Tailscale raises $100M

Tailscale is my favorite (product) discovery of 2022. I initially set it up to use as a VPN to get around a misbehaving corporate firewall and accidentally realized it solved a whole bunch of other problems I didn't realize I had. Usually a new product doesn't even live up to the intended use case and so TS is really anomalous IMHO in how good it is.

- SSH'ing into a raspberry pi I have at home that does random IoT stuff.

- Accessing servers on my local dev machine from other devices for testing (i.e. a Windows box or phone)

- Giving access to production bastion devices without publicly exposing anything to the internet.

And best of all I don't have to fiddle with the usual networking stuff. It just works. Kudos on the raise!

Non-disclaimer: I have no relation to anyone on the team. Tailscale is just a delight to use.

I've been using it since last summer to SSH to my pi too. Huge relief in terms of securing it. Easy to install and it just works. I'm not particularly savvy either.

My only complaint is that if you use it on your phone (iphone 11) and forget to turn it off it drains the battery like crazy.

Similar experience. It's profoundly good UX atop a fundamentally strong stack.

Same here - I've found a ton of uses, for one I can now access my Home Assistant instance without actually exposing it to the internet. Same for the linux VMs I run via ESXi on the same Intel NUC. I can also access my QNAP NAS without exposing that to the internet which is huge given how many vulnerabilities have been found with it.

It actually allows me to turn my iPad Pro into a proper development machine as long as I have access to the internet since I can write code locally via Textastic, push to my git repo and test via the VM connected to Tailscale. Of course this was possible with a box on DigitalOcean but I prefer not to pay monthly for a machine just for noodling around.

When I tried Tailscale it seemed to have high CPU problem in general under reasonable load. I don't remember the numbers, but it made me uncomfortable to use it in my low powered servers. I wonder if this is the consequence of being a userspace program unlike wireguard kernel module.

So how do you use this for personal stuff? I know you mentioned the Pi, but what else do you use it for?

SSH'ing to a raspberry pi in my parent's basement where my beer is fermenting has been the killer use case for me. Their crappy IPS router does not allow port forwarding, but with Tailscale I can directly access the sensors. Only today I learned that I can even use Tailscale as an exit node (to the internet or the local network) and therefore use it like a normal VPN.

But HOW can this work? It MUST have config level access to each machine, that's the only way I can see this working. I guess I just have to try it to see.

Why use SSH? With Tailscale all you need is rsh ;)

It's a really neat piece of software - you're right that it does have the ability to configure your system, routing tables in particular.

The Tailscale agent (thing that runs on your machine) changes the system routing table (at least on Linux) and uses policy-based routing (marks packets destined for the "Tailnet" specially) to build the overlay network. Since everything is done at L3 in the OSI model, iOS and Android clients (in the form of an app) are also available without needing root (jailbreaking).

There are some things it can't do owing to the whole thing operating at L3, but it's a really awesome implementation nevertheless. And just to add, they aren't the first to build a product like this, but they do it incredibly well and the time to value for most users is extremely short, made even better by the fact that the expectation is that the time to value will be long(ish) and painful.