Skip to content(if available)orjump to list(if available)

Tailscale Services

Tailscale Services

13 comments

·October 28, 2025

Video walkthrough: https://www.youtube.com/watch?v=mELAg50ljSA

Visit

sharts

i like tailscale but i notice that i get more weird network blippy latency issues when using it. i used to always have my phone connected to my tailnet so i could use my dns, etc. but always occasionally something won’t load right and i have to refresh again couple of times.

It tended to happen a lot more when switching between wifi / cellular when leaving and entering buildings, etc.

Now I just don’t use it

TranquilMarmot

Very cool, I love Tailscale. I use it to connect together a VPS, desktop computer, phone, and a few laptops. My main use case is self-hosted Immich and Forgejo so this is great.

defnnn

This would be great if it supported wildcards for ingress controllers. A service foo would give you foo.tailYYYY.ts.net as well as *.foo.tailYYYY.ts.net.

subarctic

This sounds great, I think it's exactly what I was looking for recently for hosting arbitrary services on my tailnet. I figured out a workaround where i created a wildcard certificate and dns cname record pointing to my raspberry pi on my tailnet but this could be potentially simpler

EKSolutions

I wonder if that architecture screenshot's "MagicDNS" value is a nod to Pangolin, since they are currently working on a new Clients feature that should eventually replicate some of the core Tailscale functionality.

alexktz

I'm afraid it's much more sophisticated. A Pangolin has both a Tail and Scales.

bicepjai

I recently found Tailscale when searching to control my home lab when traveling and have been amazed by how simple it is we can create a private network.

peter_d_sherman

I did not intuitively understand what Tailscale does, so I visited the following related page:

https://tailscale.com/blog/how-tailscale-works

Ah! OK, now I get it! :-)

But, what found particularly interesting on that page was the following:

>" Some especially cruel networks block UDP entirely

, or are otherwise so strict that they simply cannot be traversed using STUN and ICE. For those situations, Tailscale provides a network of so-called DERP (Designated Encrypted Relay for Packets) servers. These fill the same role as TURN servers in the ICE standard, except they use HTTPS streams and WireGuard keys instead of the obsolete TURN recommendations."

DERP seems like one interesting solution (there may be others!) to UDP blockages...

setheron

Is this like a more robust funnel?

rhjensen79

Fantastic. So many posibilities

preisschild

I just wish tailscale would allow you to use long-lived tokens for ephemeral nodes...

Short lived tokens is not always an option

DomBlack

You can use oauth tokens with the permissions of auth_key write to use long lived tokens to permission ephemeral nodes

null

[deleted]