Use as as an exit or relay node on HASS RPi

[dkvdm]

I can't get Hass to work as an exit or relay node on RPi. I'm trying to follow these docs: https://tailscale.com/kb/1104/enable-ip-forwarding/

~ $ sysctl -q net.ipv4.ip_forward=1
sysctl: error setting key 'net.ipv4.ip_forward': Read-only file system

Help would be appreciated, thank you for your hard work!

[tsujamin]

Hey mate - will try have a look on the weekend. I don’t thiiiink those instructions are strictly necessary (I haven’t touched sysctl on my instance) but I’ll see what’s going on.

I think that particular error is due to docker isolation though. Have you tried running the plug-in as an exit node without touching sysctl, or alternatively running that command in one of the other HASS containers?

On 28 Jul 2021, at 10:01 pm, Dennis K @.***> wrote:



I can't get Hass to work as an exit or relay node on RPi. I'm trying to follow these docs: https://tailscale.com/kb/1104/enable-ip-forwarding/

~ $ sysctl -q net.ipv4.ip_forward=1 sysctl: error setting key 'net.ipv4.ip_forward': Read-only file system

Help would be appreciated, thank you for your hard work!

— You are receiving this because you were assigned. Reply to this email directly, view it on GitHubhttps://github.com/tsujamin/hass-addons/issues/17, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AASSUI2TPRBW6PHGUJQ7IXDTZ7WQXANCNFSM5BEGW7OQ.

[tsujamin]

@dkvdm just tested on my current build w/o playing with iptables/sysctl and I can exit node out. Can I confirm your addon verison/hass version/config (minus your TS-Key)?

my config for comparison

[dkvdm]

HASS Core: core-2021.6.4 HASS OS: 5.13 Addon version: 1.12.1.0

Thanks!

[tsujamin]

Are there any references in your tailscale logs (on HA) at startup relating to IP forwarding? I've got a reference in my logs to the ipv6 forwarding not being enabled but it doesn't seem to break exit-nodes.

Also if you could run sysctl net.ipv4.ip_forward either in the tailscale container or withins supervisor that would be helpful.

[tsujamin]

I just pushed a userspace-networking option that might be of some help here - maybe give that a whirl and see if your exit/subnet routes work

[johnsheehan]

I'm running HA with Home Assistant OS. When I have advertise_routes set I get this a warning about IP forwarding when the add-on starts up:

Warning: couldn't check net.ipv4.ip_forward (exec: "sysctl": executable file not found in $PATH).
Subnet routes won't work without IP forwarding.

I don't think I have access to the host networking settings to enable IP forwarding. Would userspace networking help get around this?

[tsujamin]

Potentially, I don't know enough about how the userspace engine works but its worth a shot.

I'll add the sysctl binary into the build I'm about to push too - migrating to debian has broken some of these dependencies :)

[tsujamin]

sysctl is re-added in v1.14.0.1 which just got pushed - see if that helps your mileage at all :)

[ahmedalhulaibi]

Just wanted to add that I had to configure a DNS server on the tailscale admin panel to get the exit node to work.

Edit: there seems to be a thread on it on the tailscale forums https://forum.tailscale.com/t/no-dns-when-using-exit-node/477

[HSB-collab]

I am running HassOS on a RPi. I have installed the tailscale addon and I can use it to reach my RPi. I have also enabled subnet routing but it doesn't work. I cannot reach any other machine on my subnet. My config is exactly as given by @tsujamin in the thread above. In my Tailscale Addon logs I see messages like: Accept: TCP{100.xxx.xxx.xxx:1053 > 10.0.0.1:80} 52 tcp ok which would imply it is reaching 10.0.0.1 but I am not getting any response. What am I doing wrong? The only thing of is I notice that the Tailscale Admin panel reports that the Tailscale on my RPi is out of date. I am running the latest version of the Tailscale Addon (1.14.0.2) but I can't see any way of updating the Tailscale implementation on HA. Appreciate any ideas.

[tsujamin]

Hey mate

Just a quick test: does enabling userspace networking in the addon settings help at all?

On 18 Sep 2021, at 4:36 pm, HSB-collab @.***> wrote:



I am running HassOS on a RPi. I have installed the tailscale addon and I can use it to reach my RPi. I have also enabled subnet routing but it doesn't work. I cannot reach any other machine on my subnet. My config is exactly as given by @tsujaminhttps://github.com/tsujamin in the thread above. In my Tailscale Addon logs I see messages like: Accept: TCP{100.xxx.xxx.xxx:1053 > 10.0.0.1:80} 52 tcp ok which would imply it is reaching 10.0.0.1 but I am not getting any response. What am I doing wrong?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/tsujamin/hass-addons/issues/17#issuecomment-922221063, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AASSUI2ZB3G7VL64JHEWNNLUCQXOJANCNFSM5BEGW7OQ. Triage notifications on the go with GitHub Mobile for iOShttps://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Androidhttps://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

[HSB-collab]

Hey mate Just a quick test: does enabling userspace networking in the addon settings help at all? On 18 Sep 2021, at 4:36 pm, HSB-collab @.***> wrote:  I am running HassOS on a RPi. I have installed the tailscale addon and I can use it to reach my RPi. I have also enabled subnet routing but it doesn't work. I cannot reach any other machine on my subnet. My config is exactly as given by @tsujaminhttps://github.com/tsujamin in the thread above. In my Tailscale Addon logs I see messages like: Accept: TCP{100.xxx.xxx.xxx:1053 > 10.0.0.1:80} 52 tcp ok which would imply it is reaching 10.0.0.1 but I am not getting any response. What am I doing wrong? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<#17 (comment)>, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AASSUI2ZB3G7VL64JHEWNNLUCQXOJANCNFSM5BEGW7OQ. Triage notifications on the go with GitHub Mobile for iOShttps://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Androidhttps://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

Bingo! That worked. Thanks so much. Fantastic work.

[tsujamin]

All good - this has come up a bit recently so I might think about making it the default. Have a good day!

On 18 Sep 2021, at 4:57 pm, HSB-collab @.***> wrote:



Hey mate Just a quick test: does enabling userspace networking in the addon settings help at all? On 18 Sep 2021, at 4:36 pm, HSB-collab @.***> wrote:  I am running HassOS on a RPi. I have installed the tailscale addon and I can use it to reach my RPi. I have also enabled subnet routing but it doesn't work. I cannot reach any other machine on my subnet. My config is exactly as given by @tsujaminhttps://github.com/tsujaminhttps://github.com/tsujamin in the thread above. In my Tailscale Addon logs I see messages like: Accept: TCP{100.xxx.xxx.xxx:1053 > 10.0.0.1:80} 52 tcp ok which would imply it is reaching 10.0.0.1 but I am not getting any response. What am I doing wrong? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<#17 (comment)https://github.com/tsujamin/hass-addons/issues/17#issuecomment-922221063>, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AASSUI2ZB3G7VL64JHEWNNLUCQXOJANCNFSM5BEGW7OQ. Triage notifications on the go with GitHub Mobile for iOShttps://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Androidhttps://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

Bingo! That worked. Thanks so much. Fantastic work.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/tsujamin/hass-addons/issues/17#issuecomment-922228720, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AASSUIZWBS4TPNSDHM2TWQ3UCQZ5XANCNFSM5BEGW7OQ. Triage notifications on the go with GitHub Mobile for iOShttps://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Androidhttps://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.