What Is Tailscale?
Tailscale is a mesh VPN built on WireGuard that creates encrypted peer-to-peer connections between your devices. It assigns each node a stable IP in the 100.x.x.x range and handles NAT traversal automatically, making it ideal for connecting multiple Breezes securely.
Prerequisites
- A Breeze running Ubuntu 22.04 or later
- A Tailscale account (free tier supports up to 100 devices)
Install Tailscale
curl -fsSL https://tailscale.com/install.sh | shConnect to Your Tailnet
sudo tailscale upThis prints an authentication URL. Open it in your browser and log in to approve the device. Check the assigned IP:
tailscale ip -4Enable Subnet Routing
To expose your Breeze's local subnet to other Tailscale nodes:
sudo tailscale up --advertise-routes=10.0.0.0/24
echo "net.ipv4.ip_forward = 1" | sudo tee -a /etc/sysctl.conf
sudo sysctl -pApprove the subnet route in the Tailscale admin console under Machine Settings.
Enable MagicDNS
MagicDNS lets you reach nodes by hostname instead of IP. Enable it in the admin console under DNS settings. You can then SSH into any node using:
ssh user@my-breezeAccess Control
Tailscale ACLs let you restrict which nodes can communicate. Edit the policy file in the admin console to define group-based rules for granular network segmentation.