fly-tailscale-exit icon indicating copy to clipboard operation
fly-tailscale-exit copied to clipboard

Published 20 hours ago verified publisher icon patte

Remove incorrect ephemeral key assumption

Open kotx opened this issue 1 year ago • 3 comments

In the README:

A ephemeral key would be better for our use case, but it's restricted to IPv6 only by tailscale, which doesn't work so well as a VPN exit node.

AFAIK the Tailscale IP is IPv6, but is still accessible from IPv4 addresses from the node's public IPv4. (the underlying transport uses v4/v6 independently of the Tailscale IP.)

kotx avatar Aug 26 '23 21:08 kotx

@kotx I couldn't make it work with an ephemeral key when I tested it (a long time ago). Could you successfully use an exit node with an ephemeral key to establish connections to a public, ipv4-only endpoint?

patte avatar Dec 22 '23 19:12 patte

@kotx I couldn't make it work with an ephemeral key when I tested it (a long time ago). Could you successfully use an exit node with an ephemeral key to establish connections to a public, ipv4-only endpoint?

I was able to, but can't check anymore since ephemeral keys seem to support IPv4 Tailscale addresses now!

kotx avatar Dec 22 '23 23:12 kotx

Oh interesting! I’ll test and if it works adapt the readme! Thanks again 🙏

patte avatar Dec 22 '23 23:12 patte