Need help with developing a network application to work with TailScale on Windows

Some years ago I wrote an application that has remote management functionality like Team Viewer. It allows you to see and optionally control a user’s Desktop remotely. The application was written to work on a LAN, with plans to make it usable across the internet in the future. I never go around to it as it’s not really an easy task given that I would have had to design ways to get around NAT in routers and firewalls.

However, I recently discovered TailScale and loved how easy and fast it was to set up. Remote management is a big deal for us as it helps us to solve problems with clients from the comfort of our home. We also use Team Viewer and Remote Desktop for this purpose and TailScale has solved a lot of issues for us related to security, port forwarding and firewalls. Now I want to use my own software for remote management since I can easily tailor it to our needs specifically. Team Viewer and Remote Desktop are good but they have a few gripes that could be avoided by using the software that I wrote mentioned in the first paragraph. Thanks to TailScale, I don’t have to worry about firewalls and forwarding ports which would make deployment very easy. My application is already designed to work with a LAN so it fits perfectly with TailScale’s networking topology which is basically a LAN that’s layered on top of the internet.

However, there is a big piece missing which is broadcasting. My program is actually two programs. One is a server-like Windows Service which listens for broadcasts on the LAN. It is also the piece that allows remote viewing and remote control. The other piece is a client which sends broadcasts to discover which computers on the LAN has the service. I can easily select which computers I want to see and control from the client. In other words, broadcasting is how I’m able to find my service on LAN machines.

I’ve read from the TailScale documentation that it doesn’t set up broadcast domains which means I cannot use broadcasting for discovery in a TailScale VPN. Currently, I’m toying with the idea of simply doing a scan of the entire network but I would like to avoid this since as far as I can tell, a TailScale subnet could have something like 16 million possible unique hosts. I really don’t want to have to resort to such a barbaric way of doing things. I’ve also looked at the API which seem to have promise since it can give you a list of devices on a network but this turned out to be a dead end since I cannot find a way to tell it to specifically search the network that the current computer is logged into.

Perhaps there is a way to do what I want efficiently. If there is, I would like someone to point me in that direction. Thanks in advance.

Hi, you should be able to use the tailscale localapi to get a list of tailscale nodes on your network if you want. It’s the same thing that tailscale status --json uses (or you can run that command and parse the output).

We also have a service list: https://login.tailscale.com/admin/services which can be used to track which open ports are on each node. But that might be overkill for your purpose.

Wow. A very timely response!

Hi, you should be able to use the tailscale localapi to get a list of tailscale nodes on your network if you want. It’s the same thing that tailscale status --json uses (or you can run that command and parse the output).

Thank you very much. This is EXACTLY what I need. I can get a list of hosts or nodes as you guys call them and then I can have my application check each one for the service.

We also have a service list: Tailscale which can be used to track which open ports are on each node. But that might be overkill for your purpose.

Yea I looked into that but I’m not exactly sure how I could make use of this from my own application code. As a glance it would appear that I would have to parse that web page for the information I want and then I’m not even sure how that would be authenticated. I just couldn’t see a straightforward way of using it. In any case, the CLI parameters you provided is more than enough for me to work with. Thank you very much.

I think in theory you can query the Service list using the Tailscale API: https://github.com/tailscale/tailscale/blob/main/api.md but I don’t know if we’ve exposed the service list through the public API yet. Anyway, if the localapi does what you want, you’re all set. Enjoy!

I think in theory you can query the Service list using the Tailscale API: tailscale/api.md at main · tailscale/tailscale · GitHub but I don’t know if we’ve exposed the service list through the public API yet

I don’t think you guys have exposed the service list on the public API, at least I don’t see anything that looks like it documented. In any case, the problem with the public API is that I can’t see a way to tell the API to only look at the network I’m currently logged into and even if it did, I imagine that it would require me to authenticate the request which would complicate my own code. The local API is perfect for this scenario because it will already be authenticated. All I have to do is call the CLI and parse the output.