I have the following docker compose setup in a Raspberry Pi 4 and an Ubuntu machine:
tailscale:
image: tailscale/tailscale:v1.72.1
container_name: tailscale
restart: always
network_mode: host
hostname: server-1 # This will become the tailscale device name
volumes:
- ../volumes/tailscale/lib:/var/lib
- /dev/net/tun:/dev/net/tun
cap_add:
- net_admin
- net_raw
environment:
- TS_EXTRA_ARGS=--advertise-exit-node=false --accept-routes=true
#- TS_USERSPACE=false # To allow other processes on the server to access devices through Tailscale IPs. See: https://registry.hub.docker.com/r/tailscale/tailscale/
- TS_STATE_DIR=/var/lib/tailscale # Make sure this node is not ephemeral by forcing the state to be saved to disk instead of memory. See: https://github.com/tailscale/tailscale/issues/4913
It works perfectly for incoming connections in both cases. But the moment I uncomment “TS_USERSPACE=false”, i.e. when I turn kernel networking on, my Ubuntu machine loses connection. Meaning, ping 100.40.xxx.xxx (tailscale IP of Ubuntu machine) works but ping 10.22.33.xxx (local IP of Ubuntu machine) times out. Furthermore, on the Raspberry Pi 4, kernel networking works without issues.
What am I doing wrong?