headscale icon indicating copy to clipboard operation
headscale copied to clipboard
verified publisher icon juanfont

no public network Endpoints

Open gaocheng001 opened this issue 1 year ago • 6 comments

Bug description

no public network Endpoints I have configured port forwarding for a Tailscale client with the IP address 10.20.1.20 on my server with the public IP address 223.22.22.1. However, when attempting to ping the Tailscale client from within the same subnet (10.20.1.0/24), the traffic is routed through the Tailscale relay server instead of using the port forwarding configuration.

Environment

  • OS: Ubuntu Ubuntu 23.10
  • Headscale version: v0.23.0-alpha5
  • Tailscale version: 1.60.1

To Reproduce

  1. Set up port forwarding for Tailscale client 10.20.1.20 on server with public IP 223.22.22.1.
  2. From another device within the same subnet (10.20.1.0/24), ping Tailscale client 10.20.1.20.

Logs and attachments

I have attached the following files:

  • ACL configuration
  • Headscale configuration

Additionally, here is the netmap dump of the Tailscale client:

tailscale debug netmap > tailscale_netmap.json

Please let me know if any further information is needed.

gaocheng001 avatar Apr 07 '24 07:04 gaocheng001

tailscale_netmap.json

gaocheng001 avatar Apr 07 '24 07:04 gaocheng001

./Tailscale ping 100.64.0.10
pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 24ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 45ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 46ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 57ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 37ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 47ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 43ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 48ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 48ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 46ms 2024/04/07 15:12:42 direct connection not established

gaocheng001 avatar Apr 07 '24 07:04 gaocheng001

This is issue is really hard to reproduce, as port-forwarding could be achieved in several different ways.

The only hint I can think out is that, somehow the connection couldn't be established directly toward the server. Therefore, it was falling back to DERP. This is probably a setup issue and not a bug in headscale.

ohdearaugustin avatar May 18 '24 17:05 ohdearaugustin

I Have Same Issue.

I have 2 machines on Oracle Cloud Infrastructure.

one machine is connected to tailscale. The other one is connected to headscale.

tailscale netmap said something wrong. The endpoints of the machines connected to tailscale are as follows

			"Endpoints": [
				"168.138.32.189:41641",
				"[2603:c023:8:d312::d03]:41641",
				"10.123.12.3:41641",
				"172.17.0.1:41641",
				"172.23.255.1:41641",
				"172.24.0.1:41641"
			],

On the other hand, the endpoints on the machine connected to headscale look like this

		"Endpoints": [
			"10.123.12.12:41641"
		],

How to set Endpoints as public?

colaH16 avatar Jun 11 '24 14:06 colaH16

This issue is stale because it has been open for 90 days with no activity.

github-actions[bot] avatar Sep 10 '24 01:09 github-actions[bot]

Please try the latest beta.

kradalby avatar Sep 10 '24 06:09 kradalby