Current log shows a lot of disconnections happening, whats going on?

[borgqueenx]

I have hidden the below 100.xxxxxx ip addresses of my tailscale ip, local ip's dont matter and i do not recognise the others. I have the feeling since i am using a proxy and have ssl enabled (and changed standard port 8123 to 443) that things are slower, so i dived into the logs and see a lot of seemingly problems. Tailscale itself seems to run, i can access home assistant through the local ip with http and through the domain with https. Maybe it is constantly disconnecting from the direct connection and using the relays? How can i make the connection more stable?

Appriciate the help, if there's nothing configurable and to be done in home assistant configuration, feel free to close this issue and point me towards tailscale's support.

2024/02/26 16:55:44 magicsock: adding connection to derp-14 for [H0maX] 2024/02/26 16:55:44 magicsock: 2 active derp conns: derp-14=cr0s,wr0s derp-18=cr4m0s,wr3m0s 2024/02/26 16:55:44 derphttp.Client.Send: connecting to derp-14 (ams) 2024/02/26 16:55:45 magicsock: derp-14 connected; connGen=1 2024/02/26 16:55:50 proxy connection closed with error: writeto tcp 192.168.1.184:44356->52.113.194.133:443: read tcp 192.168.1.184:44356->52.113.194.133:443: read: connection reset by peer 2024/02/26 16:55:52 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (20 dropped) 2024/02/26 16:55:52 netstack: could not connect to local server at [2a00:1450:400e:805::2004]:443: dial tcp [2a00:1450:400e:805::2004]:443: connect: network is unreachable 2024/02/26 16:55:52 netstack: could not connect to local server at [2a00:1450:400e:805::2004]:443: dial tcp [2a00:1450:400e:805::2004]:443: connect: network is unreachable 2024/02/26 16:55:52 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 16:55:54 Accept: TCP{:45610 > 192.168.1.184:443} 52 tcp non-syn 2024/02/26 16:55:54 netstack: UDP session between 0.0.0.0:61465 and 172.64.148.47:443 timed out 2024/02/26 16:55:55 netstack: UDP session between 0.0.0.0:52705 and 104.18.36.122:443 timed out 2024/02/26 16:55:55 netstack: UDP session between 0.0.0.0:49286 and 104.18.36.122:443 timed out 2024/02/26 16:55:55 [RATELIMIT] format("netstack: UDP session between %s and %s timed out") 2024/02/26 16:55:57 proxy connection closed with error: writeto tcp 192.168.1.184:44584->13.107.3.128:443: read tcp 192.168.1.184:44584->13.107.3.128:443: read: connection reset by peer 2024/02/26 16:56:04 Accept: TCP{:26726 > :443} 40 tcp non-syn 2024/02/26 16:56:13 [RATELIMIT] format("netstack: UDP session between %s and %s timed out") (2 dropped) 2024/02/26 16:56:13 netstack: UDP session between 0.0.0.0:52921 and 142.251.143.35:443 timed out 2024/02/26 16:56:14 Accept: TCP{:26726 > :443} 40 tcp non-syn 2024/02/26 16:56:14 netstack: UDP session between 0.0.0.0:64718 and 35.186.224.25:443 timed out 2024/02/26 16:56:15 netstack: UDP session between 0.0.0.0:62592 and 162.159.128.233:443 timed out 2024/02/26 16:56:16 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (12 dropped) 2024/02/26 16:56:16 netstack: could not connect to local server at [2600:1901:1:292::]:443: dial tcp [2600:1901:1:292::]:443: connect: network is unreachable 2024/02/26 16:56:18 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:56:19 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:56:19 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:56:19 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:56:20 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:56:20 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 16:56:24 Accept: TCP{:53710 > 192.168.1.184:443} 52 tcp non-syn 2024/02/26 16:56:29 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (19 dropped) 2024/02/26 16:56:29 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:56:29 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:56:29 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 16:56:34 Accept: TCP{:53114 > 192.168.1.184:443} 72 tcp non-syn 2024/02/26 16:56:34 netstack: UDP session between 0.0.0.0:64544 and 172.217.23.196:443 timed out 2024/02/26 16:56:35 magicsock: home is now derp-4 (fra) 2024/02/26 16:56:35 control: NetInfo: NetInfo{varies=false hairpin=false ipv6=false ipv6os=true udp=true icmpv4=false derp=#4 portmap= link="" firewallmode=""} 2024/02/26 16:56:35 magicsock: adding connection to derp-4 for home-keep-alive 2024/02/26 16:56:35 magicsock: 3 active derp conns: derp-4=cr0s,wr0s derp-14=cr50s,wr50s derp-18=cr5m0s,wr4m0s 2024/02/26 16:56:35 derphttp.Client.Recv: connecting to derp-4 (fra) 2024/02/26 16:56:35 magicsock: derp-4 connected; connGen=1 2024/02/26 16:56:39 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (26 dropped) 2024/02/26 16:56:39 netstack: could not connect to local server at [2600:1f18:429f:9305:823d:72c0:16da:fb33]:443: dial tcp [2600:1f18:429f:9305:823d:72c0:16da:fb33]:443: connect: network is unreachable 2024/02/26 16:56:39 netstack: could not connect to local server at [2604:a880:800:10::873:4001]:443: dial tcp [2604:a880:800:10::873:4001]:443: connect: network is unreachable 2024/02/26 16:56:39 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 16:56:44 Accept: TCP{:45542 > 192.168.1.184:443} 52 tcp non-syn 2024/02/26 16:56:44 magicsock: closing connection to derp-18 (idle), age 5m13s 2024/02/26 16:56:44 magicsock: closing connection to derp-14 (idle), age 1m0s 2024/02/26 16:56:44 magicsock: 1 active derp conns: derp-4=cr10s,wr10s 2024/02/26 16:56:44 magicsock: adding connection to derp-14 for [H0maX] 2024/02/26 16:56:44 magicsock: 2 active derp conns: derp-4=cr10s,wr10s derp-14=cr0s,wr0s 2024/02/26 16:56:44 derphttp.Client.Send: connecting to derp-14 (ams) 2024/02/26 16:56:45 magicsock: derp-14 connected; connGen=1 2024/02/26 16:56:49 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (39 dropped) 2024/02/26 16:56:49 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:56:49 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:56:49 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 16:56:50 proxy connection closed with error: writeto tcp 192.168.1.184:36440->20.42.73.27:443: read tcp 192.168.1.184:36440->20.42.73.27:443: read: connection reset by peer 2024/02/26 16:56:54 Accept: TCP{:26930 > 192.168.1.184:443} 40 tcp non-syn 2024/02/26 16:57:02 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (19 dropped) 2024/02/26 16:57:02 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:57:03 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:57:03 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 16:57:04 Accept: TCP{:45542 > 192.168.1.184:443} 52 tcp non-syn 2024/02/26 16:57:09 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (5 dropped) 2024/02/26 16:57:09 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:57:09 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:57:09 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 16:57:14 Accept: TCP{:45542 > 192.168.1.184:443} 52 tcp non-syn 2024/02/26 16:57:15 netstack: UDP session between 0.0.0.0:57122 and 35.186.224.25:443 timed out 2024/02/26 16:57:15 netstack: UDP session between 0.0.0.0:56090 and 162.159.128.233:443 timed out 2024/02/26 16:57:16 netstack: UDP session between 0.0.0.0:62666 and 142.251.143.35:443 timed out 2024/02/26 16:57:24 Accept: TCP{:26741 > :65474} 298 tcp non-syn 2024/02/26 16:57:24 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (10 dropped) 2024/02/26 16:57:24 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:57:24 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:57:24 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:57:24 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 16:57:25 write packet to [2a00:1450:4013:c01::7f]:19302 failed: write udp [::]:53662->[2a00:1450:4013:c01::7f]:19302: sendto: network is unreachable 2024/02/26 16:57:25 write packet to [2a00:1450:4013:c01::7f]:19302 failed: write udp [::]:53664->[2a00:1450:4013:c01::7f]:19302: sendto: network is unreachable 2024/02/26 16:57:25 write packet to [2a00:1450:4013:c01::7f]:19302 failed: write udp [::]:53666->[2a00:1450:4013:c01::7f]:19302: sendto: network is unreachable 2024/02/26 16:57:25 write packet to [2a00:1450:4013:c01::7f]:19302 failed: write udp [::]:53668->[2a00:1450:4013:c01::7f]:19302: sendto: network is unreachable 2024/02/26 16:57:25 netstack: could not bind local port 53661: listen udp 0.0.0.0:53661: bind: address already in use, trying again with random port 2024/02/26 16:57:25 netstack: could not bind local port 53665: listen udp 0.0.0.0:53665: bind: address already in use, trying again with random port 2024/02/26 16:57:29 proxy connection closed with error: readfrom tcp 192.168.1.184:45806->149.154.167.92:443: read tcp 149.154.167.92:443: connection reset by peer 2024/02/26 16:57:29 proxy connection closed with error: readfrom tcp 192.168.1.184:42310->157.240.251.61:443: read tcp 157.240.251.61:443: connection reset by peer 2024/02/26 16:57:29 proxy connection closed with error: readfrom tcp 192.168.1.184:38316->104.244.42.131:443: read tcp 104.244.42.131:443: connection reset by peer 2024/02/26 16:57:29 proxy connection closed with error: readfrom tcp 192.168.1.184:49966->192.229.233.50:443: read tcp 192.229.233.50:443: connection reset by peer 2024/02/26 16:57:29 proxy connection closed with error: readfrom tcp 192.168.1.184:42898->104.244.42.2:443: read tcp 104.244.42.2:443: connection reset by peer 2024/02/26 16:57:29 [RATELIMIT] format("proxy connection closed with error: %v") 2024/02/26 16:57:34 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (27 dropped) 2024/02/26 16:57:34 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:57:34 netstack: could not connect to local server at 47.94.230.155:443: dial tcp 47.94.230.155:443: connect: connection refused 2024/02/26 16:57:34 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 16:57:34 Accept: TCP{:26741 > *****:65474} 295 tcp non-syn 2024/02/26 16:57:35 netstack: UDP session between [::]:44278 and [2a00:1450:4013:c01::7f]:19302 timed out 2024/02/26 16:57:35 netstack: UDP session between [::]:46695 and [2a00:1450:4013:c01::7f]:19302 timed out 2024/02/26 16:57:35 netstack: UDP session between 0.0.0.0:49155 and 108.177.126.127:19302 timed out 2024/02/26 16:57:35 netstack: UDP session between 0.0.0.0:58692 and 108.177.126.127:19302 timed out

[lmagyar]

So your HA http server is running on port 443 and your tailscale https proxy is also running on port 443. Do you think it is a good config?

[borgqueenx]

So in configuration.yaml the port should be different as the one in proxy settings of the tailscale add-on? I will give it a go soon, thanks.

Op 26 feb 2024 17:44, om 17:44, Laszlo Magyar @.***> schreef:

So your HA http server is running on port 443 and your tailscale https proxy is also running on port 443. Do you think it is a good config?

-- Reply to this email directly or view it on GitHub: https://github.com/hassio-addons/addon-tailscale/issues/335#issuecomment-1964617027 You are receiving this because you authored the thread.

Message ID: @.***>

[borgqueenx]

Still a lot of disconnections, proxy was changed to 8443, different then the 433 set in configuration.yaml. whole host machine rebooted after applying settings already. Also wondering about the 0.0.0.0 ip's, are those to be expected?

2024/02/26 20:46:23 derphttp.Client.Recv: connecting to derp-14 (ams) 2024/02/26 20:46:23 magicsock: derp-14 connected; connGen=1 2024/02/26 20:46:25 netstack: UDP session between 0.0.0.0:58102 and 142.251.143.35:443 timed out 2024/02/26 20:46:25 netstack: UDP session between 0.0.0.0:62532 and 172.217.168.227:443 timed out 2024/02/26 20:46:25 netstack: UDP session between 0.0.0.0:60511 and 172.217.168.195:443 timed out 2024/02/26 20:46:25 [RATELIMIT] format("netstack: UDP session between %s and %s timed out") 2024/02/26 20:46:27 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (52 dropped) 2024/02/26 20:46:27 netstack: could not connect to local server at 192.168.1.184:8443: dial tcp 192.168.1.184:8443: connect: connection refused 2024/02/26 20:46:27 netstack: could not connect to local server at 192.168.1.184:8443: dial tcp 192.168.1.184:8443: connect: connection refused 2024/02/26 20:46:27 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 20:46:30 CreateEndpoint error for ****:59976 -> 192.241.157.60:443: operation timed out 2024/02/26 20:46:32 Accept: TCP{****:34472 > ****:8443} 52 tcp non-syn 2024/02/26 20:46:36 proxy connection closed with error: writeto tcp 127.0.0.1:58986->127.0.0.1:443: read tcp 127.0.0.1:58986->127.0.0.1:443: read: connection reset by peer 2024/02/26 20:46:42 Accept: TCP{****:34472 > ****:8443} 52 tcp non-syn 2024/02/26 20:46:43 proxy connection closed with error: writeto tcp 127.0.0.1:53826->127.0.0.1:443: read tcp 127.0.0.1:53826->127.0.0.1:443: read: connection reset by peer 2024/02/26 20:46:47 netstack: UDP session between 0.0.0.0:64446 and 142.251.36.46:443 timed out 2024/02/26 20:46:47 netstack: UDP session between 0.0.0.0:58641 and 172.217.168.227:443 timed out 2024/02/26 20:46:48 proxy connection closed with error: readfrom tcp 192.168.1.184:43156->52.55.196.248:443: read tcp 52.55.196.248:443: connection reset by peer 2024/02/26 20:46:48 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (29 dropped) 2024/02/26 20:46:48 netstack: could not connect to local server at [2a00:1450:400e:803::2003]:80: dial tcp [2a00:1450:400e:803::2003]:80: connect: network is unreachable 2024/02/26 20:46:49 netstack: could not connect to local server at [2a00:1450:400e:803::2003]:80: dial tcp [2a00:1450:400e:803::2003]:80: connect: network is unreachable 2024/02/26 20:46:50 netstack: could not connect to local server at 20.231.121.79:443: dial tcp 20.231.121.79:443: connect: connection timed out 2024/02/26 20:46:50 netstack: could not connect to local server at [2603:1026:c0d:1007::2]:443: dial tcp [2603:1026:c0d:1007::2]:443: connect: network is unreachable 2024/02/26 20:46:50 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 20:46:51 Accept: TCP{:60745 > :443} 48 tcp ok 2024/02/26 20:46:54 proxy connection closed with error: writeto tcp 192.168.1.184:42000->204.79.197.239:443: read tcp 192.168.1.184:42000->204.79.197.239:443: read: connection reset by peer 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 http: proxy error: context canceled 2024/02/26 20:46:57 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (6 dropped) 2024/02/26 20:46:57 netstack: could not connect to local server at [2a00:1450:400e:811::200a]:443: dial tcp [2a00:1450:400e:811::200a]:443: connect: network is unreachable 2024/02/26 20:46:58 netstack: could not connect to local server at [2a00:1450:400e:811::200a]:443: dial tcp [2a00:1450:400e:811::200a]:443: connect: network is unreachable 2024/02/26 20:46:58 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 20:47:01 Accept: TCP{:60758 > :8443} 40 tcp non-syn 2024/02/26 20:47:05 netstack: UDP session between 0.0.0.0:64036 and 172.217.168.227:443 timed out 2024/02/26 20:47:06 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (16 dropped) 2024/02/26 20:47:06 netstack: could not connect to local server at [2001:19f0:8001:2d9:5400:2ff:feef:bbb1]:443: dial tcp [2001:19f0:8001:2d9:5400:2ff:feef:bbb1]:443: connect: network is unreachable 2024/02/26 20:47:07 netstack: could not connect to local server at [2001:19f0:8001:2d9:5400:2ff:feef:bbb1]:443: dial tcp [2001:19f0:8001:2d9:5400:2ff:feef:bbb1]:443: connect: network is unreachable 2024/02/26 20:47:07 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") 2024/02/26 20:47:11 Accept: TCP{:60758 > :8443} 132 tcp non-syn 2024/02/26 20:47:12 write packet to [2a00:1450:4013:c01::7f]:19302 failed: write udp [::]:51796->[2a00:1450:4013:c01::7f]:19302: sendto: network is unreachable 2024/02/26 20:47:12 write packet to [2a00:1450:4013:c01::7f]:19302 failed: write udp [::]:51798->[2a00:1450:4013:c01::7f]:19302: sendto: network is unreachable 2024/02/26 20:47:12 netstack: could not bind local port 51795: listen udp 0.0.0.0:51795: bind: address already in use, trying again with random port 2024/02/26 20:47:12 netstack: UDP session between 0.0.0.0:52346 and 35.186.224.25:443 timed out 2024/02/26 20:47:19 proxy connection closed with error: writeto tcp 192.168.1.184:34280->104.208.16.91:443: read tcp 192.168.1.184:34280->:443: read: connection reset by peer 2024/02/26 20:47:22 Accept: TCP{:34472 > :8443} 52 tcp non-syn 2024/02/26 20:47:23 magicsock: closing connection to derp-14 (idle), age 1m0s 2024/02/26 20:47:23 magicsock: 1 active derp conns: derp-4=cr15m0s,wr3m0s 2024/02/26 20:47:23 magicsock: adding connection to derp-14 for [H0maX] 2024/02/26 20:47:23 magicsock: 2 active derp conns: derp-4=cr15m0s,wr3m0s derp-14=cr0s,wr0s 2024/02/26 20:47:23 derphttp.Client.Recv: connecting to derp-14 (ams) 2024/02/26 20:47:23 magicsock: derp-14 connected; connGen=1 2024/02/26 20:47:28 [RATELIMIT] format("netstack: could not connect to local server at %s: %v") (10 dropped) 2024/02/26 20:47:28 netstack: could not connect to local server at [2606:4700:3034::ac43:cad1]:443: dial tcp [2606:4700:3034::ac43:cad1]:443: connect: network is unreachable 2024/02/26 20:47:28 proxy connection closed with error: writeto tcp 192.168.1.184:41544->20.185.212.106:443: read tcp 192.168.1.184:41544->20.185.212.106:443: read: connection reset by peer 2024/02/26 20:47:28 netstack: UDP session between 0.0.0.0:55559 and 172.217.168.227:443 timed out 2024/02/26 20:47:31 netstack: could not connect to local server at 52.142.223.178:443: dial tcp 52.142.223.178:443: connect: connection timed out 2024/02/26 20:47:31 Accept: TCP{:60815 > :8443} 40 tcp non-syn 2024/02/26 20:47:32 write packet to [2a00:1450:4013:c01::7f]:19302 failed: write udp [::]:60065->[2a00:1450:4013:c01::7f]:19302: sendto: network is unreachable 2024/02/26 20:47:32 write packet to [2a00:1450:4013:c01::7f]:19302 failed: write udp [::]:60067->[2a00:1450:4013:c01::7f]:19302: sendto: network is unreachable 2024/02/26 20:47:32 netstack: could not bind local port 60064: listen udp 0.0.0.0:60064: bind: address already in use, trying again with random port 2024/02/26 20:47:40 proxy connection closed with error: readfrom tcp 192.168.1.184:55016->52.55.196.248:443: read tcp 52.55.196.248:443: connection reset by peer 2024/02/26 20:47:41 Accept: TCP{:60824 > 192.168.1.184:8555} 112 tcp non-syn 2024/02/26 20:47:51 netstack: could not connect to local server at 20.231.121.79:443: dial tcp 20.231.121.79:443: connect: connection timed out 2024/02/26 20:47:51 Accept: TCP{:60758 > :8443} 130 tcp non-syn

[lmagyar]

What do you really want to do???

Who wants to access 192.168.1.184:8443? Port 8443 is only available inside the tailnet, never on your LAN, read the Tailscale proxy docs. What are those datacenter IP addresses? Do you want to access your machine from the internet? You need funnel, read the add-on and Tailscale funnel docs, or install Tailscale on those machines also.

I'm quite sure you have a really strange network misconfiguration. Using port 443 everywhere, even for plain http traffic is a bad idea in my opinion, a few month later it will confuse even you what is what.

[borgqueenx]

Hey, i changed the port in configuration.yaml back to 8123, and use 8443 for tailscale proxy. I do not want access outside of the tailnet so have not set up funnel. Can this misconfiguration be router related? I am using a openwrt router that routes all traffic through a vpn provider(mullvad, even used by tailscale, so not a crappy one)

Op 26 feb 2024 21:37, om 21:37, Laszlo Magyar @.***> schreef:

What do you really want to do???

Who wants to access 192.168.1.184:8443? Port 8443 is only available inside the tailnet, never on your LAN, read the Tailscale proxy docs. What are those datacenter IP addresses? Do you want to access your machine from the internet? You need funnel, read the add-on and Tailscale funnel docs, or install Tailscale on those machines also.

I'm quite sure you have a really strange network misconfiguration. Using port 443 everywhere, even for plain http traffic is a bad idea in my opinion, a few month later it will confuse even you what is what.

-- Reply to this email directly or view it on GitHub: https://github.com/hassio-addons/addon-tailscale/issues/335#issuecomment-1965223068 You are receiving this because you authored the thread.

Message ID: @.***>

[lmagyar]

You don't need to configure your router for tailscale. And you didn't answer my questions, so I can't help.

[borgqueenx]

You don't need to configure your router for tailscale. And you didn't answer my questions, so I can't help.

i thought i did with the above so let me try more direct answers, apologise for not giving enough to help and appriciate your time!

What do you really want to do???

Get rid of extremely slow speeds when connected to tailscale that runs as exit node on home assistant as add-on.

Who wants to access 192.168.1.184:8443?

I do, while obviously connected to tailscale (i only want access to home assistant using the local pc connected to the same router or when connected to the same tailnet) 192.168.1.184 is the local address of the home assistant minipc. 8443 was the port. now it is 192.168.1.184:8123, the standard home assistant port. This can therefore be accessed with or without tailscale. I can now also access home assistant through the tailscale domain that was given to me, this only works when connected to tailscale, which is exactly what i want.

I also took your advice and removed port 443 altogether. tailscale is not using 8443 and home assistant locally(in configuration.yaml) uses 8123.

[lmagyar]

Who wants to access 192.168.1.184:8443? I do

Read the docs, read what I've wrote: tailscale proxy is only available on the tailnet, not on your LAN! Full stop.

Remove any tailscale router config, because you don't need it. To have a clean config, disable any subnet routing and exit node config on tailscale's admin page for this HA instance and your PC, then:

• when PC is connected to LAN, http://<HA's LAN IP>:8123 should work
• when PC is connected to tailnet, http://<HA's tailnet IP or name>:8123 should work
• when PC is connected to tailnet AND add-on's proxy is enabled, httpS://<HA's tailnet name>:8443 should work
• nothing else should work
• until the first 3 steps doesn't work, remove other misconfigurations

[borgqueenx]

ah, my bad, the 192.168.1.184:8443 was working on local when i changed the configuration.yaml to this port, but with current settings that i gave before it is not possible anymore. Your pointers are all correct. When there is no incoming connection the add-on's log also stay clean without any errors. it starts when connecting to the home assistant machine over the tailnet, exit node enabled or disabled.

[lmagyar]

And what is the log with the current settings?

[borgqueenx]

pretty much the same logs as given earlier.... Could it be that a router firewall or settings are messing with tailscale's ability to "just work"?

[borgqueenx]

So, i just figured out something weird... When connecting to home assistant through my tailscale IP address of the home assistant host pc, everything is blazing fast as it is when connecting to the device locally. When using the domain name of tailscale to access the host (with https), it is when things are impossibly slow.

[lmagyar]

Without logs I can't say anything. Please check, that the resolved IP of the hostname is the same as the tailscale IP, my guess is that your laptop resolves a different IP.

[github-actions[bot]]

There hasn't been any activity on this issue recently, so we clean up some of the older and inactive issues. Please make sure to update to the latest version and check if that solves the issue. Let us know if that works for you by leaving a comment 👍 This issue has now been marked as stale and will be closed if no further activity occurs. Thanks!