Tailscale
- Tailscale is built on the WireGuard protocol.
Exit node
- You can route all your public internet traffic by setting a device on your network as an exit node, then configuring other devices to send traffic through it.
- By default, the device connecting to an exit node won't have access to its local network.
确保开启 IP 转发和防火墙,作为 exit node 的主机运行以下命令,之后在后台启用该主机
配置使用 exit node 的主机
sudo tailscale up --exit-node=<exit-node-ip> --exit-node-allow-lan-access=true
# stop using the exit node
sudo tailscale set --exit-node=
Funnel
- Funnel exposes a local resource to the internet through a unique Funnel URL.
- Funnel can only listen on ports 443, 8443 and 10000
- The same port number cannot be used for Serve and Funnel at the same time.
# serve files over the internet
sudo tailscale funnel /tmp/public
# expose a local port
sudo tailscale funnel --bg=true 3000
# stop the funnel
sudo tailscale funnel --https=443 off
Advertize Services
- Services provide a centralized way to manage all internal resources available in tailnet. It decouples your resources from the devices hosting them.
- The device hosting the resource must use a tag-based identity.
DNS
- add the host to DNS in the admin panel