mirror of
https://github.com/tailscale/tailscale.git
synced 2025-08-11 05:07:33 +00:00
Updated Glossary (markdown)
Brad Fitzpatrick
28
Glossary.md
28
Glossary.md
@@ -1,14 +1,26 @@
|
|||||||
# Glossary of Tailscale Terminology
|
# Glossary of Tailscale Terminology
|
||||||
|
|
||||||
|
## ACL
|
||||||
|
|
||||||
|
Access Control List. See https://tailscale.com/kb/1018/acls
|
||||||
|
|
||||||
## CLI
|
## CLI
|
||||||
|
|
||||||
Command Line Interface. On Linux, macOS, and Windows, [Tailscale comes with a CLI interface](https://tailscale.com/kb/1080/cli) to control
|
Command Line Interface. On Linux, macOS, and Windows, [Tailscale comes with a CLI interface](https://tailscale.com/kb/1080/cli) to control
|
||||||
Tailscale that offers a few more options than are available with the GUI (Graphical User Interface) clients.
|
Tailscale that offers a few more options than are available with the GUI (Graphical User Interface) clients.
|
||||||
|
|
||||||
|
## Domain
|
||||||
|
|
||||||
|
A Tailscale Domain is a network. Each email domain is (currently) its own domain. So users `foo@example.com` and `bar@example.com` are both in the `example.com` domain and can potentially access each others' nodes (subject to the domain's ACL). Shared email providers like `@gmail.com` are treated specially and each email address is considered its own isolated domain.
|
||||||
|
|
||||||
|
See https://tailscale.com/kb/1013/sso-providers
|
||||||
|
|
||||||
## Identity Provider
|
## Identity Provider
|
||||||
|
|
||||||
Somebody who proves you are who you say you are: Google, Okta, Microsoft, etc. Tailscale is not an identity provider (there are no Tailscale passwords, for instance); we're a "relying party" of other identity providers.
|
Somebody who proves you are who you say you are: Google, Okta, Microsoft, etc. Tailscale is not an identity provider (there are no Tailscale passwords, for instance); we're a "relying party" of other identity providers.
|
||||||
|
|
||||||
|
See https://tailscale.com/kb/1013/sso-providers for supported identity providers.
|
||||||
|
|
||||||
## Machine
|
## Machine
|
||||||
|
|
||||||
A specific physical device, regardless of who uses it.
|
A specific physical device, regardless of who uses it.
|
||||||
@@ -17,10 +29,26 @@ A specific physical device, regardless of who uses it.
|
|||||||
|
|
||||||
A public/private keypair per machine. Multiple users can use a single machine (e.g. different logins on that mac/windows/linux desktop) but they'll all have the same machine key. Each user on that machine is then a unique Node.
|
A public/private keypair per machine. Multiple users can use a single machine (e.g. different logins on that mac/windows/linux desktop) but they'll all have the same machine key. Each user on that machine is then a unique Node.
|
||||||
|
|
||||||
|
## SSO
|
||||||
|
|
||||||
|
Single Sign-On. A way to log in to site B using the identity of site A. See [Identity Provider](#identity-provider).
|
||||||
|
|
||||||
|
## NAT
|
||||||
|
|
||||||
|
[Network Address Translation](https://en.wikipedia.org/wiki/Network_address_translation). To see how Tailscale gets through NATs, see [How NAT Traversal Works](https://tailscale.com/blog/how-nat-traversal-works/).
|
||||||
|
|
||||||
## Node
|
## Node
|
||||||
|
|
||||||
A combination of a user & machine.
|
A combination of a user & machine.
|
||||||
|
|
||||||
|
## Peer
|
||||||
|
|
||||||
|
Another node that your node is trying to talk to. They might be part of your domain or not.
|
||||||
|
|
||||||
|
## Tunnel
|
||||||
|
|
||||||
|
In VPNs, the term "tunnel" usually refers to a virtual tunnel between the your machine and a peer you're trying to talk to.
|
||||||
|
|
||||||
## WireGuard
|
## WireGuard
|
||||||
|
|
||||||
WireGuard is the underlying cryptographic protocol that Tailscale speaks. See https://www.wireguard.com/
|
WireGuard is the underlying cryptographic protocol that Tailscale speaks. See https://www.wireguard.com/
|
||||||
|
|||||||
Reference in New Issue
Block a user