Why does localhost work?

Hi!

This might be a very stupid question, so please excuse me if it is! I have MariaDB on a Synology NAS with TS installed on it. Only root has access to the database from localhost, 127.0.0.1 and ::1:

image

But still, I am able to successfully connect from my notebook if TS is enabled.

Why does this work? I expected it to refuse connection.

Have a nice weekend

Thorsten

In userspace-networking mode, which is common on the Synology when /dev/tap is not available, Tailscale can only forward connections in a non-transparent way, so when you connect to the mysql port on the Tailscale IP address, Tailscale itself handles the client connection, opens a socket to the server on the local machine, and then passes traffic between the two sockets. To server processes on the machine, in this mode connections will appear to come from the local machine.

Ahhhh, ok, thank you for the enlightenment!!! I followed the manual install instructions on Access Synology NAS from anywhere · Tailscale, it created the /dev/tun device and everything worked as expected. Very interesting and one more little piece I’ve learned… :slight_smile:

Have a nice weekend

Thorsten