Tailscale: WireGuard-based private networking
Zero-config mesh VPN with daemon and CLI tools.
Learn more about tailscale
Tailscale is a zero-configuration mesh VPN solution built on top of the WireGuard protocol that creates secure peer-to-peer network connections between devices. It operates by coordinating with a central control plane that handles authentication, key distribution, and NAT traversal coordination, while actual data traffic flows directly between nodes using encrypted WireGuard tunnels. The system implements automatic discovery and connection establishment through STUN, DERP relay servers for NAT traversal, and continuous path optimization to maintain direct connections whenever possible. Tailscale integrates with existing identity providers for authentication and authorization, allowing organizations to map network access policies to their existing user directory systems. The architecture prioritizes ease of deployment by eliminating manual firewall configuration and key management while maintaining the performance characteristics and cryptographic security properties of the underlying WireGuard protocol.
WireGuard Protocol Foundation
Built on WireGuard's audited cryptographic implementation rather than custom VPN protocols. Provides modern encryption with minimal attack surface while handling coordination and key management automatically.
Unified Cross-Platform Daemon
Single codebase implements tailscaled across Linux, Windows, macOS, and BSD systems with native mobile clients. Ensures consistent network behavior and reduces platform-specific bugs.
Integrated Identity Management
Built-in OAuth, SSO, and 2FA support without external authentication infrastructure. Eliminates separate identity providers for device-to-device access control in private networks.
import tailscale
// Get Tailscale client status
status, err := tailscale.Status(context.Background())
if err != nil {
log.Fatal(err)
}
fmt.Printf("Connected: %v\n", status.BackendState)
fmt.Printf("Tailnet: %s\n", status.CurrentTailnet.Name)Release notes do not specify changes; refer to external changelog for breaking changes, requirements, and fixes.
- –Review the official changelog at tailscale.com/changelog before upgrading to identify any breaking changes or migrations.
- –No actionable details are provided in the release notes; assess impact from the external changelog link.
Release notes do not specify changes; refer to external changelog for details.
- –Review the official changelog at tailscale.com/changelog to identify breaking changes and upgrade requirements.
- –No actionable details are provided in the release notes themselves.
Release notes do not specify changes; refer to external changelog for details.
- –Review the official changelog at tailscale.com/changelog to identify breaking changes and upgrade requirements.
- –No actionable details are provided in the release notes themselves; external documentation is required.
See how people are using tailscale
Top in Networking
Related Repositories
Discover similar tools and frameworks used by developers
kong
Lua-based reverse proxy with pluggable architecture.
nginx-proxy-manager
Web UI for Nginx reverse proxy and SSL management.
proxychains
Force TCP connections through chained SOCKS/HTTP proxies via LD_PRELOAD.
rippled
Peer-to-peer consensus node for XRP Ledger network.
jitsi-meet
WebRTC video conferencing with self-hosting and embeddable SDKs.