[Support] Tailscale Support Thread


Recommended Posts

Hi,

 

current deployed version Tailscale v1.34.1 is outdated and meanwhile 3 versions are skipped:

 

Tailscale v1.34.2
LINUX
Handling of a very large number of SplitDNS domains with an exit node

 

Tailscale v1.36
ALL PLATFORMS
--json flag for the tailscale lock status and tailscale lock log commands
--json flag for the tailscale version command
tailscale update command to update client
tailscale debug daemon-logs to watch server logs
tailscale status --json now includes KeyExpiry time and Expired boolean on nodes
tailscale version now advertises when you’re on the unstable (dev) track
(Unix platforms) When /etc/resolv.conf needs to be overwritten for lack of options, a comment in the file now links to https://tailscale.com/s/resolvconf-overwrite
Tailscale SSH: SSH to tailscaled as a non-root user works again, as long as you only SSH to the same user that tailscaled is running as
Handle cases where a node expires and we don’t receive an update about it from the control server (#6929 and #6937)
Support UPnP port mapping of gateway devices where they are deployed as a highly available pair (#6946)
Support arbitrary IP protocols like EOIP and GRE (#6423)
Exit node handling of a large number of split DNS domains (#6875)
Accept DNS-over-TCP responses up to 4K bytes (#6805)
LINUX
Add build support for Loongnix CPU architecture
Improved throughput performance on Linux (#6663)

 

Tailscale v1.36.1
ALL PLATFORMS
Potential infinite loop when node key expires
 

Link to comment
Hi,
 
current deployed version Tailscale v1.34.1 is outdated and meanwhile 3 versions are skipped:
 
Tailscale v1.34.2
LINUX
Handling of a very large number of SplitDNS domains with an exit node
 
Tailscale v1.36
ALL PLATFORMS
--json flag for the tailscale lock status and tailscale lock log commands
--json flag for the tailscale version command
tailscale update command to update client
tailscale debug daemon-logs to watch server logs
tailscale status --json now includes KeyExpiry time and Expired boolean on nodes
tailscale version now advertises when you’re on the unstable (dev) track
(Unix platforms) When /etc/resolv.conf needs to be overwritten for lack of options, a comment in the file now links to https://tailscale.com/s/resolvconf-overwrite
Tailscale SSH: SSH to tailscaled as a non-root user works again, as long as you only SSH to the same user that tailscaled is running as
Handle cases where a node expires and we don’t receive an update about it from the control server (#6929 and #6937)
Support UPnP port mapping of gateway devices where they are deployed as a highly available pair (#6946)
Support arbitrary IP protocols like EOIP and GRE (#6423)
Exit node handling of a large number of split DNS domains (#6875)
Accept DNS-over-TCP responses up to 4K bytes (#6805)
LINUX
Add build support for Loongnix CPU architecture
Improved throughput performance on Linux (#6663)
 
Tailscale v1.36.1
ALL PLATFORMS
Potential infinite loop when node key expires
 

1.36.0 is the latest available if you read the previous posts.

1.36.1 came out yesterday.

Latest tag will be moved to 1.36.1 in the next few days.
  • Like 1
  • Thanks 1
Link to comment
  • 2 weeks later...
  • 2 weeks later...

Hi!

 

I've been trying to get tailscale on my unraid server but not sure if stupid or something 😶

 

While looking at the logs after authenticating the docker to tailscale it just keeps saying:

Quote

Received error: register request: Post "https://controlplane.tailscale.com/machine/register": connection attempts aborted by context: context deadline exceeded

 

My server shows up on the tailscale app as connected

 

using talescale debug ts2021 yealds:

 

Quote

21:15:18.094764 Fetching keys from https://controlplane.tailscale.com/key?v=56 ...
21:15:38.200131 Dial("tcp", "18.193.143.177:443") ...
21:15:38.200324 trying bootstrapDNS("derp1c.tailscale.com", "104.248.8.210") for "controlplane.tailscale.com" ...
21:15:38.228032 Dial("tcp", "18.193.143.177:443") = 192.168.1.14:38238 / 18.193.143.177:443
21:15:38.289558 controlhttp.Dial = 0xc000012218, <nil>
21:15:38.289564 did noise handshake
21:15:38.289567 final underlying conn: 192.168.1.14:38238 / 18.193.143.177:443

 

and using talescale status yealds: "Logged out."

 

Not sure if I did anything wrong during startup but something seems to have broken 😓

 

Shouldn't be any VPN or firewall issues as far as I know, followed this video as I installed 

 

//Update

 

Also when intalling the docker it seems to just wanting to login instead of giving the auth link and wait. I just managed to get the link the 3rd time installing the docker after deleting "tailscale.state".

Edited by Blue300
Link to comment
On 3/1/2023 at 12:38 PM, Simone Valmacco said:

Hi @dsmith44, there's a way to have a status banner in the dashboard as the built in Wireguard VPN do?

Thank you very much!

Simone

As this is a docker container, and not a plugin, there is no way for it to interact with the underlying unraid install.

 

Sorry.

Link to comment
On 3/11/2023 at 9:21 PM, Blue300 said:

Hi!

 

I've been trying to get tailscale on my unraid server but not sure if stupid or something 😶

 

While looking at the logs after authenticating the docker to tailscale it just keeps saying:

 

My server shows up on the tailscale app as connected

 

using talescale debug ts2021 yealds:

 

 

and using talescale status yealds: "Logged out."

 

Not sure if I did anything wrong during startup but something seems to have broken 😓

 

Shouldn't be any VPN or firewall issues as far as I know, followed this video as I installed 

 

//Update

 

Also when intalling the docker it seems to just wanting to login instead of giving the auth link and wait. I just managed to get the link the 3rd time installing the docker after deleting "tailscale.state".

 

It looks like tailscale cannot connect to the internet at all, which is why it is failing.

 

If you open the console, right click on tailscale container, can you ping anything?

 

image.png.58581c6bfe779602ddef12b6f3f3e64e.png

Link to comment
  • 2 weeks later...
  • 2 weeks later...

How to enable the tailscale funnel in this container? I tried command "tailscale serve https:443 / text:"Hello, world!". It works. I can use the tailscale hosted domain name fetch this text. But when I tried command "tailscale serve https / https://127.0.0.1:443". I can not access the unraid dashboard with the tailscale hosted FQDN

Link to comment
  • 5 weeks later...
  • 3 weeks later...
  • 2 weeks later...

Hello Tailscale team

Im attempting to configure remote access via VPN with Tailscle to my Unraid server. I have followed this guide perfectly: https://www.youtube.com/results?search_query=tailscale+unraid, including adding the code:|
image.png.5df0f6bb6b6519c1262641195a4e087f.png

and UP_FLAGS field

image.thumb.png.5dd5c2406f31d7d0df6b920c1428b7c1.png

 

Connected on Tailscale
image.thumb.png.2ab770b839a8010ae00adb86baf4c2de.png
image.png.65f41065a91561019e463e1c5f31d3c4.png
 

The result:
image.thumb.png.e66dcea07f8f7592ab084920ff7779dd.png


1. Is there any possibility I have limitations from the ISP?
When I requested port forwarding from the ISP (for wiregaurd), they told me it would not be forwarded as an external IP and I would have to pay for a different service for that.
This most likely is now irrelvant as Tailscale bypasses the need for port forwarding. But the situation makes me wonder could they limit external access somehow?

Diagnostics attached
 

Its is essential I have remote access to the server, please help me troubleshoot this problem🙏🙏🙏
TIA

 


 



 

tgtbserver-diagnostics-20230619-1041.zip

Edited by K1LLA_KING_KING
Link to comment

The advertised-routes option is not officially supported, that is about routing all your traffic back to Unraid before it goes to the internet.  So in the first instance I'd remove that from UP_FLAGS until you get basics working.

 

Also Tailscale shouldn't need a port forward.

 

From the device connecting can you ping the tailscle IP address of the unraid server?

If you can, then something else is stopping the web interface working.

If you can't then can you ping the device from unread?

 

 

Link to comment
17 hours ago, dsmith44 said:

The advertised-routes option is not officially supported, that is about routing all your traffic back to Unraid before it goes to the internet.  So in the first instance I'd remove that from UP_FLAGS until you get basics working.

OK ill delete that

 

Also Tailscale shouldn't need a port forward. 
No I'm not port forawrding, I just mentioned that regarding a time when I did ask the ISP about it.

 

From the device connecting can you ping the tailscle IP address of the unraid server?
image.png.81e05a142a6928cbcc6507efa00339ce.png

If you can, then something else is stopping the web interface working.

If you can't then can you ping the device from unread?
Yes, I can
image.png.22386c2e8d2c4aecee67270c010c6568.png

Thanks for helping

 

Edited by K1LLA_KING_KING
Link to comment

I have a few questions about the plugin:

 

1: What is proper setup for the taildrop file location, is something like this acceptable?

 

/mnt/user/Downloads/TailDrop/

 

2. should i be concerned about any of these errors:

Running pre-startup script
Enabling IP Forwarding
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
Stopping tailscaled.
Starting tailscaled: /usr/local/sbin/tailscaled
logger: send message failed: Bad file descriptor


/usr/local/emhttp/plugins/tailscale/update-settings.sh: line 53: tailscale: command not found
tailscale set --accept-routes=false
/usr/local/emhttp/plugins/tailscale/update-settings.sh: line 70: tailscale: command not found
tailscale set --accept-dns=true
Running post-startup script

 

 

Link to comment
1 hour ago, dianasta said:

Hello @dsmith44 ,

 

There is a new tailscale version 1.44.0 could you please kindly update the docker?

 

Thank you very much!

 

Please see previous discussions. Latest will not be moved for a few weeks.

 

1.44 is available if you want to manually pick it.

 

Link to comment
On 6/20/2023 at 4:24 AM, K1LLA_KING_KING said:

 

 

The fact that you can ping your client device tailscale address form unraid, but no vica versa suggest ACLs/firewalls.

 

Have you set any custom ACLs in the tailscale admin interface?

Have you done anything to unraid with firewalls?

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.