Tailscale version 1.22.1
Perhaps I am misunderstanding what the documentation references as ‘exit nodes use default routes under the hood’, but I have a setup whereby I’d like to use a linux host as an exit-node. Upstream from it (towards the internet) its gateway knows about another network. However, unless I explicitly call out that network in tailscale as a shared network.
Tailscale exit-node: 172.16.0.2/24
exit-node next hop: 172.16.0.1/24
network known to the next hop (this is a layer 3 switch with other networks homed on it): 172.18.1.0/24
From my perspective, if I were to log into the tailscale host at 172.16.0.2 as an exit-node I should be able to reach 172.18.1.0/24 as it’s upstream from that host. However, I am only able to reach that network if I explicitly add a --advertise-routes=172.18.1.0/24 flag to the tailscale up command on the exit-node. Can anyone help with what I’m missing here? Is this a misunderstanding on my part of how default routes work or is there something going on under the hood in tailscale to block access to non-explicitly-defined private networks or the like?