Peer Relays are the best new feature added to Tailscale in a long time, and you can set them up for free.
If you’ve ever tried to connect to your home server from outside your network, you’ve probably encountered at least one of a few obstacles, such as firewalls, double NAT, ISP restrictions, or any other wide range of issues. That’s why Tailscale’s new «Peer Relays» feature is a game-changer, and while it’s currently in beta, it might improve your network’s connectivity dramatically.
Peer Relays are a very simple concept: in essence, they allow devices within your Tailnet (so your private, encrypted Tailscale network) to act as high-throughput relays when direct connections aren’t possible. Instead of relying on Tailscale’s global DERP (Designated Encrypted Relay for Packets) infrastructure, which can sometimes add latency or throttle throughput, you can now use one of your own devices to relay traffic.
For self-hosters this may seem like a small change, and in a way, I guess it is, but it could have a huge impact on how fast and reliable your connections are to your self-hosted services. Plus, every user gets two for free.
Peer Relays are better than DERP
But they don’t replace DERP
Tailscale already does an excellent job of connecting devices directly using WireGuard tunnels, automatically traversing NATs and firewalls whenever possible and even bypassing CGNAT as a result. But when it can’t achieve a direct connection, it falls back to DERP servers. These globally distributed relays are secure and reliable, but because they route traffic through Tailscale’s infrastructure, they can also introduce additional latency and bandwidth bottlenecks.
