What is it?
A service, which allows devices to connect together through a Wireguard tunnel, but also builds upon it with features like NAT Traversal, etc.
How and why I use it?
Tailscale in my setup offer a secure and easy way to access my services. Most of them are not available publicly, so I need to be connected to my local network and also DNS server.
I use Headscale to host my own coordination server. Headscale is configured to use its own internal DERP server. Otherwise, it would use the ones provided by Tailscale and piggy-bag on their infrastructure. As I am not their paid customer, I have decided not to use it. This is also a way recommended by the Headscale devs.
Each device uses the official Tailscale app.
Used flags to run the tailscale up command
--accept-routes- to accept offered routes (subnets mainly)--advertise-exit-node- advertise nodes, which route the traffic to the internet, only used on a handful of devices--advertise-routes- used to advertise subnet routes--login-server- probably the most important, used to define custom coordination server (Headscale)