June 1, 2024

Tailscale For Dummies

cool software

home lab

Tailscale is a tool that I use daily to help me connect my devices, manage a home server, and block ads on my devices.

If you run a home server, or you want to use a computer at home as a VPN, or if you even want ad-blocking to work on all your devices (even your iPhone and TV), then Tailscale might be for you.

What is Tailscale?

According to their website:

Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly. It enables encrypted point-to-point connections using the open source WireGuard protocol, which means only devices on your private network can communicate with each other.

So in a nutshell, Tailscale lets your devices talk to each other safely from anywhere. It's like a secure tunnel that only your devices can use to connect.

I'm going to go over a few ways that I like to use Tailscale on a free personal plan: managing a home server, connecting to my home network as a VPN, and blocking ads on my devices. Tailscale is also a robust business solution, but I've never needed it in that setting so I'm going to focus on my personal applications.

Managing a Home Server

I love tinkering with my home lab, which includes a Synology NAS and an HP Slim desktop. They handle everything from media streaming to home automation. However, accessing these devices has been a challenge outside of my local network. Typing in 192.168.1.100:5000 works at home, but I don't want my services open to the entire internet for obvious security reasons.

Enter Tailscale. With Tailscale, I connect all my devices as if they were on the same LAN, no matter where I am. I simply install Tailscale on my server, laptop, and phone, log into my account, and voilà—instant secure connections via WireGuard.

Now, if I'm at my in-laws' in Canada and need to access my Synology NAS, I use the Tailscale IP of my NAS 100.100.67.10:5000 instead of its local IP, and just like that I can access the Synology DSM from my browser as if I were sitting right at home in the land of the free. It's seriously like magic!

This works for pretty much anything you use locally. For example, I also run Home Assistant on my server, and using Tailscale, I can control my lights from anywhere on my phone. I only use this power for really important things though, like scaring my wife who's at home by flickering the living room lamp on and off while she's watching a scary movie.

Home VPN

Running a home server, I have a plethora of options available for self-hosting a VPN solution so that I can access my network at home, and secure my internet connection while on the go. But honestly, I've never even tried to set up another VPN solution because Tailscale was just so dang easy.

Tailscale has a feature called "Exit nodes", which allows you to choose a device in your tailnet to route your client's entire traffic through.

exit-nodes

For example, let's say I travel to another country and want to watch something on Netflix but it wasn't available in that country. I could connect my device to Tailscale, which routes my connection through a computer at home (like my Synology NAS, my HP server, or even my Apple TV), and now my internet connection is running through my ISP back at home. Now, I could continue my binge of Brooklyn Nine-Nine instead of going to the Colosseum!

Blocking Ads

Tailscale has a feature to override the DNS settings on the device it's running on. Since it's running as a VPN on your device, it can have control over the Network configuration, meaning that you can even change the DNS settings on devices that make it difficult or impossible to do so.

If you run a Pi-Hole on your home server, or if you use a DNS-management service like NextDNS (both are awesome tools), then you can point the DNS nameservers in Tailscale to the target of your choice and fully manage and access your DNS queries across any devices on your tailnet.

custom-nameservers

I've used both Pi-Hole and NextDNS in the past as DNS management solutions and they were both great. Currently, I don't use either anymore and simply point my DNS settings to Adguard's public ad-blocking IP addresses since it's easier and I don't need the customization.

This blocks ads on ALL my devices — and not just in the browser like a browser extension would. Even on my iPhone, I don't see a single third-party advertisement, even in games and other apps! There are iOS apps that are specific to this feature (setting up a VPN connection to override DNS settings for ad-blocking) but since I use Tailscale anyway, it's a much loved feature for me.

Conclusion

Tailscale can do so much more than what I posted about, but these are the use cases that have been most beneficial to me. I probably wouldn't say that this tool is for everyone, but if you even have two devices that you wish were able to be connected with each other outside of the same LAN, then it's definitely worth looking into. As for me, it's a vital component of my home lab, my privacy, and my sanity.

Resources & Research Topics

I always suggest doing your own research on the tools you use. What works for me might not be the best option for you, so here are some research suggestions to get you started:

More cool Tailscale features to learn about: