This is my network, I install tailscale on Windows and Ubuntu, config subnet route on ubuntu.
I folllow the document .
when i try to ping from 192.168.18.X to 192.168.0.106,it success,but failure for other machine.(such as ping 192.168.0.107 )
I had disable ufw and config iptables like this
iptables -A FORWARD -i tailscale0 -j ACCEPT
iptables -t nat -A POSTROUTING -o wlp3s0 -j MASQUERADE
it not work.
Should i try to continue config ip forward masquerade ? or other solution?
your other machines are in the same subnet as your ubuntu, they should find themselves without additional ip tables.
did you approve the routes in the Tailscale admin web console?
or
is tailscale running in a container on the ubuntu machine?
on my setup I can reach the other machines via e.g. their web interfaces, but cannot ping them, for some reasons.
Also, if it matters, Windows firewall will block ping by default. So if you are trying to ping a Windows machine, it will fail unless you explicitly allow it.
Thanks for replying. I’m sorry to splice photo because i only can add 1 media in a reply.
I follow the document and step by step,include
Step 1: Install the Tailscale client
Step 2: Connect to Tailscale as a subnet router
Step 3: Enable subnet routes from the admin console
Step 4: Add ACL rules for the advertised subnet routes
Here is my admin console config. I approve route setting and check ACL rules.(Photo 1& Photo2)
I also try to access a web server on other machine such as (http://192.168.0.107:5000),it failed.
Use tcpdump the output is photo3,No ack reply.
did you follow the Linux instructions in step 1 from here: Subnet routers and traffic relay nodes · Tailscale?
for Ubuntu 22, I used:
echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf
sudo sysctl -p /etc/sysctl.d/99-tailscale.conf
yes,i set it. But ubuntu not install firewall,i guess it need other command
I did not do anything else. I looked through my bash history, and I only did:
echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf
I did nothing with UFW.
The only other command I did was:
sudo tailscale up --accept-routes --advertise-routes=10.1.0.0/16,10.2.0.0/16,10.4.0.0/16,10.0.254.0/24,10.254.254.0/24
Thank’s for your help.
I give up to solve the problem.
But it was solved by reinstall ubuntu.
I’m using docker to run a mysql server,but it failed to run docker compose.Github issues
docker-compose No such file or directory remind me that docker snap has some problem.
So i reinstall my ubuntu server.
Here are some differences:
I close the luks
I give up to preinstall docker when install ubuntu
When these finished,I install docker manually and reinstall tailscale.
This time it works.
Otherwise tailscale upgrade from 1.36.1 to 1.36.2