On my network monitoring I’m seeing a Tailscale host occasionally sending traffic to 203.0.113.1 which is part of the TEST-NET-3 reserved subnet (203.0.113.0/24). It’s not part of any configuration I have so I’m not clear on why Tailscale/WireGuard would be doing this.
Has anyone else seen this same thing, or have any thoughts on why it might be happening?
Thanks!
That happens here: tailscale/netcheck.go at 7b9f02fcb1ae016965ba519a1ec5d3ded4ba23b9 · tailscale/tailscale · GitHub
It is an accommodation for certain residential gateways, notably Apple Airport Extreme. As you note, the 203.0.113.1 packet doesn’t actually get delivered anywhere it just convinces Airport Extreme to subsequently deliver the UDP frames within the LAN.
The packet contents contain a description of the issue.
Fantastic, thank you so much for this information! I’m off to go add a monitoring rule exception… 