|
|
|
|
|
|
by apenwarr
1830 days ago
|
|
|
MacOS, iOS, and Linux clients can use your native OS updates. Windows needs to be updated by hand or with something like chocolatey or MDM. But more importantly, we have a policy of not breaking old clients if we can possibly avoid it. So far we have never deprecated old clients. We extend our protocols in a backward compatible way, because unilaterally breaking your network infrastructure… really sucks. The way tailscale networks (tailnets) work is probably not how you’re used to thinking about them. Each node has its own view of the world, based on which nodes and services are shared with it in particular. We have security policy settings per domain, and a node sharing UI that lets you share any of your devices with anyone else. The default model is that all devices belonging to someone in the same domain, say tailscale.com, can see each other. But we’re working on making that even more flexible since it doesn’t always do what you want for huge orgs (like universities). |
|
|
Do you think it is sufficient to rely on update channels via distributions? Wouldn't a bug in your code potentially expose an internal node to the internet?
> Each node has its own view of the world
I haven't read the docs enough, but can a node belong to many domains at once? If so, does it need one port per domain that it is shared on?