Tailscale 1.72.1 - 2024-08-22

December 23, 2023

Tailscale makes secure networking easy

Achieve point-to-point network connectivity that enforces least privilege.

Deploy a zero-config, no-fuss VPN

Deploy a WireGuard®-based VPN that eliminates single points of failure.

Securely access resources on any infrastructure

Granularly segment your network to ensure the right users get access to the right resources.

Unlock site-to-site networking

Connect clouds, VPCs, and on-premises networks without opening firewall ports with NAT traversal.

Your home away from home

Access your homelab, personal devices, and dev environments wherever you are — for free.

Info:

Link:

January 19, 2024

Jan 18, 2024

Tailscale v1.58.0

Update instructions →

ALL PLATFORMS

The number of 4via6 site IDs are increased from 256 to 65,536
Taildrop allows category Z unicode characters
DERP flapping (flipping back and forth between two regions rapidly) is reduced when there’s still an active connection for the home DERP server
Portmap checks the epoch from NAT-PMP & PCP, and establishes a new portmapping if it changes
Portmap better handles multiple interfaces
Portmap handles multiple UPnP discovery responses
Increased binary size with Tailscale 1.56 is resolved
Web interface issue related to accessing shared devices
Web interface login issue when accessed over HTTPS

LINUX

Shell shebang is added in postinstall script, which fixes some Debian installations

MACOS

DNS Settings view is added and displays the DNS configuration used when Tailscale is running
Quit the app without terminating the VPN tunnel by holding down the Option button and selecting Quit (Leave VPN Active)
Toggle Tailscale shortcut action can be used to connect or disconnect the VPN tunnel, depending on its current state
The KeyExpirationNotice system policy is now supported to customize the time interval before a key expiration notice is displayed to the user
The web interface is now supported in the standalone variant of the client
Onboarding flow includes a step to ask the user to approve key expiry notifications
Onboarding flow asks the user to approve the system extension if necessary, when using the standalone variant of the client
Pre-Sonoma compatibility is improved
VPN tunnel terminates upon closing the app
Opening the About window triggers a check for updates
The standalone variant of the client checks for updates every 72 hours

IOS

Toggle Tailscale shortcut action can be used to connect or disconnect the VPN tunnel, depending on its current state. Ideal for the Action Button on iPhone 15 Pro.
The KeyExpirationNotice system policy is now supported to customize the time interval before a key expiration notice is displayed to the user
Sign button in the Tailnet lock device sign view is rendered correctly
Connectivity is no longer lost when transitioning from Wi-Fi to Cellular while an exit node is in use

WINDOWS

The web interface is now supported
The lookup for netsh.exe uses the absolute path instead of the relative path
ADMX system policy descriptions are now available
Vestigial wintun support is removed, which might have caused Chocolatey installs to break
A goroutine leak in winMon no longer occurs if the monitor is never started
“This package requires Windows 10 or newer” message no longer falsely displays during an uninstall or repair

ANDROID

Active network change detection is improved

TVOS

Improvements to persistence of the client when running in the background

KUBERNETES OPERATOR

A Connector custom resource is added, allowing users to configure the operator to deploy an exit node, subnet router, or both
A warning displays if the unsupported ingress Exact path type is used
StatefulSet labels are synced to their Pods
A Tailscale IngressClass resource is added
Extra long Service names are properly truncated

CONTAINERS

Experimental support is added for configuring tailscaled using a mounted config file
Tailscale images now contain layers of the same media type and can be parsed by Podman and Buildah

Info:

Link:

January 24, 2024

Changelog

Updates to the Tailscale client and service.

Jan 23, 2024

Tailscale v1.58.2

Update instructions →

Note: The 1.58.1 release needed to be re-done. Use 1.58.2 instead.

ALL PLATFORMS

App connectors have improved scheduling and merging of route changes under some conditions
Crash when performing UPnP portmapping on older routers with no supported portmapping services

MACOS

Opening the About window no longer displays a user interface when there is no newer version

Info:

Link:

February 18, 2024

Tailscale v1.60.0

Update instructions →

ALL PLATFORMS

tailscale status command output now includes location-based exit nodes
tailscale web command flag --read-only is added to run the web UI in read-only mode
A warning is logged when unable to find SSH host keys
Support added for legacy “urn:dslforum-org” port mapping services
Build with Go 1.22
Detect when Tailscale is running on Digital Ocean and automatically use Digital Ocean’s DNS resolvers
Expose gVisor metrics in debug mode
Improve error message when running as non-root
A valid login page is presented to users when attempting to log in even after leaving device unattended for several days
An issue with noisy peer mtu discovery errors
A potential crash when no supported port mapping services are found

WINDOWS

tailscaled could be slow or cause increased CPU usage with large routing tables

Info:

Link:

May 18, 2024

Tailscale v1.66.3

Update instructions

Note: Tailscale v1.66.2 was an internal-only release.

All platforms

Login URLs did not always appear in the console when running tailscale up.

Android

Reintroduced the Quick Settings title that v1.66.0 temporarily removed.
Improved the VPN service connection logic, especially when rebooting the device with Always-On VPN enabled.
The persistent VPN status notification now informs the user with a muted icon when the VPN is disconnected. VPN status notifications can be disabled in the system notification settings.
The "Enable" button in the exit node selector banner now renders with the correct background color.

Kubernetes operator

Breaking change: Starting with v1.66, the Kubernetes operator must always run the same or later version as the proxies it manages.
Expose cloud services on cluster network to the tailnet, using Kubernetes ExternalName Services. This allows exposing cloud services, such as RDS instances, to tailnet by their DNS names.
Expose tailnet services that use Tailscale HTTPS to cluster workloads. Refer to #11019.
Cluster workloads can now refer to Tailscale Ingress resources by their MagicDNS names. Refer to #11019.
Configure environment variables for Tailscale Kubernetes operator proxies using ProxyClass CRD. Refer to ProxyClass API.
Expose tailscaled metrics endpoint for Tailscale Kubernetes operator proxies through ProxyClass CRD. Note that the tailscaled metrics are unstable and will likely change in the future. Refer to ProxyClass API.
Configure labels for the Kubernetes operator Pods with Helm chart values. Refer to Helm chart values.
Configure affinity rules for Kubernetes operator proxy Pods with ProxyClass. Refer to ProxyClass API.
Kubernetes operator proxy init container no longer attempts to enable IPv6 forwarding on systems that don't have IPv6 module loaded. Refer to #11867.

Containers

Tailscale containers running on Kubernetes no longer error if an empty Kubernetes Secret is pre-created for the tailscaled state. Refer to #11326.
Improved the ambiguous error messages when Tailscale running on Kubernetes does not have the right permissions to perform actions against the tailscaled state Secret. Refer to #11326.

Dark mode in the admin console

Use the Light, Dark, or Use system setting theme in the admin console by clicking the avatar menu on the top-right and selecting Appearance. The default theme is Use system setting.

Link:

June 16, 2024

Tailscale v1.68.0

Update instructions

All Platforms

Auto-updates are available for containers. The tailnet-wide default is ignored in containers.
When enabled, auto-updates get applied even if the node is down or disconnected from the coordination server.
tailscale lock status now prints the node's signature.
Go is updated to version 1.22.4.

Windows

.exe installer no longer downloads MSI packages for Windows 7 and Windows 8, automatically. See the v1.42.0 changelog for our initial end of life announcement.

macOS

Standalone variant of the client can now install a launcher for the Tailscale CLI in /usr/local/bin by going to Settings, CLI integration, then Show me how.
Standalone variant of the client now supports notifications when a file is received using Taildrop.
Pop-up notification displays when a network might be vulnerable to a potential TunnelVision attack. For more information, see TunnelVision vulnerability and Tailscale.
Client starts up more reliably if another VPN app is running when Tailscale is enabled.
.pkg installer terminates pre-existing copies of Tailscale and the VPN extension before proceeding with installation if Tailscale was already installed.
TunnelBear installation is properly detected, and warns the user about incompatibility.
Using Exit Node label no longer appears incorrectly in the app menu before completing onboarding, upon the first time app launch.
Fixed a bug with split DNS domains being used as search domains after a network change.

iOS

Battery life is optimized by offloading DNS resolution to iOS in more cases.
Client now starts more reliably if another VPN app is running when Tailscale is enabled.
Bug report view no longer copies the bug report ID to the clipboard automatically.
Reauthenticate button for in-app key expiry notifications works as expected.
Dark mode contains minor changes to UI colors.
Fixed a bug with split DNS domains being used as search domains after a network change.

tvOS

Client now starts more reliably if another VPN app is running when Tailscale is enabled.
Reauthenticate button for in-app key expiry notifications works as expected.

Android

On-off toggle state better matches the actual client state.
Status notifications when Tailscale is disconnected are now background notifications, and tapping on notifications launches the Tailscale app.
Client starts automatically after the first login.
System policy (MDM) support is added for mandatory exit nodes.
Organization name is now rendered properly when set in the ManagedByOrganizationName system policy.
Crashing no longer occurs when launching Tailscale and another VPN application was already running.
Running an exit node no longer lets you use another device as an exit node and vice versa.
Home screen shows the selected exit node country and city when using Mullvad exit nodes.

Note: The Tailscale client releases for containers such as the Kubernetes operator, Docker image, and tsrecorder are typically released a few days after the initial client release. A separate changelog will be published when client updates for containers are available.

Info:

Link:

July 25, 2024

Tailscale v1.70.0

Update instructions
All platforms

    Restrict recommended and automatically selected exit nodes using the new AllowedSuggestedExitNodes system policy. Applies only to platforms that support system policies.
    Improved NAT traversal for some uncommon scenarios.
    Optimized sending firewall rules to clients more efficiently.
    Exit node suggestion CLI command now prints the hostname (which you can use with the tailscale set command).
    Taildrive share paths configured through the CLI resolve relative to where you run the tailscale command.

Linux

Switching from unstable to stable tracks using the tailscale update command now works correctly.

Windows

    Use the value auto:any to automatically select an exit node for the existing ExitNodeID system policy. Available for Enterprise plan users only.
    The new AllowedSuggestedExitNodes system policy restricts which exit nodes Tailscale recommends or automatically selects.
    DNS leak issue.
    Switching from unstable to stable tracks using the tailscale update command now works correctly.
    Taildrive server no longer starts unnecessarily when no drives are configured.

macOS

Note: As previously announced, Tailscale v1.70 is the last version to support macOS 10.15 Catalina. macOS 10.15 is no longer supported by Apple and no longer receives security updates. Users still running macOS 10.15 should update to a newer version of macOS to continue receiving security updates and new features.

    Toggle Tailscale DNS from Siri or the Shortcuts app.
    Receive health notifications in the client menu on macOS to inform you about lack of internet connectivity, firewalls blocking Tailscale, misconfiguration issues, and other issues. Health issues that affect connectivity also change the Tailscale icon in the system menubar to show an exclamation mark.
    On MacBooks with a notch in the display, a notification window will now appear if the Tailscale icon is hidden behind the notch due to too many menubar items.
    The Tailscale client now warns you when the built-in macOS content filter (Screen Time) prevents Tailscale from connecting.
    Use the value auto:any to automatically select an exit node for the existing ExitNodeID system policy. Available for Enterprise plan users only.
    The exit node picker no longer presents exit node suggestions if the organization enforces always using the suggested exit node using the ExitNodeID system policy.
    Disconnect shortcut no longer connects to the VPN tunnel if executed when Tailscale is disconnected.
    Taildrive server no longer starts unnecessarily when no drives are configured.
    Increased the reliability of the Install Updates Automatically setting.

iOS

    Toggle Tailscale DNS from Siri or the Shortcuts app.
    Use the value auto:any to automatically select an exit node for the existing ExitNodeID system policy. Available for Enterprise plan users only.
    wireguard-go memory pool deadlock issue is resolved.
    Disconnect shortcut no longer connects to the VPN tunnel if executed when Tailscale is disconnected.
    User interface no longer flickers when selecting an exit node.

tvOS

    Use the value auto:any to automatically select an exit node for the existing ExitNodeID system policy. Available for Enterprise plan users only.
    wireguard-go memory pool deadlock issue is resolved.
    User interface no longer flickers when selecting an exit node.

Android

    Access ping information and connection status by long-pressing on a device in the devices list and selecting Ping.
    Use split tunneling to force or exclude app traffic through your tailnet.
    wireguard-go memory pool deadlock issue is resolved.

Info:

Link:

August 23, 2024

Tailscale v1.72.1
Update instructions

Tailscale v1.72.1 addresses a Linux-specific issue, and is exclusively released for the Linux platform and containers.
Linux

DNS over TCP failures when querying the Tailscale-internal resolver are fixed.

Tailscale Docker image v1.72.1

A new release of the Tailscale Docker image is available. You can download it from Docker Hub or from our GitHub packages repo.

DNS over TCP failures when querying the Tailscale-internal resolver are fixed.

Tailscale Kubernetes operator v1.72.1

A new release of the Tailscale Kubernetes operator is available. For guidance on installing and updating, see installation instructions.

DNS over TCP failures when querying the Tailscale-internal resolver are fixed.

Tailscale tsrecorder v1.72.1

A new release of the Tailscale tsrecorder is available. You can download it from Docker Hub.

DNS over TCP failures when querying the Tailscale-internal resolver are fixed.

Link:

Tailscale 1.72.1 - 2024-08-22

Recommended Posts

FunkyBuddha

Tailscale makes secure networking easy

Deploy a zero-config, no-fuss VPN

Securely access resources on any infrastructure

Unlock site-to-site networking

Your home away from home

FunkyBuddha

Tailscale v1.58.0

ALL PLATFORMS

LINUX

MACOS

IOS

WINDOWS

ANDROID

TVOS

KUBERNETES OPERATOR

CONTAINERS

FunkyBuddha

Changelog

Tailscale v1.58.2

ALL PLATFORMS

MACOS

FunkyBuddha

Tailscale v1.60.0

ALL PLATFORMS

WINDOWS

FunkyBuddha

Tailscale v1.66.3

All platforms

Android

Kubernetes operator

Containers

Dark mode in the admin console

FunkyBuddha

Tailscale v1.68.0

All Platforms

Windows

macOS

iOS

tvOS

Android

FunkyBuddha

FunkyBuddha

Please sign in to comment

Browse

Activity