The features here seem to be fairly standard with most the WireGuard based VPNs these days. For example, I use Nord for my use-case which is very similar to the author's. This allows me to rsync my home directory between my laptop, tablet, phone's Termux env, and desktop (all running Linux) to maintain configuration parity and file locality regardless of where I turn these devices on, so long as they have internet.
Does Tailscale have features that set it apart now that other VPNs have gotten the private mesh thing down pretty well?
It just works, literally. I haven’t tried nord, but I’ve got clients on Mac, Linux, windows, rpis, it all just works. I used to run pivpn, but the key exchange magic Tailscale employs is so much simpler and it somehow works on networks blocking unknown packets like the pivpn I had set up on some random udp port.
I use it on android to talk to my synology and a proxmox server at my house from anywhere.
It comes in handy from time to time. I run a "public" subsonic server but I don't have most of my own productions on it, but I can open VLC on android and go to a bookmarked share and play it all there.
Also stuff like NVR camera feeda I can look at over tailscale, too. No "cloud" storage needed.
I wish there was an easy reliable way to do this that didn't involve a for-profit; but until awful things happen I am fine using this for low-friction, trivial network access.
I've used it on Android to stream the occasional video or song from my Jellyfin server while using mobile data. Not bad at all, plus they finally seem to have gotten their battery drain issues under control.
Recently, as I have been traveling through the Middle East and East Africa, I have also used Tailscale on my phone to protect myself on public wifis and to work around MitM attempts, see my other comment further up.
Maybe not if all you're doing is hooking some nodes together. That said, I have personally used these Tailscale features that with a quick glance I don't see Meshnet having:
- ephemeral nodes are super useful for things like attaching a GitHub action runner or a fly.io instance to your tailnet
- Tailscale's ACL system has a ton of capabilities
- getting corporate buy-in is possible, vs trying to get a business to buy into Nord meshnet for actual workloads
Sorry, I wasn't aware you had objections to proprietary products! After all, this was a thread about Tailscale and alternatives. :) Many people find it painful to setup a VPN network and prefer a managed solution (e.g. Tailscale instead of Wireguard.) Likewise, people have different understandings of what exactly FOSS means and I'm not deeply familiar with the BSL, so I'm not sure whether it would meet your needs.
Best of luck in your search! Maybe take a look at Tinc or Yggdrasil.
> Likewise, people have different understandings of what exactly FOSS means and I'm not deeply familiar with the BSL, so I'm not sure whether it would meet your needs.
I've tried Nebula before, admittedly a while ago, and it seemed interesting, but much less user friendly than Tailscale. But one of these days I would like to play around with defined.net just to see what other options are out there.
I also tried ZeroTier and was extremely unimpressed, although again that was a few years ago. The performance on single threaded systems was absolutely terrible, which suggests some deeply broken code and made it unusable with a cheap VPS. The paceof development was also pretty slow and the insistence on homebrew crypto was also not confidence inspiring compared to something that used a proven solution like Wireguard.
There's zerotier, nebula like others have managed and also a few more older and fringey ones like tinc and hamachi that basically invented the same concept 10+ years before the rest.
I was all on board with WireGuard myself but couldn’t get smb working reliably. Saw someone say they’re had better performance with tailscale and sure enough I can actually use it. It’s not perfect or anything but quite amazing considering it’s still just WireGuard under the hood. Whatever magic configs they have, good job
The beauty of it is that you control it. And even scale it to console stuff. For my use, that’s desirable.
That said, I can totally see where a less DIY solution. VPNs fundamentally aren’t novel and there’s nothing wrong with Nord and similar products. (Although I don’t put any stock in the no logging claims)
Does Tailscale have features that set it apart now that other VPNs have gotten the private mesh thing down pretty well?