I have Tailscale configured with two macOS machines; the target machine is configured with subnet routes. I can see the route(s) in netstat -rn on the client machines with the correct Tailscale interface. When I connect to an IP in the routed subnet from the client machine, the traffic is correctly relayed to the target machine, but is not forwarded onto the actual IP address.
The actual IP address routes to another interface, and there are routing rules that exist for it on the target machine.
# example target machine 100.101.81.81
tailscale up --accept-dns=false --advertise-exit-node --advertise-routes=10.10.0.108/32
# example client machine
ssh 10.10.0.108 # terminates on 100.101.81.81 and never forwards to 10.10.0.108
Am I missing something? Is there an IP forwarding configuration I need to complete? I attempted to configure port forwarding and/or adding routes with no success.
sysctl -w net.inet.ip.forwarding=1
sudo route add -host 10.10.0.108 -interface utun0
Possibly related - userspace-netstack-mode - not sure about how this works with macOS.