[Orou]

Are there any major benefits to using Tailscale over vanilla Wireguard?

[tlrobinson]

On the flip side, the main downside I found was my travel router supports vanilla WireGuard but not Tailscale.

[0xCMP]

NAT busting is a plus. Avoid needing DDNS and opening a port. Also easier setup for accessing other stuff on the network via that computer vs up/down rules with a standard wg config.

For a small setup thats the big thing, but for anything a little more it does key rotation, handles ips for you, and offers "magic dns" which makes all the devices get a nice DNS address when tailscale is on.

[aborsy]

NAT busting is a minus. If apps can create holes in your network and “bust your NAT,” your network is not well secured; you should disable UPnP and filter egress.

Also, you gain simplicity but give up to coordination servers, that can be a privacy and security problem.

[rwbhn]

Tailscale isn't using UPnP. See https://tailscale.com/blog/how-nat-traversal-works/

[istjohn]

That was an interesting read. Turns out they do use UPnP, but it's just one of many tools they turn to when other techniques fail.

[trulyme]

Sidenote: this is a fantastic writeup.

[hobofan]

UX. Compare the quick start of Wireguard[0] and Tailscale[1].

[0]: https://tailscale.com/kb/1017/install/

[1]: https://www.wireguard.com/quickstart/

[Macha]

In their benefits:

> Host a private server for you and your peers. Use it to play Minecraft together or chat together on Discord.

I don't think the documentation writer knows how discord works. There's no private/self-hosted option