Hello,
Scenario: Site to Site VPN test
Site A: two redundant subnet router using tailscale
Site B: two redundant subnet router using tailscale
In the above scenario:
In Site A
We noticed if we use tailscale on servers with separate public and private ethernet ports
and setup as --advertise-routes
and then setup two subnet routers, the subnet router that is not active will route its private traffic to Site A through tailscale and not through the private LAN, although traffic to Site B will work properly
What is needed:
In the above case the subnet router in Site A needs to only accept routes for Site B and not for Site A
In the above case the subnet router in Site B needs to only accept routes for Site A and not for Site B
This would make private traffic on Site A to Site A stay on Site A private network and not route through tailscale
This would make private traffic on Site B to Site B stay on Site B private network and not route through tailscale
Is this possible?
Without this feature tailscale will require dedicated devices for running the subnet routers which is a waste of our resources.