Article Repost#
Exploring Tailscale DERP Relay Service | Kiprey's Blog
This article mainly records the process of configuring DERP, and almost all of the content comes from the above article. If you need it, you can directly refer to the above article. It is well written and the process analysis is very accurate. A great example!
Configuration Requirements#
- Public IP
- Allow TCP/UDP inbound traffic
Configuring DERP Server#
Install golang#
Configure DERP Service and Manage with systemd#
Configure iptables to allow inbound traffic on specific ports and configure security groups#
Configure ACL#
Log in to the Tailscale admin console and select Access Controls
.
- Add a single relay server
Note: The HostName configuration should be the same as the DERP_HOST configured above
- Add multiple relay servers
Check the Status of the Relay Server#
- Use the
$ tailscale netcheck
command on any node to view the online status of DERP. If you see latency, the configuration is complete. - Because the public server has high latency and I don't want to use a public server, you can configure
"OmitDefaultRegions": true,
as mentioned in the previous section for multiple DERP configurations.
Enjoy!#
Tailscale's networking capabilities are really amazing, and it is very complete and robust in all aspects. The free version is basically enough for personal use, which is great! The only problem is that when I use my 5G phone from China Telecom to connect to my 600Mbps China Unicom broadband at home, the maximum speed I can achieve is 50Mbps. I don't know if UDP is limiting it, but it is still sufficient for use.