October 29, 2025

Relay to Play: Tailnet Wars

Article URL →HN comments →

Tailscale Peer Relays

Tailscale lets your own devices act as speed-boost helpers — fans cheer, purists cry nostalgia

TLDR: Tailscale now lets your own devices relay traffic for faster connections when direct links fail. The crowd is split: admins cheer and ditch hacks, old‑school fans say “tinc did this,” while others ask about offline use, cross‑sharing, and whether encryption can keep up at 10Gbps.

Tailscale dropped Peer Relays, letting your own devices pass traffic when direct connections fail, and the comments lit up like a Christmas tree. Fans are hyped that this is faster than Tailscale’s managed relays (called DERP) and built right into the app. One user popped the champagne: “Now I can rip all that out and use this!” — finally ditching a quirky Kubernetes workaround. Speed chasers flexed goals like 10Gbps, while a skeptical crowd asked if WireGuard encryption will keep up or if the CPU will become the new bottleneck.

Then came the drama: old-school veterans rolled in saying “tinc did this 20 years ago,” turning the thread into a history lesson versus progress pep rally. Another camp asked real-world questions: can you share across multiple networks easily, and how do permissions work when machines are shared? The most relatable moment was someone asking if this helps when the internet dies — they want local devices to stay connected without the cloud in the middle (aka “apocalypse mode”).

Overall vibe: excitement with a side of nerdy caution. People love the idea of customer-managed, faster relays and one simple port to open, but they want clarity on offline behavior, cross-sharing rules, and whether those headline speeds translate at home without their CPU screaming. Tailscale fan club vs. mesh purists — fight!

Key Points

  • Tailscale launched Peer Relays, a customer-managed relay feature built into the Tailscale client.
  • Peer Relays aim for near–direct connection performance and can outperform Tailscale’s managed DERP relays.
  • They relay traffic only for nodes within the same tailnet that have access to the relay and run over UDP with a single open port.
  • Tailscale’s connection preference order is direct connections first, then peer relays, then managed or custom DERP, all encrypted via WireGuard.
  • Peer Relays simplify deployment versus custom DERP fleets and are intended for strict NAT and cloud environments.

Hottest takes

"Now I can rip all that out and use this! Bravo!" — cpressland
"This was better solved by tinc about 20 years ago." — homebrewer
"does this enable offline connections?" — HexDecOctBin

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.