When operating in --tun=userspace-networking mode, tailscaled forwards incoming requests to the same port on localhost. The server sees the srcIP address as localhost. Adding an X-Forwarded-For header would let that server make decisions based on the originator.
What are you trying to do?
When operating in
--tun=userspace-networking
mode,tailscaled
forwards incoming requests to the same port on localhost. The server sees the srcIP address as localhost. Adding anX-Forwarded-For
header would let that server make decisions based on the originator.This was done for
tailscale serve
in https://github.com/tailscale/tailscale/commit/3177ccabe5877aa46c47e1215784938fc46a6689How should we solve this?
Add
X-Forwarded-For
foruserspace-networking
What is the impact of not solving this?
Local servers don't know the original requestor.
Anything else?
No response