home / mcp / tailscale mcp server
Provides read-only access to Tailscale data via MCP-compatible clients, including status, devices, IPs, DNS, and network diagnostics.
Configuration
View docs{
"mcpServers": {
"paulsmith-tailscale-mcp-server": {
"command": "tailscale-mcp-server",
"args": []
}
}
}You can run a read-only MCP server that exposes your Tailscale network to MCP-compatible clients. It executes safe Tailscale commands on demand, giving you visibility into status, devices, IPs, DNS, and connectivity without making configuration changes to your network.
Install and run the MCP server on a system that has the Tailscale CLI installed. Then connect an MCP client to the local server to query status, devices, IPs, DNS, and network health. You can ask the client to perform read-only checks and gather diagnostics without altering any settings.
Prerequisites you need before installing: - Go is installed on your machine to build from source. - Tailscale CLI must be installed and available in your PATH. - An MCP-compatible client such as Claude Desktop.
Install the MCP server by building from source and placing the binary on your PATH. Run the following command to install the latest version:
go install github.com/paulsmith/tailscale-mcp-server@latestConfigure your MCP client to connect to the local MCP server. Use the following client configuration snippet to register the server. This example shows the server named tailscale with its command.
{
"mcpServers": {
"tailscale": {
"command": "tailscale-mcp-server"
}
}
}Security and usage notes help you operate safely. The server provides read-only access to your Tailscale network. It only permits subcommands deemed safe by the underlying tailscale CLI and executes commands with your user permissions. You are exposing your Tailscale network to an MCP client, so be mindful of the security implications when using sensitive data.
Configuration and behavior details include what you can query, how to run the server, and what to expect from the available tools and prompts. The following sections summarize practical usage and troubleshooting steps to keep your setup reliable.
If you encounter issues, verify the binary path is correct, ensure the Tailscale CLI is accessible from your environment, and consult the client logs for errors. Common problems include the MCP server not appearing in the client, command execution errors, or permission-related failures.
Development and contribution information covers how the server is built, tested, and extended. The project uses standard Go tooling for building and a straightforward workflow for extending prompts or tooling.
Run safe Tailscale commands to retrieve read-only information about the network, such as status, devices, and DNS settings.
Return the Tailscale IP addresses assigned to your devices and interfaces.
Provide an overview of the current tailnet, devices, online/offline status, and basic network health.
Assess overall network connectivity within the Tailnet and identify potential issues.
List available exit nodes in your Tailnet for traffic routing options.
Look up information about a specific Tailscale IP address.
Ping a specified Tailnet host to verify reachability and latency.
Return DNS diagnostic information used by Tailnet, including resolver settings.