1. Security & “Expose‑or‑Protect” Debate
Users are split on whether to use Tailscale’s funnel (public‑URL) feature or keep services behind the VPN.
- “Please be aware that when you use tailscale funnel you announce to the whole world that your service exists… If you don’t believe me just put up a simple http server and watch the scanning request come in within seconds of running tailscale funnel.” – gnyman
- “Do not expose anything without authentication.” – gnyman
2. Self‑hosted vs. Cloud‑based Control Plane
The community is actively evaluating alternatives to Tailscale’s SaaS, weighing sovereignty, cost, and control.
- “I see Pangolin has a Self‑Host Community Edition… I am considering both for a migration from Tailscale.” – edentrey
- “NetBird is Germany‑based and explicitly positions itself as a European alternative… Headscale is a toy.” – moonlightbandit
3. Feature‑set & Usability
Ease of setup, DNS integration, ACLs, and mobile support are key differentiators.
- “NetBird is a complete package, unlike tailscale where you need to modify registry keys to change the cloud URL and headscale is a simplified, non‑multi‑tenant signaler.” – braginini
- “The DNS functionality is excellent… only real and very minor gripe is the Android app.” – usagisushi
4. Reliability, Performance & Support
Many users report flaky clients, DNS glitches, and limited enterprise‑grade support.
- “I had to get it working reliably for 10‑15% of users… the client failed intermittently with no clear pattern.” – binnacle
- “Netbird works quite well, but it would keep messing with my dns‑resolving… I had to remove netbird from all my systems.” – sigio
These four themes capture the core concerns and priorities that dominate the discussion.