search

juanfont / headscale

An open source, self-hosted implementation of the Tailscale control server
BSD 3-Clause "New" or "Revised" License
20.71k stars 1.15k forks source link

no public network Endpoints #1859

Open gaocheng001 opened 2 months ago

gaocheng001 commented 2 months ago

Bug description

no public network Endpoints I have configured port forwarding for a Tailscale client with the IP address 10.20.1.20 on my server with the public IP address 223.22.22.1. However, when attempting to ping the Tailscale client from within the same subnet (10.20.1.0/24), the traffic is routed through the Tailscale relay server instead of using the port forwarding configuration.

Environment

To Reproduce

  1. Set up port forwarding for Tailscale client 10.20.1.20 on server with public IP 223.22.22.1.
  2. From another device within the same subnet (10.20.1.0/24), ping Tailscale client 10.20.1.20.

Logs and attachments

I have attached the following files:

Additionally, here is the netmap dump of the Tailscale client:

tailscale debug netmap > tailscale_netmap.json

Please let me know if any further information is needed.

gaocheng001 commented 2 months ago

tailscale_netmap.json

gaocheng001 commented 2 months ago

./Tailscale ping 100.64.0.10
pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 24ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 45ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 46ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 57ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 37ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 47ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 43ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 48ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 48ms pong from csd-vpn-router-client (100.64.0.10) via DERP(kr) in 46ms 2024/04/07 15:12:42 direct connection not established

ohdearaugustin commented 1 month ago

This is issue is really hard to reproduce, as port-forwarding could be achieved in several different ways.

The only hint I can think out is that, somehow the connection couldn't be established directly toward the server. Therefore, it was falling back to DERP. This is probably a setup issue and not a bug in headscale.

colaH16 commented 2 weeks ago

I Have Same Issue.

I have 2 machines on Oracle Cloud Infrastructure.

one machine is connected to tailscale. The other one is connected to headscale.

tailscale netmap said something wrong. The endpoints of the machines connected to tailscale are as follows

            "Endpoints": [
                "168.138.32.189:41641",
                "[2603:c023:8:d312::d03]:41641",
                "10.123.12.3:41641",
                "172.17.0.1:41641",
                "172.23.255.1:41641",
                "172.24.0.1:41641"
            ],

On the other hand, the endpoints on the machine connected to headscale look like this

        "Endpoints": [
            "10.123.12.12:41641"
        ],

How to set Endpoints as public?