4via6 not working with MacOS as the subnet router.

[JayWStapleton]

What is the issue?

When advertising a 4via6 route from a MacOS device, clients can't transit to the end target.

pcap on the Mac shows:

12  0.456373    fd7a:115c:a1e0:ab12:4843:cd96:6271:a052 fd7a:115c:a1e0:b1a:0:1:c0a8:fa15    TCP 80  53080 → 80 [SYN] Seq=0 Win=42700 Len=0 MSS=1220 SACK_PERM TSval=2411066331 TSecr=0 WS=1024
13  1.486570    fd7a:115c:a1e0:ab12:4843:cd96:6271:a052 fd7a:115c:a1e0:b1a:0:1:c0a8:fa15    TCP 80  [TCP Retransmission] [TCP Port numbers reused] 53080 → 80 [SYN] Seq=0 Win=42700 Len=0 MSS=1220 SACK_PERM TSval=2411067361 TSecr=0 WS=1024

The originating device curl hangs at:

jay@testmy:~$ curl -6 -v http://192.168.250.21.via-1
*   Trying fd7a:115c:a1e0:b1a:0:1:c0a8:fa15:80...

Steps to reproduce

advertise 4via6 route and approve in the Admin Console. Try to connect through it.

Are there any recent changes that introduced the issue?

No response

OS

macOS

OS version

Ventura 13.0

Tailscale version

1.32.2

Bug report

BUG-069d04b0850a27ab6ea92dd7da00efdfdf7b6b5018ca0785b18af0db1d3cd542-20221115203146Z-3030673694eaebc6

[clarkmcc]

I have a fork of Tailscale that has subnet routing enabled for the tsnet package and it also has this same issue. Not sure if that's relevant.

[DentonGentry]

macOS and tsnet both use netstack as a userspace TCP stack. However tailscaled --tun=userspace-networking does as well, and 4via6 routing works there.

[clarkmcc]

@DentonGentry I couldn't get 4via6 to work with userspace or the tun device. I tried userspace using 4via6 and when that didn't work, I tried on my MBP and found the same issue, is it possible this has been fixed since the initial report? I can try it again next week with the latest release.

[DentonGentry]

is it possible this has been fixed since the initial report?

I doubt it, the only recent macOS specific fix for subnet routing was https://github.com/tailscale/tailscale/pull/8227 which has not made it into a release yet. It only impacted ping6.