If a new node got added to my domain, it reached out to co-ordination server and publishes its public key under a given domain. In this case, how does new node’s public key get propagated to other nodes that are already up and connected to each other ?
I read “How tailscale works” blog and could not find answer to this question.
Our control server will send out the new public keys in network map updates. Every tailscale client listens for these network map updates and when they get one they will update their state accordingly. A new node joining the network will cause a network map update to be sent with that node’s public key.
Hope this helps clear things up.
Thanks for the reply. Do you have any scalability concerns with this approach ? Like for a large enterprise, there might be thousands of nodes. With one other node joining, co-ordination server now has to update thousands of nodes.
We’re not particularly worried. We have lots of room for growth in our current design, and the scalability changes beyond that are known and work but not hard.
Appreciate your reply !