Need guidance: Best way to connect two devices in specific scenario

Tailscale version: 1.32
Your operating system & version: Linux (Raspberry pi)

Hello team:

I have a scenario, as shown in the figure below:

I have setup two raspberry pi: D1 in USA and D2 in India. These are running tailscale v1.32 and are there so that the device D3 can use D2 as exit node. Tailscale cannot be installed directly to D3, hence I have utilized D1. Basically, D1 uses D2 as exit node, and also broadcasts wifi so that D3 connects to it. D3 needs to have the ip of the D2 to activate and operate.
Looking into the tailscale status at D2: shows that the DERP relay used is ‘blr’ where as for D1 it is ‘dal’.
The router that is on India doesn’t allow to open the port, in fact we do not have access to the router, ISP manages it, cannot do anything about it. However, the UDM pro at USA location is fully accessible and have already disabled the P2P in threat management.

So my question to all:

  1. Is there a possibility to have a direct connection between D1 and D2 in my case? Using DERP relay is very slow, max I am getting is about 2 Mbps up and down.
  2. Is there a better way to implement tailscale, so that D3 can have public ip of D2?
  3. Will installing direct wireguard help in my case? I am thinking to host a wireguard server in USA, and D2 will connect to wireguard server. In that case it should be a direct connection. I can also have D1, and D3 in the same wireguard network. The thing I am not sure is how to make D3 traffic go through D2 or if it is even possible. Can the traffic in wireguard go through clients instead of server?

Your insights will be really helpful.

Thank you,