Hi,
About a year ago I started working on my home-server because I wanted to host my own media server separate from my PC. I found an old broken Fujitsu u772 online and started working on it. The reason behind using this laptop as a home-server was that it consumes very minimal power and it was very cheap.
I’m currently running:
- Intel® Core™ i5-3317U 8 Gb ram on the u772
- Debian 11.8 Bullseye
- Tailscale v1.50.1
- CasaOS v0.4.4.2
- Docker
- Plex Media Server from linuxserver
- Few other containers
I have been using Plex from my local network, and it was working fine and the power consumption was low, usually around 3Wh. One of my friends asked if he could use my plex and I said sure why not. So I researched how could i make it available for him without opening a port through my router.
I found tailscale’s funnel option which is perfect for this use case, so I set it up to forward the plex port to the magicDNS created for my home-server by Tailscale. And it is working fine with a bit of quality degradation but I think that’s expected and acceptable.
However, the power consumption has more than tripled without a connection to the Plex server from the “outside”, staying around 10Wh which is not that much either, but still, I think it’s strange since the top command’s output says that the tailscale process is sleeping, so I guess it is waiting for a connection from the Funnel server.
I read the documentation of the funnel option, and it only says that, and I quote:
When you turn Tailscale Funnel on, we set up public DNS records for your device’s combined name and tailnet name (e.g. amelie-workstation.pango-lin.ts.net) to point to Funnel relay servers that we operate. When someone accesses that URL with a TLS-encrypted TCP connection, our Funnel servers accept the incoming request and send a TCP proxy over Tailscale to your node.
In my understanding, until the Funnel server makes a connection to the Tailscale running on my home-server, it should not do much more work than usual.
So my question is: Does anybody know if this is a normal behaviour from Tailscale or did I mess something up
Also if I switch to an open port through my router and send the containerized plex port through it, would that be any risk for my home network?
Thank you for the help in advance, and sorry if this question is silly, but I wouldn’t say I’m an expert on the topic, and couldn’t find anything about this.