The “How NAT traversal works” blog post section on CGNAT is not clear to me with regard to the IP addresses being used in the examples.
-
the first diagram (https://tailscale.com/blog/how-nat-traversal-works/nat-cgnat-1.png) shows the two home gateways as 2.2.2.2 and 2.2.2.3, within a fictitious CGNAT ISP’s network. A-ok.
-
the second diagram (https://tailscale.com/blog/how-nat-traversal-works/nat-cgnat-2.png) for some reason replaces the second home gateway address with 3.3.3.3 (guessing this is still meant to be 2.2.2.3)
-
the text is where the real problems are: " Both peers are behind the same CGNAT, so let’s say that STUN tells us that peer A is
2.2.2.2:1234, and peer B is2.2.2.2:5678" - why would both peers (separate ISP home gateways) have the same IP?
I’m guessing this part of the document was previously discussing the challenge of having two TS nodes behind the same home gateway, and the example was changed to use two separate sites for clarity. Except it’s not clear 
PS: the TS forum should allow links to tailscale . com without limit, even for new members