Unable to ping or ssh into machine

Tailscale Version:

➜ tailscale --version
1.24.2
  go version: go1.18.2

Operating System: Nixos 22.05

I installed tailscale on two machines on my local network to test it out. Initially everything worked perfectly and I was able to SSH into the second machine via the tailscale ip address.

After rebooting the second machine I am no longer able to ssh in or ping it. tailscale status and the tailscale web dashboard shows both machines as connected to the mesh. tailscale ping ... succeeds.

I have UDP port 41641 open on both machines.

➜ tailscale status                
100.77.6.94     nightshade           solomon-b@   linux   -
100.124.98.31   pixel-4a-5g          solomon-b@   android -
100.80.98.4     sower                solomon-b@   linux   active; direct 192.168.0.3:41641, tx 2200 rx 404

➜ tailscale bugreport                  
BUG-7a7d86fa0d84ade56a0552cb2888cc55bf7d4e5cec4058e6823207e3d456d0ed-20220607042033Z-b23262653810be61

Hi @solomon ! Hm, can you try forcing re-authentication to Tailscale on ‘sower’ and see if that fixes things? I can see ‘nightshade’ authenticated to Tailscale right now but I don’t see ‘sower’, and if that device is waiting for re-authentication that can cause pings and ssh to fail.

tailscale up --force-reauth

—
One more thing for clarity, I see you wrote this:

After rebooting the second machine I am no longer able to ssh in or ping it.

And soon after, wrote this:

tailscale ping ... succeeds.

What ping succeeds here? Is it from ‘sower’ → ‘nightshade’?

Hi Keli,

The successful tailscale ping was from nightshade to sower.

I ended up resolving the issue. I had forgotten that I had a wireguard tunnel open on sower. The ip rules were getting messed up when my wireguard and tailscaled services were launched. Removing the wireguard tunnel fixed tailscale.

I was then able to run both my wireguard tunnel and the tailscale mesh by modifying my tailscale systemd service to start after my wg-quick service.