New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
¿Properly route subnet in Tailscale Exit?
hades_corps
Member
I am trying to route all of my home network through a Tailscale exit. I am using GL.iNet which already have Tailscale built-in. The exit node is inside a Debian 12 LXC inside Proxmox on a VPS.
so far I have these setup:
- Allow TUN inside LXC (other devices can connect and exit just fine).
- Added these to /etc/sysctl.conf
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
- Added these are in /etc/network/interfaces
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -o tailscale0 -j MASQUERADE
- Exit node announce local IP range.
What am I missing?
Comments
Did you also approve the subnet route announcements in the Tailscale interface and then tell each of your clients to accept the routes?
https://tailscale.com/kb/1019/subnets
Yes, I did approve it. There is only 1 exit and I expect the client on gateway should accept by default.
It doesn't accept by default. You need to use the --accept-routes flag on every client that you want to allow to route traffic over your subnet.