I stumbled across an article the other day about how great Tailscale is… I have a VPN and a private DNS, but am wondering what benefits I may get from changing… is it because it is local?
Tailscale allows any device you add to your plan on any network which is connected to the internet to operate like they are all on the same Local Area Network.
So you could have a computer at home and one at a relative’s house see each other as “local” to each other
3 Likes
Basically easier to configure in most cases, you don’t need port forwarding or a public IP, you can set access tiers i.e ACL
Yes, the attraction is because it is local. Commercial VPNs require a server hosted by the provider. All connections (and data) within the VPN go through that remote server. As I understand it, Tailscale eliminates the remote server and all connections go directly from device to device. Of course, there are other ways to eliminate a third-party server (for example by running your own personal VPN on your own personal server), but they require must more technical skill to set up and maintain.
Client or server?
(Do you connect to a third-party server or do you run your own on your router/NAS/…?)
Plus it is super easy to connect up NextDNS to Tailscale, and all your Tailscale devices will have Ad blocking enabled. No need to set up every browser independently.
1 Like
Client. Adguard DNS. Twenty Characters
Appreciate the insights, peoples. Moar research required (god, but the documentation is windy…)
Tailscale is great for certain use cases, but it’s not the same thing as a VPN service like IVPN, Mullvad, or ProtonVPN. Here’s how I use Tailscale and maybe that description will help clarify things a bit.
I have a couple of remote VPS’s that run various services in addition to a VM on my Mac Studio running radicale as a caldav / carddav server. By adding all of those systems as well as my linux laptop, ipads, and iphone to my personal tailnet in Tailscale they are always accessible as if they were on the same LAN. By going this route there’s no need to open any ports to the public internet which goes a long way in reducing the attack surface.
But I also run ProtonVPN on my router to somewhat hide my family’s internet usage from my ISP (whose privacy policy I disagree with) and because I find IP geolocation by various online services to be a bit creepy, among other reasons. I fully admit to being a privacy enthusiast and that most folks really don’t care about that kind of stuff. YMMV.
Tailscale’s nextdns integration is also nice, I switched from adguard to nextdns earlier this year due to my concerns with the ownership issues with adguard (it’s a Russian company registered in Cyprus). Tailscale also has a nice interface for getting Let’s Encrypt certs for services you may want to run on a server on your tailnet.
Anyway, I hope that helps.
4 Likes