We’re trying to create Tailscale relays in multiple aws accounts, sharing the same configuration (ie. terraform deployed) and the routing doesn’t seem to work.
-
our VPCs all are in the
10.0.0.0/16range , and tailscale advertises the same cidr block. -
I can verify that my local machine can ping the tailscale node
-
ssh’ing into the tailscale node, I can verify that the node can route to another EC2 instance without a public IP in a private subnet, using
pingBUT usingtailscale pingit returnsno matching peer -
And, obviously, ssh’ing from my local machine to the EC2 instance in a private subnet consistently yield a timeout.
ubuntu@ip:~$ ping 10.0.xx.xxx
PING 10.0.xx.xxx (10.0.xx.xxx) 56(84) bytes of data.
64 bytes from 10.0.xx.xxx: icmp_seq=1 ttl=64 time=0.671 ms
64 bytes from 10.0.xx.xxx: icmp_seq=2 ttl=64 time=1.04 ms
64 bytes from 10.0.xx.xxx: icmp_seq=3 ttl=64 time=0.643 ms
64 bytes from 10.0.xx.xxx: icmp_seq=4 ttl=64 time=0.665 ms
64 bytes from 10.0.xx.xxx: icmp_seq=5 ttl=64 time=0.678 ms
^C
--- 10.0.xx.xxx ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 0.643/0.739/1.041/0.154 ms
ubuntu@ip-10-0-11-30:~$ tailscale ping 10.0.xx.xxx
no matching peer
Tailscale is started with the following flags:
sudo tailscale up --advertise-routes=10.0.0.0/16 --authkey=tskey-xxxxxxxxxxxx-xxxxxxxxxxxxx
Any help would be greatly appreciated!
PS. For completeness, we contacted support about 2 weeks ago to have the domain attached to our tailscale network changed