be enabled manually to run over Quad100.

Remember, 100.100.100.100 is a local service

If you’ve noticed your computer connecting to 100.100.100.100 when using Tailscale, that is completely normal. No traffic is leaving your device unless it is necessary to provide the service, such as when forwarding DNS requests. Nobody else can access your computer via this IP and Tailscale servers do not see its contents.