Tailscale on OpenWRT... have some questions

I feel that documentation on using tailscale natively on an OpenWRT router is pretty lacking, looks like there is an openwrt package that can now be installed via ‘opkg’ is this the “recommended” solution by the tailscale team?

If the openwrt package is official, could we get some documentation?

I think having tailscale run on openwrt is a great idea, as long as I can get control or management at the openwrt-level on which networks or devices it can reach, for example put tailscale into an interface that is bound to a firewall zone, that firewall zone only allows forwarding to specific vlans - meaning tailscale would not be able to reach hosts on “lan” but no issues with eth0.666 (vlan666) does this make sense?

This may be a roundabout way of asking can we get clarity on OpenWRT setup and using openwrt interface + firewall rules + zones and how it all ties together?

OpenWRT is not a directly supported platform by Tailscale. We try to help whenever asked, but the OpenWRT packages you may find were created by individuals.

Regarding the specific question about VLANs I’m not sure I understand it well enough to comment, but would like to point out one thing: tailscale up --snat-subnet-routes=false on a subnet router says to not source-NAT IP packets from the Tailnet, as shown here:

snat720×540 32 KB

For adding iptables rules to be applied within the OpenWRT forwarding path, it may be helpful to be able to apply them to the 100.x.y.z addresses.