Headscale
#Network & Cloud#Network Security
A tool for discovering and enumerating external attack surfaces
An open source, self-hosted implementation of the Tailscale control server
This is an open source, self-hosted version of the Tailscale control server. You can join our Discord server for discussions and support. Important: Always choose the same GitHub tag as the released version you are using. This ensures that you have the correct example configuration and documentation.
Tailscale is a modern VPN built on top of Wireguard.
Understanding the Overlay Network Functionality
It functions as an overlay network that connects the computers within your networks using NAT traversal. In Tailscale, everything is Open Source, with the exception of the GUI clients designed for proprietary operating systems like Windows and macOS/iOS, as well as the control server.
The Role of the Control Server in Tailscale
The control server serves as a central exchange point for Wireguard public keys among the nodes within the Tailscale network.
IP Address Assignment and Network Management
It assigns the IP addresses to clients, establishes boundaries between each user, facilitates machine sharing among users, and reveals the advertised routes of your nodes. A Tailscale network (tailnet) is a private network that Tailscale allocates to a user, whether they are an individual or part of an organization.
Design goal: Headscale aims to create a self-hosted, open-source alternative to the Tailscale control server. The objective of Headscale is to provide self-hosters and hobbyists with an open solution.
