[Support] Tailscale Support Thread


Recommended Posts

I am trying to make all devices on 3 different LANs on 3 different locations to be able to connect to each other via Tailscale. 2 location tailscale via this docker in unraid and another tailscale run over raspberry pi.

Successfully advertise routes for 3 different LAN Subnets, and if I am running Tailscale on my PC I am able to connect to all devices from 3 different LAN

Now what I would like to achieve is that for all devices under the 3 different LANs can connect to each other without running tailscale on the PC.
I have setup static route at my router to point to the LAN address of Unraid, I executed the command "tailscale up --accept-routes --advertise-routes=LOCAL LAN/24".

However, when I run tracert in windows, the connection stop at my local UNRAID IP and not being forwarded via Tailscale.

May I know what setting do I missed up at my local UNRAID server or tailscale docker to make the connection possible?

Edited by angyen
Link to comment
1 hour ago, angyen said:

I am trying to make all devices on 3 different LANs on 3 different locations to be able to connect to each other via Tailscale. 2 location tailscale via this docker in unraid and another tailscale run over raspberry pi.

Successfully advertise routes for 3 different LAN Subnets, and if I am running Tailscale on my PC I am able to connect to all devices from 3 different LAN

Now what I would like to achieve is that for all devices under the 3 different LANs can connect to each other without running tailscale on the PC.
I have setup static route at my router to point to the LAN address of Unraid, I executed the command "tailscale up --accept-routes --advertise-routes=LOCAL LAN/24".

However, when I run tracert in windows, the connection stop at my local UNRAID IP and not being forwarded via Tailscale.

May I know what setting do I missed up at my local UNRAID server or tailscale docker to make the connection possible?

 

This container is just not designed for that, it is designed to provide access to your Unraid server over tailscale.

 

My 2p worth is that site to site VPNs are best setup on your firewall/router anyway, bouncing traffic off your router to another machine in the same subnet is always going to be painful at best.

 

Edit:

If I had to guess, check if ip_forwarding is enabled, do you have a

net.ipv4.ip_forward = 1

in /etc/sysctl.conf

 

But I've never tested a setup like this, so shooting blind.

 

 

Edited by dsmith44
Adding more info
Link to comment
2 minutes ago, dsmith44 said:

 

This container is just not designed for that, it is designed to provide access to your Unraid server over tailscale.

 

My 2p worth is that site to site VPNs are best setup on your firewall/router anyway, bouncing traffic off your router to another machine in the same subnet is always going to be painful at best.

 

Thank you for the swift reply.

 

I have setup wireguard in these 2 unraid server but now my ISP is migrating all public IP to private IP, which is why I need to deploy Tailscale as my wireguard will cease to function once I no longer have a public IP.

 

Looks like I got to figure out another alternative way to install Tailscale, maybe through a VM under unraid.

Link to comment
16 minutes ago, dsmith44 said:

 

This container is just not designed for that, it is designed to provide access to your Unraid server over tailscale.

 

My 2p worth is that site to site VPNs are best setup on your firewall/router anyway, bouncing traffic off your router to another machine in the same subnet is always going to be painful at best.

 

Edit:

If I had to guess, check if ip_forwarding is enabled, do you have a

net.ipv4.ip_forward = 1

in /etc/sysctl.conf

 

But I've never tested a setup like this, so shooting blind.

 

 

 

Yes. the setting for unraid and docker both for net.ipv4_forward = 1 but still it doesn't work. 

Thank you for the suggestion. Truly appreciate that.

Link to comment
5 hours ago, angyen said:

Thank you for the swift reply.

 

I have setup wireguard in these 2 unraid server but now my ISP is migrating all public IP to private IP, which is why I need to deploy Tailscale as my wireguard will cease to function once I no longer have a public IP.

 

Looks like I got to figure out another alternative way to install Tailscale, maybe through a VM under unraid.

I just tried installing tailscale in debian VM with the --accept-routes command. while in the vm I can access to other LAN subnet, but when my router forward the route to by debian vm, the connection still not pass through and I can't connect to other LAN subnet. 

Tracert reveal that the connection broke at the debian VM.
Looks like there is a setting that needed to be done.

I got to study it futher. If anyone know what to change to make it work. Please let me know.

Thank you.

Link to comment

Everything was working well yesterday but now I can't connect to my server via Tailscale (IP or MagicDNS).

I have removed and reinstalled the Docker, cleared the appdata, and re-authed several times.

The Tailscale admin shows as connected (and disconnected when I turn off the container or reboot the host machine).

In the Docker logs there are a lot of IPV6 errors: 

2021/10/15 16:31:19 [unexpected] peerapi listen("REDACTED") error: listen tcp6 [REDACTED]:0: bind: cannot assign requested address



Docker Container: `latest` 1.14.6 (but tailscale admin shows 1.16.0 being the actual latest
Unraid version: 6.9.2 2021-04-07

Edit: Randomly started working again after just leaving it alone for an few hours.

Edited by Craig Dennis
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.