No, that’s not quite true. The wireguard tunnels that the Tailscale daemon creat... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		db48x 43 days ago \| parent \| context \| favorite \| on: Tailscale Peer Relays is now generally available No, that’s not quite true. The wireguard tunnels that the Tailscale daemon creates only go to your own machines. Nothing going through those tunnels goes to or is seen by Tailscale the company. Sometimes those tunnels go through a proxy (especially when you’re afflicted by CGNAT), but the proxy sees only encrypted traffic.

nickburns 43 days ago [–]

So how does the proxy know where to proxy packets to?

db48x 43 days ago | [–]

The tailscale client on one of your computers tells it the address of your other computer.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact