

Two separate functions should go into two separate nodes
- Run Tailscale binary on host. Connect to Jellyfin server using that node’s IP address.
and
- Run Gluetun + another Tailscale instance in containers. Don’t use host networking, use bridge or something else. Connect to that node as an exit node
As an (advanced) alternative to Gluetun + Tailscale I propose tswg (my project)
If both your Jellyfin server and your siblings are behind residential CGNAT, then high chance your connections are relayed through Tailscale’s DERP servers. You can check with
tailscale ping
-ing your sibilings’ nodes.If this is the case, you may consider selfhosting your own DERP somewhere close to you, but I’d argue the performance gains are minimal compared to the extra costs. Another solution would be to enable IPv6 for both you and your siblings, skipping NAT traversal. I just hope both ISPs support it and support it properly in $CURRENT_YEAR.
This is all assuming you can direct play (i.e. not transcoding) your media. If you’re transcoding, then it’s good to look into hardware acceleration like the other comment mentioned, too