Any better solution than two separate subrouters for private network of devices mixed with custom routing and non-custom routing for --snat-subnet-routes

Scenario is a service consisting of a private switch with multiple devices.
Servers are devices where /etc/sysconfig/network-scripts/route-{ethernet} can me modified for custom routing.
While some are devices like IPMI/BMC remote management where the user has no custom routing available.

In such case if we wish to use --snat-subnet-routes=false option with servers and appropriate route file, it is incompatible with the other devices that do not have custom routing available.

In this case our solution is to run two instances of subnet tailscale routers
one with --snat-subnet-routes=false for the servers with custom routing possible
and one with --snat-subnet-routes=true for the servers without custom routing possible

Is there a better way? We wish to combine into one tailscale subnet router

I can’t immediately think of a better way to do this. --snat-subnet-routes=true is the default because it allows connectivity without needing routes to be added to all of the endstations.

If you have some endstations where routes can be added to some but not others, I think you need to have both options running.

One thing you might be able to do is run two subnet routes in userspace-networking mode:

  tailscaled --tun=userspace-networking --port 41641 \
     -socket=/var/run/tailscale/tailscaled.sock1

  tailscaled --tun=userspace-networking --port 41642 \
       -socket=/var/run/tailscale/tailscaled.sock2

This would allow both to run on a single system.

The tailscale up command would need to use a -socket argument as well, to communicate with one tailscaled or the other.

I’m not entirely sure how well this would work, and would require experimentation.