Open source is in Tailscale’s bones. After our seed round, when we were only five people making our initial open source plans, we each already had decades of experience writing and using community software. Personally, I’m a Unix programmer only because of a Slackware CD I picked … | Continue reading
Managing privileged access can help improve security by reducing unnecessary access to sensitive resources and customer data. With Tailscale ACLs, you can already manage access to company resources and restrict access with “default deny” rules. | Continue reading
As your teams grow and become more distributed, it makes sense to limit an employee’s access based on their job function rather than to give everyone persistent access to your production environment. This not only lets you manage sensitive resources such as customer data more eff … | Continue reading
Today we’re delighted to introduce Tailscale SSH, to more easily manage SSH connections in your tailnet. Tailscale SSH allows you to establish SSH connections between devices in your Tailscale network, as authorized by your access controls, without managing SSH keys, and authenti … | Continue reading
Previously on the Tailscale blog, I walked through how authentication works | Continue reading
We’ve raised $100M in a Series B financing led by CRV and Insight Partners, with participation from our existing major investors: Accel, Heavybit, and Uncork Capital, along with a cast of many prominent angels and smaller investors. | Continue reading
You can do many things with computers. Some of them are more productive than others. My recent blog post shows how to authenticate to any service, such as Grafana. Some people took the idea of using Tailscale for authenticating to any service as a neat fact. Others took this as a … | Continue reading
Connections between Tailscale nodes are secured with end-to-end encryption. Browsers, web APIs, and products like Visual Studio Code are not aware of that, however, and can warn users or disable features based on the fact that HTTP URLs to your tailnet services look unencrypted s … | Continue reading
Hi, it’s us again, the ones who used to store our database in a single JSON file on disk, and then moved to etcd. Time for another change! We’re going to put everything in a single file on disk again. | Continue reading
TL;DR: Tailscale’s free plan is free because we keep our scaling costs low relative to typical SaaS companies. We care about privacy, so unlike some other freemium models, you and your data are not the product. Rather, increased word-of-mouth from free plans sells the more valuab … | Continue reading
You can use subnet routers in Tailscale to easily connect an existing network you have to your tailnet—for example, a virtual private cloud, or an on-premises legacy network. To set up a subnet router, you advertise routes from the device, and then approve these from the admin co … | Continue reading
This Thanksgiving, Tailscale is thankful for all the people whose code we build upon. | Continue reading
Remote development is hard. You need access to all the things from wherever you happen to be working from this week. It could be a coffee shop, the train, or even (gasp!) the office. In an ideal world, it shouldn’t take longer to gain access to what you need to get your work done … | Continue reading
Tailscale on iOS runs as a special kind of app, a Network Extension. This lets us run in the background, so we can secure traffic from all of your applications, without them having to change anything. But with this power comes a memory straightjacket. Normal iOS apps can use 5GB … | Continue reading
Connections between Tailscale nodes are already secured with end-to-end encryption—that’s a huge benefit of being built on WireGuard. However, browsers are not aware of that because they rely on verifying the TLS certificate of a domain. | Continue reading
Tailscale loves open source. We know that it can be tough to develop a project in the open, and collaborate with individuals and organizations around the world. | Continue reading
Role-based access control was great. Let’s talk about what happened since then. | Continue reading
Growing up, I, like many computery people of my generation, was an idealist. I believed that better, faster communication would be an unmitigated improvement to society. “World peace through better communication,” I said to an older co-worker, once, as the millennium was coming t … | Continue reading
This article attempts to resolve some of the most common misconceptions around IPv6. | Continue reading
An introduction to the Windows Filtering Platform, and how to make your software program the Windows firewall. | Continue reading
Tailscale is a zero config VPN for building secure networks. Install on any device in minutes. Remote access from any network or physical location. | Continue reading
Today, we’re announcing a new pricing model for Tailscale that makes it less expensive for everyone, and easier to scale from a small test deployment to something your whole friend group, startup, or organization can use. | Continue reading
Taildrop was the first test of an experimental p2p app discovery layer in Tailscale. Let us talk about why it was so easy to build, and where we go from here. | Continue reading
A lot of people use Tailscale with Network Attached Storage (NAS) devices. In an effort to make this technology more accessible we’re publishing this transcript of a conversation about the basics of Network Attached Storage between our past co-op student Naman Sood, and our Archm … | Continue reading
Taildrop is a feature that makes it easy to send files between your personal devices on a Tailscale network. Unlike cloud-based file transfer services, Taildrop’s peer-to-peer design makes it well-suited for lots of kinds of files you might want to send. | Continue reading
Automating deployment of a web server using GitHub Actions should be DevOps 101, so as a university student, it is the perfect time for me to be learning this. But what if, for security reasons, the server is accessible only over Tailscale? | Continue reading
The latest version of Tailscale is available today! Learn how to update or read the full release notes on Github. This release contains a lot of general improvements, along with support for some upcoming feature previews. | Continue reading
Taildrop is a feature that makes it easy to send files between your personal devices on a Tailscale network. | Continue reading
A brief history of DNS on Linux systems and what steps we are taking to ensure it is configured consistently in Tailscale 1.8. | Continue reading
Note Exit nodes are a feature available in Tailscale v1.6 or greater . Tailscale v1.6 will be released in mid-March... | Continue reading
The Go standard library's net.IP type is problematic for a number of reasons. We wrote a new one. | Continue reading
An intriguing tale of rotating ssh keys. | Continue reading
What is a microservice? When are microservices a good idea? Lately, I get people asking me when microservices are a good idea. In systems design explains the world, I talked about big-picture issues like second system effect, innovator's dilemmas, and more. Can systems design ans … | Continue reading
How to provision a new NixOS machine on Digital Ocean with nixos-infect andautomatically connect it to your Tailscale network, then use that server toset up a fully private Minecraft world. | Continue reading
When I first joined Tailscale, I was horrified to learn that "thedatabase" was a single JSON file that was rewritten on anychange. We migrated to something better. | Continue reading
Big news today! We’ve raised US$12 million in Series A funding led by Accel, with participation from Heavybit and Uncork Capital. The new funding follows the seed round we announced just a few months ago in April, and will allow us to build out our team and product at a faster pa … | Continue reading
In this post, we'll talk about how to establish a peer-to-peer connection between two machines, in spite of all the obstacles in the way. | Continue reading
Excalidraw is a whiteboard tool that lets you easily sketch diagrams that have a hand-drawn feel to them. - Excalidraw | Continue reading
An article by Michael Tremer titled Why notWireGuard is sometimesshared in VPN discussions. Unfortunately that article contains severalmisconceptions and some out-of-date information that deserves to beaddressed.Let’s go through his arguments section by section. | Continue reading
I used to tolerate and expect complexity. Working on Go the past 10 years has changed my perspective, though. I now value simplicity above almost all else and tolerate complexity only when it’s well isolated, well documented, well tested, and necessary to make things simpler over … | Continue reading
Just over a year ago, we founded Tailscale with a common sense of nostalgia for the “good old days” of LANs. In our collective opinion (then and now) networking and cloud infrastructure has become too complicated. Attempts to increase team connectivity and migrate towards remote … | Continue reading
I started programming in the 1990s living above my parent's medical practice. We had 15 PCs for the business, and one for me. The standard OS was MS-DOS.The network started off using IPX over coax to a Novell Netware server, the fanciest software we ever owned. IPX was so much ea … | Continue reading
People often ask us for an overview of how Tailscale works. We’ve beenputting off answering that, because we kept changing it!But now things have started to settle down.Let’s go through the entire Tailscale system from bottom to top, the sameway we built it (but skipping some zig … | Continue reading
As a “fully remote work” company, we had to make some choices about thetechnologies we use to work together and stay in touch.We decided early on — about the time we realized all three cofounderslive in different cities — that we were going to go all-in on remote work,at least fo … | Continue reading
Tailscale provides software and services that help you connect your business to cloud services smoothly, safely, and securely. | Continue reading