We’re trying to create Tailscale relays in multiple aws accounts, sharing the same configuration (ie. terraform deployed) and the routing doesn’t seem to work.
our VPCs all are in the
10.0.0.0/16range , and tailscale advertises the same cidr block.
I can verify that my local machine can ping the tailscale node
ssh’ing into the tailscale node, I can verify that the node can route to another EC2 instance without a public IP in a private subnet, using
tailscale pingit returns
no matching peer
And, obviously, ssh’ing from my local machine to the EC2 instance in a private subnet consistently yield a timeout.
ubuntu@ip:~$ ping 10.0.xx.xxx PING 10.0.xx.xxx (10.0.xx.xxx) 56(84) bytes of data. 64 bytes from 10.0.xx.xxx: icmp_seq=1 ttl=64 time=0.671 ms 64 bytes from 10.0.xx.xxx: icmp_seq=2 ttl=64 time=1.04 ms 64 bytes from 10.0.xx.xxx: icmp_seq=3 ttl=64 time=0.643 ms 64 bytes from 10.0.xx.xxx: icmp_seq=4 ttl=64 time=0.665 ms 64 bytes from 10.0.xx.xxx: icmp_seq=5 ttl=64 time=0.678 ms ^C --- 10.0.xx.xxx ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4000ms rtt min/avg/max/mdev = 0.643/0.739/1.041/0.154 ms ubuntu@ip-10-0-11-30:~$ tailscale ping 10.0.xx.xxx no matching peer
Tailscale is started with the following flags:
sudo tailscale up --advertise-routes=10.0.0.0/16 --authkey=tskey-xxxxxxxxxxxx-xxxxxxxxxxxxx
Any help would be greatly appreciated!
PS. For completeness, we contacted support about 2 weeks ago to have the domain attached to our tailscale network changed