Alexstrasza Posted May 18, 2021 Share Posted May 18, 2021 3 hours ago, eric.frederich said: I currently have WireGuard working with UnRaid via the Dynamix WireGuard plugin. What do I need to do if I want to try out this TailScale? Can both run at the same time or do I need to uninstall the WireGuard plugin? I only have two clients, so I don't care if they're lost. They can both run independently, so feel free to try it out! Quote Link to comment
eric.frederich Posted May 18, 2021 Share Posted May 18, 2021 1 hour ago, Alexstrasza said: They can both run independently, so feel free to try it out! Cool thanks for the reply. Maybe you can clarify something for me then. It's my understanding that: WireGuard is baked into the Linux kernel TailScale is built on top of WireGuard The Dynamix WireGuard plugin for UnRaid simply provides a web-ui to manage the WireGuard already baked into the kernel. Is all of that correct? If so, I'm curious how they don't conflict with each other. Quote Link to comment
Alexstrasza Posted May 18, 2021 Share Posted May 18, 2021 1 hour ago, eric.frederich said: Cool thanks for the reply. Maybe you can clarify something for me then. It's my understanding that: WireGuard is baked into the Linux kernel TailScale is built on top of WireGuard The Dynamix WireGuard plugin for UnRaid simply provides a web-ui to manage the WireGuard already baked into the kernel. Is all of that correct? If so, I'm curious how they don't conflict with each other. Correct on all three counts! However there is a bit more nuance to it. Whilst Wireguard can be used with a kernel implementation (which I believe is more efficient, so less CPU usage) it can also be implemented in software. Tailscale at the moment exclusively uses the software implementation to ease cross-platform compatibility, although there are plans in the future to link in with the kernel system on systems with support. This means it's technically not speaking with the system implementation at all at the moment. As for compatibility in general, as far as I'm aware any number of systems can use the underlying Wireguard technology, as long as they don't use conflicting address spaces (this is true with any VPN afaik and in my experience). Since Tailscale uses the rare 100. address range, it's incredibly unlikely to conflict with anything else provided you haven't manually specified that same range for the Unraid Wireguard tunnels. Quote Link to comment
sdchew Posted June 19, 2021 Share Posted June 19, 2021 (edited) I'm having a hard time trying to get tailscale docker to run. I'm on UnRAID 6.9.2 and tailscale just crashes when I'm trying to start the container. I'm getting the following error message 2021/06/19 03:50:01 logtail started 2021/06/19 03:50:01 Program starting: vdate.20210316, Go 1.15.6: []string{"tailscaled", "--state=/state/tailscaled.state"} 2021/06/19 03:50:01 LogID: - zipped - 2021/06/19 03:50:01 logpolicy: using system state directory "/var/lib/tailscale" logpolicy.Read /var/lib/tailscale/tailscaled.log.conf: open /var/lib/tailscale/tailscaled.log.conf: no such file or directory 2021/06/19 03:50:01 wgengine.NewUserspaceEngine(tun "tailscale0") ... 2021/06/19 03:50:01 Starting userspace wireguard engine with tun device "tailscale0" 2021/06/19 03:50:01 Linux kernel version: 5.10.28-Unraid 2021/06/19 03:50:01 is CONFIG_TUN enabled in your kernel? `modprobe tun` failed with: modprobe: can't change directory to '/lib/modules': No such file or directory 2021/06/19 03:50:01 CreateTUN: operation not permitted 2021/06/19 03:50:01 wgengine.NewUserspaceEngine(tun "tailscale0") error: operation not permitted 2021/06/19 03:50:01 wgengine.New: operation not permitted 2021/06/19 03:50:01 flushing log. 2021/06/19 03:50:01 logger closing down 2021/06/19 03:50:01 logtail: dial "log.tailscale.io:443" failed: dial tcp 34.210.105.16:443: setting SO_MARK bypass: operation not permitted (in 35ms) I tried downgrading all the way down to 1.6 but no dice. Console also crashes upon opening and it says the docker container isn't running Any suggestions on how to proceed? Edited June 19, 2021 by sdchew Quote Link to comment
Bandit_King Posted July 4, 2021 Share Posted July 4, 2021 (edited) I recently awitch to this docker but I am still getting windows unspecified errors while transfer files. I thought this would fix the samba errors I was getting because Windows start locking up SMB in recent updates. I even mounted the drive and still get this! Why am I getting these error when using Tailscale is beyond me and GOOGLE is no help. Edited July 4, 2021 by Bandit_King Quote Link to comment
Alexstrasza Posted July 4, 2021 Share Posted July 4, 2021 On 6/19/2021 at 4:53 AM, sdchew said: I'm having a hard time trying to get tailscale docker to run. I'm on UnRAID 6.9.2 and tailscale just crashes when I'm trying to start the container. I'm getting the following error message Have you made sure Privileged is ON? Quote Link to comment
Alexstrasza Posted July 4, 2021 Share Posted July 4, 2021 3 minutes ago, Bandit_King said: I recently awitch to this docker but I am still getting windows unspecified errors while transfer files. I thought this would fix the samba errors I was getting because Windows start locking up SMB in recent updates. I even mounted the drive and still get this! Why am I getting these error when using Tailscale is beyond me and GOOGLE is no help. What exact error is it you are getting? Quote Link to comment
Bandit_King Posted July 4, 2021 Share Posted July 4, 2021 11 minutes ago, Alexstrasza said: What exact error is it you are getting? Error 0x80004005: Unspecified error File transfer and stops in the middle giving this error. Quote Link to comment
Alexstrasza Posted July 4, 2021 Share Posted July 4, 2021 3 minutes ago, Bandit_King said: Error 0x80004005: Unspecified error File transfer and stops in the middle giving this error. That's a pretty strange issue, that's not the error you should get if it's a SMBv1 problem from what I know, the error is normally much more specific. Have you tried posting a general thread in https://forums.unraid.net/forum/55-general-support/? They'll be much better prepared to help you there, this is more of a support thread for Tailscale-specific issues. Unfortunately I think if your non-Tailscale file transfers don't work properly, they are unlikely to work within Tailscale, as the method is exactly the same. Quote Link to comment
dsmith44 Posted July 4, 2021 Author Share Posted July 4, 2021 Version 1.10.1 has been released and container updated. 1 Quote Link to comment
Bandit_King Posted July 5, 2021 Share Posted July 5, 2021 Might be a premissions issue I guess? Quote Link to comment
Ragemachinest Posted July 5, 2021 Share Posted July 5, 2021 23 hours ago, dsmith44 said: Version 1.10.1 has been released and container updated. 23 hours ago, dsmith44 said: Version 1.10.1 has been released and container updated. Does anyone have issues with this release (1.10.1) stopping 5-10 seconds after starting? I tried removing everything and starting fresh with the same result. Log shows a couple of errors: health("dns"): error: rename /etc/resolv.conf /etc/resolv.pre-tailscale-backup.conf: device or resource busy Received error: PollNetMap: EOF peerapi listen("fd7a:115c:a1b0:ab12:4323:ad45:6351:1d6b") error: listen tcp6 [fd7a:115c:a1b0:ab12:4323:ad45:6351:1d6b]:0: bind: cannot assign requested address Quote Link to comment
ripcityhandyman Posted July 5, 2021 Share Posted July 5, 2021 1 hour ago, Ragemachinest said: Does anyone have issues with this release (1.10.1) stopping 5-10 seconds after starting? I tried removing everything and starting fresh with the same result. Log shows a couple of errors: health("dns"): error: rename /etc/resolv.conf /etc/resolv.pre-tailscale-backup.conf: device or resource busy Received error: PollNetMap: EOF peerapi listen("fd7a:115c:a1b0:ab12:4323:ad45:6351:1d6b") error: listen tcp6 [fd7a:115c:a1b0:ab12:4323:ad45:6351:1d6b]:0: bind: cannot assign requested address I am having the same issue, and have also tried removing the appdata/tailscale directory and starting from scratch with the same result. Restarting my server also had no effect. Quote Link to comment
autdaf Posted July 5, 2021 Share Posted July 5, 2021 Has anyone been able to set up tailscale and a sidecar docker container so that the specific container uses sidecar (in my example, my specific container is pihole running on its own fixed IP, so it doesn't benefit from the unraid-wide tailscale inclusion). I've followed this guide but can't really figure it out: https://rnorth.org/tailscale-docker/ Quote Link to comment
dsmith44 Posted July 5, 2021 Author Share Posted July 5, 2021 1 hour ago, Ragemachinest said: Does anyone have issues with this release (1.10.1) stopping 5-10 seconds after starting? I tried removing everything and starting fresh with the same result. Log shows a couple of errors: health("dns"): error: rename /etc/resolv.conf /etc/resolv.pre-tailscale-backup.conf: device or resource busy Received error: PollNetMap: EOF peerapi listen("fd7a:115c:a1b0:ab12:4323:ad45:6351:1d6b") error: listen tcp6 [fd7a:115c:a1b0:ab12:4323:ad45:6351:1d6b]:0: bind: cannot assign requested address Apologies, very poor testing on my part - I will ensure a ten minute+ test in future before pushing. I have rolled latest tag back to 1.8.3 and will investigate this. Quote Link to comment
Uirel Posted July 6, 2021 Share Posted July 6, 2021 (edited) 11 hours ago, dsmith44 said: Apologies, very poor testing on my part - I will ensure a ten minute+ test in future before pushing. I have rolled latest tag back to 1.8.3 and will investigate this. Updated back to 1.8.3 (and latest) but alas still getting can't change --login-server without --force-reauth as the final line then the container shuts down. Reauthing gets it back online as a new machine. I've noticed i'm getting alot of ipv6 errors in the log, about being unable to bind. Edited July 6, 2021 by Uirel Quote Link to comment
dsmith44 Posted July 6, 2021 Author Share Posted July 6, 2021 (edited) 23 hours ago, Ragemachinest said: Does anyone have issues with this release (1.10.1) stopping 5-10 seconds after starting? I tried removing everything and starting fresh with the same result. Log shows a couple of errors: health("dns"): error: rename /etc/resolv.conf /etc/resolv.pre-tailscale-backup.conf: device or resource busy Received error: PollNetMap: EOF peerapi listen("fd7a:115c:a1b0:ab12:4323:ad45:6351:1d6b") error: listen tcp6 [fd7a:115c:a1b0:ab12:4323:ad45:6351:1d6b]:0: bind: cannot assign requested address I need to ask for everyone's forgiveness as I am an idiot. At some point in the past I managed to change the build scripts so I was accidentally building HEAD instead of numbered versions of code. HEAD points to a development control plane hence the issues here. When they appear, which I hope will be this evening, please restore you saved state file and repoint to latest or 1.10.1. I will also push 1.10.1-FIXED if you want to make sure you pull the fixed version. I am now going back to git school, going to have lie down in a dark room and will then alter the build scripts to pull binaries instead of building from source. Apologies for all the trouble here. Edited July 6, 2021 by dsmith44 Quote Link to comment
sdchew Posted July 6, 2021 Share Posted July 6, 2021 On 7/4/2021 at 11:51 PM, Alexstrasza said: Have you made sure Privileged is ON? Ahh I must have missed this somewhere. Yeah I'm able to keep it running now. Thank you + Quote Link to comment
dsmith44 Posted July 8, 2021 Author Share Posted July 8, 2021 I have changed the build process for this container to pull binaries from tailscale instead of building from source. This will prevent any future problems with versioning and means we are now using offical binaries. 1.10.1 is the first version where this is the case and is available as tags 1.10.1 1.10.1-BINARY latest latest will obviosuly move at a later date. Can I encourage everyone to switch to this builds as prior builds were not inline with official versions. Thank you 1 Quote Link to comment
Ragemachinest Posted July 9, 2021 Share Posted July 9, 2021 On 5/23/2020 at 5:41 AM, dsmith44 said: Re: host vs bridge mode Having thought this through I feel host is the correct mode for this to operate in. Host means the networking is part of the base host networking so if the host can see the port tailscale will be able to as well. However that relies on the mapped ports listening on all addresses, which if I check my unraid server they do. root@unraid:~# ss -ltu Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process .. tcp LISTEN 0 128 *:8200 *:* .. However the only IP address that you'll be able to access through tailscale will be the tailscale ip address itself, trying to use a LAN address, a docker bridge network address or any other address is going to fail as we aren't doing subnet forwarding. I am not currently keen on even trying to add subnet forwarding to this container as it was never my intention to create a VPN gateway, just to allow access to Unraid services from tailscale. I am also not sure if this is even necessarily possible without additional steps outside of the container itself; if I look in the Apps list OpenVPN server is available as a plugin but not as a container. So building a plugin is likely a better route for someone to look at, but not something I'm going to get into. I would suggest using the built in wireshark support if you want to get a VPN connection to the whole network. Latest version appears to be working as expected now. I appreciate the work this. Thank you! Quote Link to comment
dsmith44 Posted July 16, 2021 Author Share Posted July 16, 2021 1.10.2 1.10.2 has been released. Pull deasmi/unraid-tailscale:1.10.2 if using numbered builds. Those using deasmi/unraid-tailscale:latest should automatically update. Dean Quote Link to comment
ThEdOtOr Posted July 24, 2021 Share Posted July 24, 2021 Just trying to set this up followed all the steps and have magic dns enabled but eveytime i try to pt the ip address tailscale gives or the local ip for the server it times out, when i start the container at the top i get this in yellow, 2021/07/24 10:44:58 router: disabling tunneled IPv6 due to system IPv6 config: kernel doesn't support IPv6 policy routing: ip -6 rule failed: RTNETLINK answers: Address family not supported by protocol and when i try to do some with my phone or laptop i get this in red, 2021/07/24 10:44:59 [unexpected] peerapi listen("fd7a:115c:a1e0:ab12:4843:cd96:6268:1e33") error: listen tcp6 [fd7a:115c:a1e0:ab12:4843:cd96:6268:1e33]:0: bind: cannot assign requested address Any clue ? anyone else come accross this ? Quote Link to comment
hgelpke Posted July 25, 2021 Share Posted July 25, 2021 14 hours ago, ThEdOtOr said: Just trying to set this up followed all the steps and have magic dns enabled but eveytime i try to pt the ip address tailscale gives or the local ip for the server it times out, when i start the container at the top i get this in yellow, 2021/07/24 10:44:58 router: disabling tunneled IPv6 due to system IPv6 config: kernel doesn't support IPv6 policy routing: ip -6 rule failed: RTNETLINK answers: Address family not supported by protocol and when i try to do some with my phone or laptop i get this in red, 2021/07/24 10:44:59 [unexpected] peerapi listen("fd7a:115c:a1e0:ab12:4843:cd96:6268:1e33") error: listen tcp6 [fd7a:115c:a1e0:ab12:4843:cd96:6268:1e33]:0: bind: cannot assign requested address Any clue ? anyone else come accross this ? Followed the video tutorial and everything seems to be setup but it's not working and when I check the log I get this 2021/07/25 01:36:49 [unexpected] peerapi listen("fd7a:115c:a1e0:ab13:4843:cd96:625c:200d") error: listen tcp6 [fd7a:115c:a1e0:ab13:4843:cd96:625c:200d]:0: bind: cannot assign requested address Quote Link to comment
dsmith44 Posted July 25, 2021 Author Share Posted July 25, 2021 14 hours ago, hgelpke said: Followed the video tutorial and everything seems to be setup but it's not working and when I check the log I get this 2021/07/25 01:36:49 [unexpected] peerapi listen("fd7a:115c:a1e0:ab13:4843:cd96:625c:200d") error: listen tcp6 [fd7a:115c:a1e0:ab13:4843:cd96:625c:200d]:0: bind: cannot assign requested address What video are you refering to? I've never made a setup video. That error is almost certainly not important, it is trying to get an IPv6 address as well as IPv4 and failing - I have that all the time without issue. I have never looked into providing IPv6 to docker containers on Unraid. Can you post more of your logfile? Quote Link to comment
hgelpke Posted July 25, 2021 Share Posted July 25, 2021 1 hour ago, dsmith44 said: What video are you refering to? I've never made a setup video. That error is almost certainly not important, it is trying to get an IPv6 address as well as IPv4 and failing - I have that all the time without issue. I have never looked into providing IPv6 to docker containers on Unraid. Can you post more of your logfile? The video I mentioned. I'll get my log Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.