Two nodes use a relay unexpectedly

I have a tailscale installed on two nodes (with default configurations). One node has a private address (10.x.x.x) on a college network. The other node has a private address (192.168.x.x) on a home network. The two nodes cannot create a direct connection and are forced to use a DERP relay. I’d like to be able to debug this, if possible, but I’m not sure how to do that.

Using the terminology of How NAT traversal works · Tailscale, I’m not sure if the two NATs are hard NATs or easy NATs (or indeed if there are multiple layers of NAT at the College network).

My home router supports UPnP and it is enabled (I don’t know if this also enables NAT-PMP or PCP as “many devices come with a single “UPnP” checkbox that actually toggles UPnP, NAT-PMP and PCP all at once” according to the NAT traversal blog post).

Using Wireshark during tailscale ping, I can see UDP packets being sent from my home node (192.168.x.x) to the private IP address of the college node (10.x.x.x) as well as to the college node’s public IP address as reported by curl -4 icanhazip.com. I don’t see any UDP packets coming from the college node’s public IP address.

Similarly, using Wireshark from the college node, I can see UDP packets being sent to my home node’s private and public IP addresses but no UDP packets coming from my home node’s public IP address.

How can I debug what’s causing this failure to make a direct connection?

$ tailscale version
1.36.0
tailscale commit: 96f6580381ac0c01122e77cff79f01baa678d6a4
other commit: 49bd4454362e6e52fe8c86ad51b3734dd83d764c
go version: go1.19.4-tsdc0ce6324d

Home node:
$ sw_vers
ProductName: macOS
ProductVersion: 13.0.1
BuildVersion: 22A400

College node:
$ sw_vers
ProductName: Mac OS X
ProductVersion: 10.14.6
BuildVersion: 18G9323