banner
ZDawn

ZDawn

Do one thing at a time and do well.
tg_channel
首页归档标签

Using Tailscale Networking

#tailscale#openwrt#network#headscale#wireguard271
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
This post discusses how to use Tailscale to create a local network and enable communication between devices within the network. It provides instructions on configuring Tailscale on OpenWrt and setting up the network interface. The post also mentions the option to configure the exit node for all devices in the local network. Overall, Tailscale is described as a convenient solution for creating a local network and accessing devices within it.

I often need to access my NAS at home from devices outside the local network. Previously, I would access it through the public network, but after moving and changing networks, I no longer have a public network. Fortunately, the network is NAT1, so I can still use Tailscale to create a connection and establish a local network.

Network Topology#

tailscale network topology.png

Explanation#

  1. The network requires a public network, NAT1, and IPV6. If these are not available, using the Tailscale relay server will be very slow, so you will need to set up your own drep.
  2. Set the side router as the DMZ host, and normal port forwarding should also work.
  3. All devices in the home LAN are on the same subnet, for example: 192.168.0.0/24

Configuring Tailscale Service on OpenWrt Side Router#

  1. Download Tailscale on Openwrt,
    1. Project link: GitHub - adyanth/openwrt-tailscale-enabler: Brings Tailscale to low powered OpenWRT devices
  2. Extract:
    1. tar x -zvC / -f openwrt-tailscale-enabler-<tag>.tgz
  3. Install required libraries:
    1. opkg update && opkg install libustream-openssl ca-bundle kmod-tun
  4. Configure startup:
    1. /etc/init.d/tailscale enable
  5. Start testing:
    1. /etc/init.d/tailscale start
  6. Log in to the Tailscale service and enable subnet routing:
    1. tailscale up --advertise-routes=192.168.0.0/24 --accept-dns=false
    2. 192.168.0.0/24: This is the subnet of my LAN.
    3. After starting, get the login address, register an account, and log in.
  7. Configure Tailscale service:
    1. Disable key expiration. By default, it will require a reset every 6 months, but we can disable this.
    2. Edit route settings of xxx: Enable subnet routing.
    3. ts.png
  8. (Optional) Configure exit node:
    1. If you want all devices in the LAN to use the side router, you can configure this. Note that there are pros and cons to doing this.
    2. Just add the --advertise-exit-node parameter when starting.
    3. tailscale up --advertise-routes=192.168.0.0/24 --accept-dns=false --advertise-exit-node
    4. Open the management page Edit route settings of xxx and check Exit node.

Configure Network Interface#

  1. Add a new network interface.
  2. Protocol: Static.
  3. IPV4 address: The IP address seen on the Tailscale web page, or you can use the command tailscale ip to check.
  4. Subnet mask: 255.0.0.0
  5. Physical settings -> Interface: Select the tailscale0 interface.
  6. Firewall: lan
  7. Save and apply, then restart.
  8. No need to set firewall rules for side router mode.

Usage#

Download the corresponding Tailscale app on other devices and log in with the same account to establish a network. It's very convenient, and devices under the router can be accessed directly using the internal IP address, for example, the router's IP: 192.168.0.1. It's really nice.

Enjoy!#

As we all know, there are no good lines in the telecommunications network except for dedicated lines. But my home broadband is with China Unicom, so why not go home with my phone or other devices first?

References:
Docs · Tailscale Docs
OpenWrt 安装配置 Tailscale – ZhiYunHaiBo 智云海博 (zyh8.com)

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.