Code Monkey home page Code Monkey logo

tailscale-udm's Introduction

Tailscale on Unifi Dream Machine

This repo contains the scripts necessary to install and run a tailscale instance on your Unifi Dream Machine (UDM/UDM Pro/UDR/UDM-SE). It does so by piggy-backing on the excellent boostchicken/udm-utilities to provide a persistent service and runs using Tailscale's usermode networking feature.

UniFi OS 2.x/3.x

ⓘ You can confirm your OS version by running /usr/bin/ubnt-device-info firmware_detail

NOTE: UniFi OS 2.x+ support is currently in beta for this project, if you encounter any issues please open an issue and we'll do our best to help you out. Logs and clear descriptions of the steps you took prior to the issue occurring help immensely.

Installation

  1. Run the install.sh script to install the latest version of the Tailscale UDM package on your UDM.

    # Install the latest version of Tailscale UDM
curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh

  2. Run tailscale up to start Tailscale.

  3. Follow the on-screen steps to configure Tailscale and connect it to your network.

  4. Confirm that Tailscale is working by running tailscale status

Management

Configuring Tailscale

You can configure Tailscale using all the normal tailscale up options, you should be able to find tailscale on your path after installation.

tailscale up --advertise-routes=10.0.0.0/24 --advertise-exit-node --advertise-tags=tag:it

Restarting Tailscale

On UniFi OS 2.x+, Tailscale is managed using systemd and the tailscaled service. You can restart it using the following command.

systemctl restart tailscaled

Upgrading Tailscale

Upgrading Tailscale on UniFi OS 2.x+ can be done either using apt or by using the manage.sh helper script.

Using apt
apt update && apt install -y tailscale
Using manage.sh
/data/tailscale/manage.sh update

# Or, if you are connected over Tailscale and want to run the update anyway
nohup /data/tailscale/manage.sh update!

Remove Tailscale

To remove Tailscale, you can run the following command, or run the steps below manually.

/data/tailscale/manage.sh uninstall
Manual Steps
  1. Kill the tailscaled daemon with systemctl stop tailscaled.
  2. Remove the tailscale package using dpkg -P tailscale.
  3. Remove the management script and state using rm -Rf /data/tailscale.

UniFi OS 1.x (Legacy OS on UDM/UDM Pro)

ⓘ You can confirm your OS version by running /usr/bin/ubnt-device-info firmware_detail

Installation

  1. Follow the steps to install the boostchicken on-boot-script here.

    ⚠ Make sure that you exit the unifi-os shell before moving onto step 2 (or you won't be able to find the /mnt/data directory).

  2. Run the install.sh script to install the latest version of the Tailscale UDM package on your UDM.

    # Install the latest version of Tailscale UDM
curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh

  3. Start Tailscale using /mnt/data/tailscale/tailscale up.

  4. Follow the on-screen steps to configure tailscale and connect it to your network.

  5. Confirm that Tailscale is working by running /mnt/data/tailscale/tailscale status

Management

Configuring Tailscale

You can configure Tailscale using all the normal tailscale up options, you'll find the binary at /mnt/data/tailscale/tailscale. Unfortunately we can't make changes to your $PATH to expose the normal tailscale command, so you'll need to specify the full path when calling it.

/mnt/data/tailscale/tailscale up --advertise-routes=10.0.0.0/24 --advertise-exit-node --advertise-tags=tag:it

Restarting Tailscale

The manage.sh script takes care of installing, starting, stopping, updating, and uninstalling Tailscale. Run it without any arguments to see the options.

/mnt/data/tailscale/manage.sh restart

Upgrading Tailscale

/mnt/data/tailscale/manage.sh update

# Or, if you are connected over Tailscale and want to run the update anyway
nohup /mnt/data/tailscale/manage.sh update!

Remove Tailscale

To remove Tailscale, you can run the following command, or run the steps below manually.

/mnt/data/tailscale/manage.sh uninstall
Manual Steps
  1. Kill the tailscaled daemon with killall tailscaled.
  2. Remove the boot script using rm /mnt/data/on_boot.d/10-tailscaled.sh
  3. Have tailscale cleanup after itself using /mnt/data/tailscale/tailscaled --cleanup.
  4. Remove the tailscale binaries and state using rm -Rf /mnt/data/tailscale.

Contributing

There are clearly lots of folks who are interested in running Tailscale on their UDMs. If you're one of those people and have an idea for how this can be improved, please create a PR and we'll be more than happy to incorporate the changes.

Frequently Asked Questions

How do I advertise routes?

You do this by updating your Tailscale configuration as you would on any other machine, just remember to provide the full path to the tailscale binary when doing so.

# Specify the routes you'd like to advertise using their CIDR notation

# UniFi OS 1.x
/mnt/data/tailscale/tailscale up --advertise-routes="10.0.0.0/24,192.168.0.0/24"

# UniFi OS 2.x/3.x
tailscale up --advertise-routes="10.0.0.0/24,192.168.0.0/24"

Can I route traffic from machines on my local network to Tailscale endpoints automatically?

In theory, yes - however it does require manual changes to your routing rules and these will need to be updated if you take advantage of WAN fail-over. This has been discussed in more detail here.

Note that we do not currently include this in tailscale-udm due to the risk of breaking conflicts in future.

Why can't I see a network interface for Tailscale?

Tailscale runs as a userspace networking component on the UDM rather than as a TUN interface, which means you won't see it in the ip addr list.

Does this support Tailscale SSH?

You bet, make sure you're running the latest version of Tailscale and then run tailscale up --ssh to enable it. You'll need to setup SSH ACLs in your account by following this guide.

# UniFi OS 1.x
# Update Tailscale to its latest version
/mnt/data/tailscale/manage.sh update!

# Enable SSH advertisment through Tailscale
/mnt/data/tailscale/tailscale up --ssh

# UniFi OS 2.x/3.x
# Update Tailscale to its latest version
/data/tailscale/manage.sh update!

# Enable SSH advertisment through Tailscale
tailscale up --ssh

tailscale-udm's People

Contributors

bennettp123 avatar bjeans avatar bslatyer avatar carsso avatar chrisgoffinet avatar dependabot[bot] avatar juandp77 avatar mhriemers avatar milesd avatar notheotherben avatar pkwarren avatar stratus avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

stratus edgardmello juandp77 seamuz threecommaio kt-0516 crodriguezanton xneo1 icodesdeveloper jessesanford pieterdv eh8 fbernier maxpayne7978 oppegard mrobi1 jakehamilton pr0z4k andjones132 mhriemers bennettp123 barkerja movementgyms riseansmal baldwint asjoyner markpromnitz webrulon intertet vandewaetere ljouon stigtsp shawnhank ghenry22 axemann carsso micko

tailscale-udm's Issues

Version '11 (bullseye)' for 'tailscale' was not found

Hey y'all,

I've just built and run the new commits for installing Tailscale via APT instead of downloading the package directly.

Unfortunately, the APT installation fails with this error Version '11 (bullseye)' for 'tailscale' was not found.

Is there any fixes to this issue just yet or should I be waiting until the official release comes out?

My fork is at https://github.com/bslatyer/tailscale-udm

Here's the full output from the run on my UDM-SE

root@Redwood:~# curl -sSLq https://raw.github.com/bslatyer/tailscale-udm/main/install.sh | sh
Installing Tailscale package repository...
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
# Tailscale packages for debian bullseye
deb https://pkgs.tailscale.com/stable/debian bullseye main
Updating package lists...
Hit:1 http://deb.debian.org/debian bullseye InRelease
Hit:2 http://deb.debian.org/debian bullseye-updates InRelease                                                        
Hit:3 http://deb.debian.org/debian bullseye-backports InRelease                                                      
Hit:4 http://security.debian.org/debian-security bullseye-security InRelease                                         
Get:5 https://pkgs.tailscale.com/stable/debian bullseye InRelease                                                    
Hit:6 https://apt-release-candidate.artifacts.ui.com bullseye InRelease                   
Hit:7 https://apt.artifacts.ui.com bullseye InRelease               
Hit:8 https://repo.nextdns.io/deb stable InRelease
Get:9 https://pkgs.tailscale.com/stable/debian bullseye/main arm64 Packages [7105 B]
Get:10 https://pkgs.tailscale.com/stable/debian bullseye/main all Packages [354 B]
Fetched 13.5 kB in 2s (7005 B/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
25 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 11 (bullseye)...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
E: Version '11 (bullseye)' for 'tailscale' was not found

Tailscale connected, but ping not working

hello

My English is not very good, so please understand

tailscale ping works

#  /mnt/data/tailscale/tailscale ping macbook-01
pong from macbook-01 (100.64.0.3) via XXX.XXX.XXX.XXX:54263 in 10ms

but normal ping...

# ping 100.64.0.3
PING 100.64.0.3 (100.64.0.3): 56 data bytes
^C
--- 100.64.0.3 ping statistics ---
10 packets transmitted, 0 packets received, 100% packet loss

unable to connect to other machine from udm pro

# ssh 100.64.0.1

ssh: Connection to [email protected]:22 exited: Connect failed: Connection timed out

But other machine is possible

TE-01:~# ssh 100.64.0.18
Welcome to UbiOS

By logging in, accessing, or using the Ubiquiti product, you
acknowledge that you have read and understood the Ubiquiti
License Agreement and agree to be bound by its terms.

[email protected]'s password:

Undefined function `tailscale_update` in `manage.sh`

There is an error (/mnt/data/tailscale/manage.sh: line 151: tailscale_update: not found) in the code of manage.sh.

tailscale-udm/package/manage.sh

Line 151 in 8d3758c

tailscale_has_update && tailscale_update || echo "Not updated"

tailscale_update is an undefined function in the script. Workaround would be to structure the script like this:

tailscale_update() {
  tailscale_stop
  tailscale_install "$1"
  tailscale_start
}

case $1 in
  "update!")
    if tailscale_has_update "$2"; then
      tailscale_update "$2"
    else
      echo "Tailscale is already up to date"
    fi
    ;;
  "on-boot")
    # shellcheck source=package/tailscale-env
    . "${TAILSCALE_ROOT}/tailscale-env"

    if [ "${TAILSCALE_AUTOUPDATE}" = "true" ]; then
      tailscale_has_update && tailscale_update || echo "Not updated"
    fi

    tailscale_start
    ;;

Want me to submit a PR?

Integration of P2P via "Site Magic" /w remote leg on Starlink is an ITSM nightmare. NEED TS-UDM on 4.0.3

# /usr/bin/ubnt-device-info firmware_detail
4.0.3

# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh

Unsupported UniFi OS version (v4).
Please provide the following information to us on GitHub:

/usr/bin/ubnt-device-info firmware_detail

4.0.3

/etc/os-release

PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

Much Appreciated! Let me know how I can help. Happy to test.

Unable to route towards/over tailscale from UDM LAN (UDM Pro v3.0.20)

UDM Pro, running OS v3.0.20 (Kernel 4.19.152 SMP)
Installed Tailscale with install script

Configured with:
#tailscale up --advertise-routes=10.10.0.0/23,10.10.2.0/24 --advertise-exit-node --advertise-tags=tag:udmpro --accept-routes

#tailscale ip -4
100.105.87.25

Issue:
Cannot ping local IP nor any other IPs.

'traceroute -n 100.105.87.25' goes to WAN port and the next hop router, then dies.
'traceroute -n 10.10.9.5' (10.10.9.0/24 is an advertized LAN behind another tailscale router) goes to WAN port and the next hop router, then dies.

Obviously the UDM Pro does NOT see the tailscale network, and thus has no idea how to route across the tailscale connection...

tailscale missing after firware upgrade

Hi there,

My device just auto-updated (yes I have automatic updates enabled, yolo) from 2.4.23 to 2.4.26. Afterwards, tailscale was not installed.

Is this supposed to persist across firmware updates?

Edit: working fine after a reinstall 🤷🏻

UDM Pro http issue

i have server running in my lan on lets say 192.168.5.5 i have tailscale running on my udm pro which is 192.168.5.1 i have port open in udm so that 80/443 go to 192.168.5.5 and everything works when i am not on tailscale but when i am on tailsacle i use udm pro as exit node and i try to go to my domain port forwarding doesn't work it goes to 192.168.5.1 instead of 5.5 any idea what might cause this ?

Install fails due to upstream apt repository issues (404 Not Found/401 Unauthorized)

I just updated my UDM core OS and tried to reinstall Tailscale, but ended up with errors. It looks like the Debian repo is having issues, but I'm not an expert. Anyone have any thoughts on this? (boostchicken is already installed; it's installer completed without any issues)

From my UDM console:

root@udm:# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Updating package lists...
Ign:1 http://security.debian.org stretch/updates InRelease
Ign:2 http://deb.debian.org/debian stretch InRelease
Err:3 http://security.debian.org stretch/updates Release
404 Not Found [IP: 151.101.42.132 80]
Ign:4 http://deb.debian.org/debian stretch-updates InRelease
Ign:5 http://deb.debian.org/debian stretch-backports InRelease
Err:6 http://deb.debian.org/debian stretch Release
404 Not Found [IP: 151.101.42.132 80]
Err:7 http://deb.debian.org/debian stretch-updates Release
404 Not Found [IP: 151.101.42.132 80]
Err:8 http://deb.debian.org/debian stretch-backports Release
404 Not Found [IP: 151.101.42.132 80]
Hit:10 https://apt-release-candidate.artifacts.ui.com stretch InRelease
Hit:11 https://apt-beta.artifacts.ui.com stretch InRelease
Hit:12 https://apt.artifacts.ui.com stretch InRelease
Reading package lists... Done
E: The repository 'http://security.debian.org stretch/updates Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://deb.debian.org/debian stretch Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://deb.debian.org/debian stretch-updates Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://deb.debian.org/debian stretch-backports Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
root@udm:#

UniFi OS v4

There is a new early access version of the UDMP firmware, which is version 4.0.3, the installer exits out with following message:

Unsupported UniFi OS version (v4).
Please provide the following information to us on GitHub:
/usr/bin/ubnt-device-info firmware_detail
4.0.3
/etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

`apt-key add` doesn't work on debian bullseye

my UDM-pro is on Unifi-OS 3.2.12 which uses debian bullseye. The install.sh script fails with the following:

root@UDMPRO-Chambord:~# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Installing latest Tailscale package repository key...
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
Updating package lists...
Hit:1 https://security.debian.org/debian-security bullseye-security InRelease
Hit:2 https://deb.debian.org/debian bullseye InRelease
Hit:3 https://deb.debian.org/debian bullseye-updates InRelease
Hit:4 https://deb.debian.org/debian bullseye-backports InRelease
Hit:5 https://apt.artifacts.ui.com bullseye InRelease
Hit:6 https://apt-release-candidate.artifacts.ui.com bullseye InRelease
Hit:7 https://apt-beta.artifacts.ui.com bullseye InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
15 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 1.58.2...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
E: Unable to locate package tailscale

As you can see, there's a line about apt-key being deprecated. The tailscale install instruction changed between stretch and bullseye. The script works after using the new instructions to add the key. I do not know if these new instructions would work for debian stretch too.

Not starting / surviving reboots.

Noticed today that tailscale wasn't starting automatically and couldn't be manually started either required a fresh install to get going again.

How to add routing

Thanks for that nice work. My UDM is installed and running on Tailscale, but it is not showing and subnets. I tried the command sudo tailscale up --advertise-routes=10.0.0.0/24,10.0.1.0/24 but I get a command not found.
Thanks

Document how to use an authentication key with the install script

I've been unable to get the installation to work; it does not ask me to perform a login, only starts tailscaled on the UDM pro.

Once I do that, the tailscale up command does not, in fact, work:

/mnt/data/tailscale/tailscale up --force-reauth --authkey CENSORED

This command just hangs.

What I can't tell is if that's something in the setup script or in tailscale itself.

Not possible to install on my Dream machine pro

Hello, if i try to run the install.sh with the code you provided in the description, i will get the folowing output.:

version is: 2.5. 17:

root@UDMPro-Haller:~# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Updating package lists...
Ign:1 http://security.debian.org stretch/updates InRelease
Err:2 http://security.debian.org stretch/updates Release
  404  Not Found [IP: 146.75.122.132 80]
Ign:3 http://deb.debian.org/debian stretch InRelease
Ign:4 http://deb.debian.org/debian stretch-updates InRelease
Ign:5 http://deb.debian.org/debian stretch-backports InRelease
Err:6 http://deb.debian.org/debian stretch Release
  404  Not Found [IP: 146.75.122.132 80]
Err:7 http://deb.debian.org/debian stretch-updates Release
  404  Not Found [IP: 146.75.122.132 80]
Err:8 http://deb.debian.org/debian stretch-backports Release
  404  Not Found [IP: 146.75.122.132 80]
Hit:10 https://apt-beta.artifacts.ui.com stretch InRelease
Hit:11 https://apt-release-candidate.artifacts.ui.com stretch InRelease
Hit:12 https://apt.artifacts.ui.com stretch InRelease
Reading package lists... Done 
E: The repository 'http://security.debian.org stretch/updates Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://deb.debian.org/debian stretch Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://deb.debian.org/debian stretch-updates Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://deb.debian.org/debian stretch-backports Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

tailscaled.service is masked, unable to start service (and therefore unable to connect to tailnet)

I am unable to complete the install of Tailscale for UDM, or more realistically, get taiilscale running on a UDM. I tried reboot the UDM (full power cycle) to try to the old adage of "have you tried turning it off and back on again?" Any help is appreciated.

Upon install, I am seeing the following error:
Failed to restart tailscaled.service: Unit tailscaled.service is masked.

UDM info:
root@3815-E-Winray-Dr-new:~# /usr/bin/ubnt-device-info firmware_detail
3.1.16

Console info:
root@3815-E-Winray-Dr-new:~# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Installing latest Tailscale package repository key...
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
Installing Tailscale package repository...

Tailscale packages for debian bullseye

deb https://pkgs.tailscale.com/stable/debian bullseye main
Updating package lists...
Hit:1 https://deb.debian.org/debian bullseye InRelease
Hit:2 https://security.debian.org/debian-security bullseye-security InRelease
Hit:3 https://deb.debian.org/debian bullseye-updates InRelease
Hit:4 https://deb.debian.org/debian bullseye-backports InRelease
Get:5 https://apt.artifacts.ui.com bullseye InRelease [13.0 kB]
Get:6 https://pkgs.tailscale.com/stable/debian bullseye InRelease
Get:7 https://apt.artifacts.ui.com bullseye/release arm64 Packages [40.8 kB]
Fetched 60.3 kB in 1s (43.0 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
58 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 1.54.1...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
tailscale
0 upgraded, 1 newly installed, 0 to remove and 59 not upgraded.
Need to get 24.4 MB of archives.
After this operation, 46.0 MB of additional disk space will be used.
Get:1 https://pkgs.tailscale.com/stable/debian bullseye/main arm64 tailscale arm64 1.54.1 [24.4 MB]
Fetched 24.4 MB in 1s (19.8 MB/s)
Selecting previously unselected package tailscale.
(Reading database ... 46360 files and directories currently installed.)
Preparing to unpack .../tailscale_1.54.1_arm64.deb ...
Unpacking tailscale (1.54.1) ...
Setting up tailscale (1.54.1) ...
Failed to preset unit: Unit file /etc/systemd/system/tailscaled.service is masked.
/usr/bin/deb-systemd-helper: error: systemctl preset failed on tailscaled.service: No such file or directory
tailscaled.service is a disabled or a static unit not running, not starting it.
Configuring Tailscale to use userspace networking...
Restarting Tailscale daemon to detect new configuration...
Failed to restart tailscaled.service: Unit tailscaled.service is masked.
Failed to restart Tailscale daemon
The daemon might not be running with userspace networking enabled, you can restart it manually using 'systemctl restart tailscaled'.

root@3815-E-Winray-Dr-new:~# systemctl restart tailscaled
Failed to restart tailscaled.service: Unit tailscaled.service is masked.

No tailscale interface on UDM SE

I just got the UDM SE last week. Everything seems to install and run fine, I do get an IP-address and in the web interface an IP shows up.

However, if I run ip addr show I don't see any tailscale interface, I can't ping to other machines and other machines can't ping to the UDM SE. The logs do not seem to tell anything useful in finding the cause. I shared them below:

Kernel

root@udm:~# uname -ar
Linux udm 4.19.152-ui-alpine #4.19.152 SMP Fri Apr 22 00:04:43 CST 2022 aarch64 GNU/Linux

Install

root@udm:~# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Installing Tailscale v1.24.2 in /mnt/data/tailscale...
Installation complete, run '/mnt/data/tailscale/manage.sh start' to start Tailscale
Starting Tailscaled...
Tailscaled started successfully

To authenticate, visit:

	https://login.tailscale.com/a/xxxxxx

Success.

tailscale.log

2022/05/08 18:46:09 logtail started
2022/05/08 18:46:09 Program starting: v1.24.2-t9d6867fb0-g2d0f7ddc3, Go 1.18.1-ts710a0d8610: []string{"/mnt/data/tailscale/tailscaled", "--cleanup"}
2022/05/08 18:46:09 LogID: **MASKED**
2022/05/08 18:46:09 logpolicy: using system state directory "/var/lib/tailscale"
2022/05/08 18:46:09 dns: [rc=unknown ret=direct]
2022/05/08 18:46:09 dns: using *dns.directManager
2022/05/08 18:46:09 flushing log.
2022/05/08 18:46:09 logger closing down
2022/05/08 18:46:10 logtail started
2022/05/08 18:46:10 Program starting: v1.24.2-t9d6867fb0-g2d0f7ddc3, Go 1.18.1-ts710a0d8610: []string{"/mnt/data/tailscale/tailscaled", "--state", "/mnt/data/tailscale/tailscaled.state", "--socket", "/var/run/tailscale/tailscaled.sock", "--port", "41641", "--tun", "userspace-networking"}
2022/05/08 18:46:10 LogID: **MASKED**
2022/05/08 18:46:10 logpolicy: using system state directory "/var/lib/tailscale"
2022/05/08 18:46:10 wgengine.NewUserspaceEngine(tun "userspace-networking") ...
2022/05/08 18:46:10 dns: using dns.noopManager
2022/05/08 18:46:10 link state: interfaces.State ** TRUNCATED **
2022/05/08 18:46:10 magicsock: disco key =  **MASKED**
2022/05/08 18:46:10 Creating wireguard device...
2022/05/08 18:46:10 Bringing wireguard device up...
2022/05/08 18:46:10 Bringing router up...
2022/05/08 18:46:10 Clearing router settings...
2022/05/08 18:46:10 Starting link monitor...
2022/05/08 18:46:10 Engine created.
2022/05/08 18:46:10 Start
2022/05/08 18:46:10 using backend prefs for "_daemon": Prefs{ra=false dns=true want=false routes=[] nf=on Persist{lm=, o=, n=[LZHWO] u="**MASKED**"}}
2022/05/08 18:46:10 Backend: logs: be:**MASKED** fe:
2022/05/08 18:46:10 control: client.Login(false, 0)
2022/05/08 18:46:10 Switching ipn state NoState -> Stopped (WantRunning=false, nm=false)
2022/05/08 18:46:10 wgengine: Reconfig: configuring userspace wireguard config (with 0/0 peers)
2022/05/08 18:46:10 wgengine: Reconfig: configuring router
2022/05/08 18:46:10 wgengine: Reconfig: configuring DNS
2022/05/08 18:46:10 dns: Set: {DefaultResolvers:[] Routes:{} SearchDomains:[] Hosts:0}
2022/05/08 18:46:10 dns: Resolvercfg: {Routes:{} Hosts:0 LocalDomains:[]}
2022/05/08 18:46:10 dns: OScfg: {Nameservers:[] SearchDomains:[] MatchDomains:[]}
2022/05/08 18:46:10 control: doLogin(regen=false, hasUrl=false)
2022/05/08 18:46:10 health("overall"): error: state=Stopped, wantRunning=false
2022/05/08 18:46:10 control: control server key from https://controlplane.tailscale.com: ts2021=[fSeS+], legacy=[nlFWp]
2022/05/08 18:46:10 control: RegisterReq: onode= node=[LZHWO] fup=false
2022/05/08 18:46:10 control: RegisterReq: got response; nodeKeyExpired=false, machineAuthorized=true; authURL=false
2022/05/08 18:46:10 active login: **MASKED**@github
2022/05/08 18:46:10 control: setPaused(true)
2022/05/08 18:46:10 control: mapRoutine: paused
2022/05/08 18:46:10 control: mapRoutine: awaiting unpause
2022/05/08 18:46:10 control: NetInfo: NetInfo{varies=false hairpin=false ipv6=true udp=true derp=#4 portmap= link=""}
2022/05/08 18:46:10 magicsock: endpoints changed: ** TRUNCATED **
2022/05/08 18:46:15 ipnserver: conn2: connection from userid 0; root has access
2022/05/08 18:46:15 EditPrefs: MaskedPrefs{WantRunning=true}
2022/05/08 18:46:15 active login: "**MASKED**" ([unexpected] corp#461, not "**MASKED**@github")
2022/05/08 18:46:15 transitioning to running; doing Login...
2022/05/08 18:46:15 control: client.Login(false, 0)
2022/05/08 18:46:15 control: setPaused(false)
2022/05/08 18:46:15 Switching ipn state Stopped -> Starting (WantRunning=true, nm=true)
2022/05/08 18:46:15 control: mapRoutine: unpaused
2022/05/08 18:46:15 control: doLogin(regen=false, hasUrl=false)
2022/05/08 18:46:15 control: RegisterReq: onode= node=[LZHWO] fup=false
2022/05/08 18:46:15 magicsock: SetPrivateKey called (init)
2022/05/08 18:46:15 magicsock: private key changed, reconnecting to home derp-4
2022/05/08 18:46:15 wgengine: Reconfig: configuring userspace wireguard config (with 0/2 peers)
2022/05/08 18:46:15 wgengine: Reconfig: configuring router
2022/05/08 18:46:15 wgengine: Reconfig: configuring DNS
2022/05/08 18:46:15 dns: Set: {DefaultResolvers:[] Routes:{**MASKED**.github.beta.tailscale.net.:[]}+65arpa SearchDomains:[**MASKED**.github.beta.tailscale.net.] Hosts:3}
2022/05/08 18:46:15 peerapi: serving on http://** MASKED **:34277
2022/05/08 18:46:15 peerapi: serving on http://** MASKED **:34277
2022/05/08 18:46:15 health("dns"): error: getting OS base config is not supported
2022/05/08 18:46:15 magicsock: adding connection to derp-4 for home-keep-alive
2022/05/08 18:46:15 magicsock: 1 active derp conns: derp-4=cr0s,wr0s
2022/05/08 18:46:15 health("dns-os"): error: getting OS base config is not supported
2022/05/08 18:46:15 Switching ipn state Starting -> Running (WantRunning=true, nm=true)
2022/05/08 18:46:15 control: controlclient: restarting map request for "dns" health change to new state: getting OS base config is not supported
2022/05/08 18:46:15 control: controlclient: restarting map request for "dns-os" health change to new state: getting OS base config is not supported
2022/05/08 18:46:15 derphttp.Client.Connect: connecting to derp-4 (fra)
2022/05/08 18:46:15 ipnserver: conn2: ReadMsg: read unix /var/run/tailscale/tailscaled.sock->@: read: connection reset by peer
2022/05/08 18:46:15 control: RegisterReq: got response; nodeKeyExpired=false, machineAuthorized=true; authURL=false
2022/05/08 18:46:15 magicsock: derp-4 connected; connGen=1

Exit Node and Adding subnets

Hello, I was just wondering how you would go about adding this device as a exit note and pushing routes if possible.

Thank you so much for making this script it worked first try out of the box and just simply worked.

Make `TAILSCALE_ROOT` in on-boot.sh firmware version agnostic

Currently, TAILSCALE_ROOT is hardcoded and wrong for firmware versions above 2.*.

tailscale-udm/package/on-boot.sh

Line 4 in f429756

TAILSCALE_ROOT="/mnt/data/tailscale"

This can easily be fixed by including the same snippet from manage.sh and install.sh:

tailscale-udm/install.sh

Lines 21 to 27 in f429756

OS_VERSION="${FW_VERSION:-$(ubnt-device-info firmware_detail | grep -oE '^[0-9]+')}"
if [ "$OS_VERSION" = '1' ]; then
export PACKAGE_ROOT="/mnt/data/tailscale"
else
export PACKAGE_ROOT="/data/tailscale"
fi

TAILSCALE_FLAGS unused in 2.x version

After upgrading from 1.x to 2.x, I had edited tailscale-env to add some additional options to be passed to tailscale up. However, it appears TAILSCALE_FLAGS is no longer used in unios_2.x.sh.

Error installing tailscale-install.timer -- file exists

Tried to re-install Tailscale on UDM SE but I always get an error installing the tailscale-install.timer. See:

root@Dream-Machine-Special-Edition:~# systemctl stop tailscaled
root@Dream-Machine-Special-Edition:~# rm -Rf /data/tailscale
root@Dream-Machine-Special-Edition:~# # Install the latest version of Tailscale UDM
curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Installing latest Tailscale package repository...
Updating package lists...
Hit:1 https://deb.debian.org/debian bullseye InRelease
Hit:2 https://deb.debian.org/debian bullseye-updates InRelease
Hit:3 https://security.debian.org/debian-security bullseye-security InRelease
Hit:4 https://deb.debian.org/debian bullseye-backports InRelease
Hit:5 https://apt.artifacts.ui.com bullseye InRelease
Get:6 https://pkgs.tailscale.com/stable/debian bullseye InRelease
Fetched 6566 B in 1s (6023 B/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
36 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 1.60.0...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
tailscale is already the newest version (1.60.0).
0 upgraded, 0 newly installed, 0 to remove and 36 not upgraded.
Configuring Tailscale port...
Configuring Tailscaled startup flags...
Restarting Tailscale daemon to detect new configuration...
Enabling Tailscale to start on boot...
Installing auto-update timer to ensure that Tailscale is kept installed and up to date.
ln: failed to create symbolic link '/etc/systemd/system/tailscale-install.timer': File exists

Using the instructions in the 2.5.2 update, seem results:

root@Dream-Machine-Special-Edition:~# systemctl disable tailscale-install.service
Removed /etc/systemd/system/multi-user.target.wants/tailscale-install.service.
Removed /etc/systemd/system/tailscale-install.service.
root@Dream-Machine-Special-Edition:~# /data/tailscale/manage.sh install!
Installing latest Tailscale package repository...
Updating package lists...
Hit:1 https://deb.debian.org/debian bullseye InRelease
Hit:2 https://deb.debian.org/debian bullseye-updates InRelease
Hit:3 https://security.debian.org/debian-security bullseye-security InRelease
Hit:4 https://deb.debian.org/debian bullseye-backports InRelease
Hit:5 https://apt.artifacts.ui.com bullseye InRelease
Get:6 https://pkgs.tailscale.com/stable/debian bullseye InRelease
Fetched 6566 B in 1s (6105 B/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
36 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 1.60.0...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
tailscale is already the newest version (1.60.0).
0 upgraded, 0 newly installed, 0 to remove and 36 not upgraded.
Configuring Tailscale port...
Configuring Tailscaled startup flags...
Restarting Tailscale daemon to detect new configuration...
Enabling Tailscale to start on boot...
Installing pre-start script to install Tailscale on firmware updates.
Created symlink /etc/systemd/system/multi-user.target.wants/tailscale-install.service → /data/tailscale/tailscale-install.service.
Installing auto-update timer to ensure that Tailscale is kept installed and up to date.
ln: failed to create symbolic link '/etc/systemd/system/tailscale-install.timer': File exists

I tried several reinstalling, removing tailscale and then install. Nothing seems to work. My hope was that this timer would fixed another issue I have. Tailscale stops working now and then. My suspicion is after an update. So, my hope was the 2.5.2 update would solve this :-)

Update Timer is not being packaged leading to error

I ran into this error while installing on a fresh UDM-SE, FW: 3.2.12
Failed to enable unit: Unit file tailscale-install.timer does not exist.

Full install Log

root@Home-UDM-SE:/data/on_boot.d# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Installing latest Tailscale package repository...
Updating package lists...
Hit:1 https://deb.debian.org/debian bullseye InRelease
Hit:2 https://deb.debian.org/debian bullseye-updates InRelease
Hit:3 https://deb.debian.org/debian bullseye-backports InRelease
Get:4 https://pkgs.tailscale.com/stable/debian bullseye InRelease
Hit:5 https://security.debian.org/debian-security bullseye-security InRelease
Hit:6 https://apt.artifacts.ui.com bullseye InRelease
Get:7 https://pkgs.tailscale.com/stable/debian bullseye/main all Packages [354 B]
Get:8 https://pkgs.tailscale.com/stable/debian bullseye/main arm64 Packages [9969 B]
Fetched 16.9 kB in 1s (13.2 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
37 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 1.62.0...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  tailscale-archive-keyring
The following NEW packages will be installed:
  tailscale tailscale-archive-keyring
0 upgraded, 2 newly installed, 0 to remove and 37 not upgraded.
Need to get 25.6 MB of archives.
After this operation, 48.3 MB of additional disk space will be used.
Get:2 https://pkgs.tailscale.com/stable/debian bullseye/main all tailscale-archive-keyring all 1.35.181 [3082 B]
Get:1 https://pkgs.tailscale.com/stable/debian bullseye/main arm64 tailscale arm64 1.62.0 [25.6 MB]
Fetched 25.6 MB in 1s (26.0 MB/s)
Selecting previously unselected package tailscale.
(Reading database ... 52830 files and directories currently installed.)
Preparing to unpack .../tailscale_1.62.0_arm64.deb ...
Unpacking tailscale (1.62.0) ...
Selecting previously unselected package tailscale-archive-keyring.
Preparing to unpack .../tailscale-archive-keyring_1.35.181_all.deb ...
Unpacking tailscale-archive-keyring (1.35.181) ...
Setting up tailscale-archive-keyring (1.35.181) ...
Setting up tailscale (1.62.0) ...
Created symlink /etc/systemd/system/multi-user.target.wants/tailscaled.service → /lib/systemd/system/tailscaled.service.
Configuring Tailscale port...
Configuring Tailscaled startup flags...
Restarting Tailscale daemon to detect new configuration...
Enabling Tailscale to start on boot...
Installing pre-start script to install Tailscale on firmware updates.
Created symlink /etc/systemd/system/multi-user.target.wants/tailscale-install.service → /data/tailscale/tailscale-install.service.
Installing auto-update timer to ensure that Tailscale is kept installed and up to date.
Failed to enable unit: Unit file tailscale-install.timer does not exist.

Looking in the tailscale directory the timer file does not exist that the symlink is trying to use.

root@Home-UDM-SE:/data/tailscale# ls
LICENSE  manage.sh*  tailscale-env  tailscale-install.service  tailscaled.state  unios_1.x.sh  unios_2.x.sh

Digging around in the repo I can see it is being ignored by the package script when building releases which is why this error is happening.

tailscale-udm/build/package.sh

Lines 9 to 16 in 429c1f8

echo "Preparing temporary build directory"
mkdir -p "${WORKDIR}/tailscale" "${WORKDIR}/on_boot.d"
cp "${SOURCE}/package/on-boot.sh" "${WORKDIR}/on_boot.d/10-tailscaled.sh"
cp "${SOURCE}/package/manage.sh" "${WORKDIR}/tailscale/manage.sh"
cp "${SOURCE}/package/unios_"*".sh" "${WORKDIR}/tailscale/"
cp "${SOURCE}/package/tailscale-env" "${WORKDIR}/tailscale/tailscale-env"
cp "${SOURCE}/package/tailscale-install.service" "${WORKDIR}/tailscale/tailscale-install.service"
cp "${SOURCE}/LICENSE" "${WORKDIR}/tailscale/LICENSE"

I am not sure if this is something that is required but if it does enable auto updating, that would be nice to have. Looks like everything is there for this to function, just a single file left out of the latest release, 2.5.3, and the release previous to that.

Exit Node selected but offline

Hi Sierra Softworks,

I installed the latest version of tailscale-udm and "status" and "netcheck" outputs are successful I connected
the UDM to an exit node but I received the following exit-node output lis status. It appears my UDM is not able to
connect to my VPS although I am able to ping the between the UDM and VPS and a client device.

tailscale -- exit-node list

100.76.xx.xx xxx.tailee24b.ts.net - - -
100.91.x.xxx xxx.tailee24b.ts.net - - selected but offline

Current configuration:

tailscale up --exit-node=100.9.x.xxx --exit-node-allow-lan-access=true --advertise-routes=192.168.x.0/24,192.168.x.0/24,192.168.x.0/24 --ssh

Any assistance is greatly appreciated.

Trouble installing

Whenever I attempt to run the install script as listed I get the error:

"curl: (7) Failed to connect to gihub.com port 443: Connection refused"

Any help would be appreciated.

reinstall fails due to modified `/etc/default/tailscaled`

Steps to reproduce

  1. install tailscale using the instructions
  2. somehow uninstall tailscale (in my case, #38)
  3. rerun the install script curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh

Expected result

  • tailscale installs ok

Actual result

  • error during install

    Downloading Tailscale 1.34.2...
Installing Tailscale 1.34.2...
(Reading database ... 40007 files and directories currently installed.)
Preparing to unpack .../tmp.mnbpOhz2H8/tailscale.deb ...
Unpacking tailscale (1.34.2) over (1.34.2) ...
Setting up tailscale (1.34.2) ...

Configuration file '/etc/default/tailscaled'
 ==> File on system created by you or by a script.
 ==> File also in package provided by package maintainer.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : start a shell to examine the situation
 The default action is to keep your current version.
*** tailscaled (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing package tailscale (--install):
 end of file on stdin at conffile prompt
Errors were encountered while processing:
 tailscale
Failed to install Tailscale v1.34.2 from /tmp/tmp.mnbpOhz2H8/tailscale.deb
Please make sure that you're using a valid version number and try again.

Notes

  • I tried running it with DEBIAN_FRONTEND=noninteractive, but the same thing happened 
    curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | DEBIAN_FRONTEND=noninteractive sh

Workaround

  • delete /etc/default/tailscaled and try again 
    rm /etc/default/tailscaled && curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh

Exit Node Issue

Hi Sierra Softworks,

I have a VPS with Vultr on Debian 11 runningTailscale and Bird 1.6.8, installed and the VPS acts as the exit node for my mesh network. I installed your script on my UDM and added the command "sudo tailscale up --exit-node= --exit-node-allow-lan-access=true" to route traffic from the VPS to the UDM but the UDM is not acquiring the IP address of the VPS as my other devices within the mesh are able to connect to the UDM. The goal is for my VPS to advertise a BGP and IPv6 /48 addressing to the UDM.

Please advise.

While on Dream Machine Pro, cannot ping or resolve other tailnet devices

However, tailscale ping hostname works.

I've read everything on the internet but I don't quite understand what is needed to get the UDM Pro able to resolve tailnet hosts and ping them.

The ideal goal: other devices on my lan (without having tailscale installed) can resolve any tailnet host, through the dream machine.

What am I doing wrong?

Questions about upgrading to newer versions

Hi there,

  1. version 1. 12.3 is quite old, currently 1.18.2 is the up-to-date version so I was wondering whether you need to do something to get a newer version or if we are simply waiting for tailscale to release a newer arm64 version?
  2. your upgrade instructions are to run: /mnt/data/tailscale/upgrade.sh 1.12.3
  3. that doesn't work for me as the script is not executable.
# ls -al /mnt/data/tailscale/upgrade.sh
-rw-r--r--    1 root     root           744 Dec 30 17:29 /mnt/data/tailscale/upgrade.sh
  1. why do you have to add 1.12.3 to the end of that command, to me it looks like the version is hard-coded in the upgrade script anyway.
  2. how do we upgrade to newer version and how to know when there is a new release available?

###edit###
addressing my own points from #3 #4 and #5
I manually checked and found a newer version available: https://pkgs.tailscale.com/stable/tailscale_1.18.2_arm64.tgz

after making the upgrade script executable:
chmod 744 /mnt/data/tailscale/upgrade.sh

I installed it successfully:
/mnt/data/tailscale/upgrade.sh 1.18.2

Kernel mode networking allows subnet routing to other machines on the local network

There a few small tweaks that can be made to allow routing to/from other machines on the local network and account for multiple WAN links failing over.

  1. Modify /etc/default/tailscaled by adding a socket and removing the userspace-networking.
FLAGS="--port 41641 --socket /var/run/tailscale/tailscaled.sock --state /data/tailscale/tailscaled.state"
  1. Add local networks to tailscale's routing table (table 52) to avoid traffic being wrongly sent over the tailscale0 interface.
ROUTES_TO_ADD=$( ip route | grep "dev br" )
echo "${ROUTES_TO_ADD}" | while read -r route; do /sbin/ip route add ${route} table 52; done
  1. Use a script similar to this one that ensures tailscale packets go out of the right WAN interface in the case that multiple WAN links are present: tailscale/tailscale#4038 (comment)
#!/bin/sh

RULE_PRIORITY="5225"
SLEEP_INTERVAL="0.25"
TABLE=-1

getDefaultRouteTable() {
    /sbin/ip rule list priority 32766 | cut -d " " -f 4
}

updateTailscaleMarkingRule() {
    #if default route table changed then update ip rules accordingly
    if [ ! $TABLE -eq $1 ] && [ $1 -gt 0 ]
    then
            /sbin/ip rule del priority $RULE_PRIORITY
            /sbin/ip rule add priority $RULE_PRIORITY from all fwmark 0x80000 lookup $1

            TABLE=$1
    fi
}

until false; do
    updateTailscaleMarkingRule $(getDefaultRouteTable)
    
    sleep $SLEEP_INTERVAL
done
  1. Add routes and exit nodes as necessary.
tailscale up --advertise-exit-node --advertise-routes="192.168.0.0/24,192.168.1.0/24" --snat-subnet-routes=false --accept-routes --reset

IPv6 curl not working

Hi there,

For some reason despite working IPv6 on my network, and being able to ping6 from the UDM-PRO, unless I append --ipv4 to all of the curl requests in the script they hang indefinitely. I'm reluctant to do this bypass without understanding why v6 seems to be stuck. Has anyone else been able to run this script on a network with v4 and v6?

unable to run tailscale up command

What is the issue + steps to reproduce?

  1. ran curl/install command
  2. verified tailscale was installed
  3. try and run tailscale up command
  4. command never returns and just hangs

versions

  • UDM-pro: v3.2.12

Educated guess as to why this is happening

  1. I am using headscale
  2. the headscale control node sitting behind a reverse proxy behind the udm router @ https://headscale.EXAMPLE.com
  3. since the router has the same ip as the headscale login-server i dont think its correctly hairpinning to get forwarded to the reverse proxy

doing a traceroute to the login-server shows 1 hop including the public ip of the router itself.

Failed to configure Tailscale to use userspace networking

Hey @notheotherben

I've got another tricky situation that you need to look into.

The installer script fails to configure Tailscale to use the userspace networking as an error occurs using sed to edit the state file.

It's on a UDM-SE running the 3.0.16 RC

Configuring Tailscale to use userspace networking...
sed: -e expression #1, char 28: unknown option to `s'
Failed to configure Tailscale to use userspace networking
Check that the file /etc/default/tailscaled exists and contains the line FLAGS="--state /data/tailscale/tailscale.state --tun userspace-networking".

root@Redwood:~# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Installing Tailscale package repository...
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
# Tailscale packages for debian bullseye
deb https://pkgs.tailscale.com/stable/debian bullseye main
Updating package lists...
Hit:1 http://deb.debian.org/debian bullseye InRelease
Hit:2 http://deb.debian.org/debian bullseye-updates InRelease
Hit:3 http://deb.debian.org/debian bullseye-backports InRelease
Hit:4 http://security.debian.org/debian-security bullseye-security InRelease
Hit:5 https://apt-release-candidate.artifacts.ui.com bullseye InRelease                                              
Hit:6 https://apt.artifacts.ui.com bullseye InRelease                                                                
Get:7 https://pkgs.tailscale.com/stable/debian bullseye InRelease   
Hit:8 https://repo.nextdns.io/deb stable InRelease
Fetched 6016 B in 3s (1786 B/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
25 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 1.36.1...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  tailscale
0 upgraded, 1 newly installed, 0 to remove and 25 not upgraded.
Need to get 21.0 MB of archives.
After this operation, 39.9 MB of additional disk space will be used.
Get:1 https://pkgs.tailscale.com/stable/debian bullseye/main arm64 tailscale arm64 1.36.1 [21.0 MB]
Fetched 21.0 MB in 3s (6897 kB/s)    
Selecting previously unselected package tailscale.
(Reading database ... 47000 files and directories currently installed.)
Preparing to unpack .../tailscale_1.36.1_arm64.deb ...
Unpacking tailscale (1.36.1) ...
Setting up tailscale (1.36.1) ...
Configuring Tailscale to use userspace networking...
sed: -e expression #1, char 28: unknown option to `s'
Failed to configure Tailscale to use userspace networking
Check that the file /etc/default/tailscaled exists and contains the line FLAGS="--state /data/tailscale/tailscale.state --tun userspace-networking".

Incorrect readme

Can I route traffic from machines on my local network to Tailscale endpoints automatically?
Currently we are not aware of any supported means of achieving this. Tailscale's subnet routing is intended for Tailscale-to-subnet connections and doesn't provide explicit support for subnet-to-Tailscale connections.

image

Each device automatically gets a routable (over Tailscale) IP. So my guess is that if you have a device in your local network and you want to connect to a device on the tailscale network, this packet will reach your UDM, and the UDM (connected to Tailscale) will know the route to this 100.64.0.0/10 network, which won't be reachable over the regular internet. Because they use this specific range, this route can easily be added to the UDM routing table (if that did not happen automatically when you connected to the tailscale network).

See this page for details.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.