starred/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2026-01-11 20:00:28 +01:00
Code Issues 98 Packages Projects Releases 10 Wiki Activity

Nodes IP missing in tailscale status #44

New Issue
Closed
opened 2025-12-29 01:21:00 +01:00 by adam · 14 comments
adam commented 2025-12-29 01:21:00 +01:00
Owner
Copy Link

Originally created by @mhhakim on GitHub (Oct 11, 2021).

Hi,

Here is my config.json

{
    "server_url": "https://sub.domain.tld",
    "listen_addr": "0.0.0.0:443",
    "ip_prefix": "10.0.1.0/24",
    "private_key_path": "/etc/headscale/private.key",
    "derp_map_path": "/etc/headscale/derp.yaml",
    "ephemeral_node_inactivity_timeout": "30m",
    "db_type": "sqlite3",
    "db_path": "/etc/headscale/db.sqlite",
    "tls_cert_path": "/etc/headscale/crt.pem",
    "tls_key_path": "/etc/headscale/key.pem",
    "acl_policy_path": "",
    "dns_config": {
        "nameservers": ["1.1.1.1", "8.8.8.8"],
        "domains": [],
        "magic_dns": true,
        "base_domain": "local.net"
    }
}

Created namescpace. Joined 3 nodes successfully. They can reach each others. The issue is, when I run tailscale status, it doesn't show headscale IP on node list. I get the following output.

hakim@node-2:~$ sudo tailscale status
10.0.1.2        node-2                main         linux   -
                node-1                main         linux   active; direct PUBLICIP:41641, tx 11524412 rx 288104
                node-3                main         linux   active; direct PUBLICIP:41641, tx 3092 rx 2556

I can ping using node name like ping node-1 because of Magic DNS but can't use tailscale ping node-1 or Taildrop using node name. I have to use node's tailscale IP address. Headscale log seems fine. I am running v0.10.0

Originally created by @mhhakim on GitHub (Oct 11, 2021). Hi, Here is my config.json <pre> { "server_url": "https://sub.domain.tld", "listen_addr": "0.0.0.0:443", "ip_prefix": "10.0.1.0/24", "private_key_path": "/etc/headscale/private.key", "derp_map_path": "/etc/headscale/derp.yaml", "ephemeral_node_inactivity_timeout": "30m", "db_type": "sqlite3", "db_path": "/etc/headscale/db.sqlite", "tls_cert_path": "/etc/headscale/crt.pem", "tls_key_path": "/etc/headscale/key.pem", "acl_policy_path": "", "dns_config": { "nameservers": ["1.1.1.1", "8.8.8.8"], "domains": [], "magic_dns": true, "base_domain": "local.net" } } </pre> Created namescpace. Joined 3 nodes successfully. They can reach each others. The issue is, when I run **tailscale status**, it doesn't show headscale IP on node list. I get the following output. <pre> hakim@node-2:~$ sudo tailscale status 10.0.1.2 node-2 main linux - node-1 main linux active; direct PUBLICIP:41641, tx 11524412 rx 288104 node-3 main linux active; direct PUBLICIP:41641, tx 3092 rx 2556 </pre> I can ping using node name like **ping node-1** because of Magic DNS but can't use tailscale ping node-1 or Taildrop using node name. I have to use node's tailscale IP address. Headscale log seems fine. I am running v0.10.0
adam added the bugtailscale-feature-gap labels 2025-12-29 01:21:00 +01:00
adam closed this issue 2025-12-29 01:21:00 +01:00
adam commented 2025-12-29 01:21:00 +01:00
Author
Owner
Copy Link

@0xcd0e commented on GitHub (Oct 11, 2021):

Im having the same issue, config looks basically the same, also running v0.10.0.
Everything works fine, but the ip addresses are missing from tailscale status

@0xcd0e commented on GitHub (Oct 11, 2021): Im having the same issue, config looks basically the same, also running v0.10.0. Everything works fine, but the ip addresses are missing from tailscale status
adam commented 2025-12-29 01:21:01 +01:00
Author
Owner
Copy Link

@juanfont commented on GitHub (Oct 11, 2021):

Was this happening on a previous version? Can you please attach the following data?

  • Output of ip addr from one node
  • Content of /etc/resolv.conf
  • Output of tailscale status --json

Thanks! @ChrizDoe @mhhakim

@juanfont commented on GitHub (Oct 11, 2021): Was this happening on a previous version? Can you please attach the following data? - Output of `ip addr` from one node - Content of `/etc/resolv.conf` - Output of `tailscale status --json` Thanks! @ChrizDoe @mhhakim
adam commented 2025-12-29 01:21:01 +01:00
Author
Owner
Copy Link

@0xcd0e commented on GitHub (Oct 11, 2021):

I was using the previous version for just a short time, dont think this was happening there.
I can see a lot of these messages in my tailscaled log, may have something to do with it:
tailscaled[655]: portmapper: failed to get PCP mapping: PCP response not ok, code 2

ip addr:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 52:54:00:58:ba:f8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.20/24 brd 192.168.1.255 scope global dynamic enp2s0
       valid_lft 603136sec preferred_lft 603136sec
    inet6 xxxxxxx/64 scope global dynamic mngtmpaddr
       valid_lft 7199sec preferred_lft 3599sec
    inet6 fe80::xxxxxxxxxx/64 scope link
       valid_lft forever preferred_lft forever
3: tailscale0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UNKNOWN group default qlen 500
    link/none
    inet 10.10.0.1/32 scope global tailscale0
       valid_lft forever preferred_lft forever
    inet6 fe80::acbc:9e59:7f26:4720/64 scope link stable-privacy
       valid_lft forever preferred_lft forever

cat /etc/resolv.conf

# resolv.conf(5) file generated by tailscale
# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 100.100.100.100
search test.local mynamespace.test.local

tailscale status --json

{
  "Version": "1.16.0-t86bcf6a96-gf787a582e",
  "BackendState": "Running",
  "AuthURL": "",
  "TailscaleIPs": [
    "10.10.0.1"
  ],
  "Self": {
    "ID": "1",
    "PublicKey": "SrmqTrYB7AJ+OaNTeloDnI0ahrD8ztQ840acgtEaoCc=",
    "HostName": "ts-client",
    "DNSName": "ts-client.mynamespace.test.local",
    "OS": "linux",
    "UserID": 1,
    "TailAddr": "10.10.0.1",
    "TailscaleIPs": [
      "10.10.0.1"
    ],
    "Addrs": [
      "95.223.xx.xx:64217",
      "[xxxx]:41641",
      "10.10.0.1:41641",
      "192.168.1.20:41641"
    ],
    "CurAddr": "",
    "Relay": "nyc",
    "RxBytes": 0,
    "TxBytes": 0,
    "Created": "0001-01-01T00:00:00Z",
    "LastWrite": "0001-01-01T00:00:00Z",
    "LastSeen": "0001-01-01T00:00:00Z",
    "LastHandshake": "0001-01-01T00:00:00Z",
    "KeepAlive": false,
    "ExitNode": false,
    "Active": false,
    "PeerAPIURL": [
      "http://10.10.0.1:60498"
    ],
    "Capabilities": [
      "https://tailscale.com/cap/file-sharing"
    ],
    "InNetworkMap": false,
    "InMagicSock": false,
    "InEngine": false
  },
  "Health": null,
  "MagicDNSSuffix": "mynamespace.test.local",
  "CertDomains": null,
  "Peer": {
    "nezpJ879rXXucGUgVoz2Ubt1dBy25H2uWe+cuTKtnGc=": {
      "ID": "2",
      "PublicKey": "nezpJ879rXXucGUgVoz2Ubt1dBy25H2uWe+cuTKtnGc=",
      "HostName": "peer2",
      "DNSName": "peer2.mynamespace.test.local",
      "OS": "linux",
      "UserID": 1,
      "TailAddr": "",
      "TailscaleIPs": [],
      "Addrs": null,
      "CurAddr": "10.7.0.6:41641",
      "Relay": "nyc",
      "RxBytes": 1160,
      "TxBytes": 1368,
      "Created": "2021-10-11T18:25:16.02669197+02:00",
      "LastWrite": "2021-10-11T18:30:35.612250253+02:00",
      "LastSeen": "2021-10-11T16:30:16.995742891Z",
      "LastHandshake": "2021-10-11T18:30:35.61210014+02:00",
      "KeepAlive": true,
      "ExitNode": false,
      "Active": true,
      "PeerAPIURL": null,
      "InNetworkMap": true,
      "InMagicSock": true,
      "InEngine": true
    }
  },
  "User": {
    "1": {
      "ID": 1,
      "LoginName": "mynamespace",
      "DisplayName": "mynamespace",
      "ProfilePicURL": "",
      "Roles": []
    }
  }
}
@0xcd0e commented on GitHub (Oct 11, 2021): I was using the previous version for just a short time, dont think this was happening there. I can see a lot of these messages in my tailscaled log, may have something to do with it: `tailscaled[655]: portmapper: failed to get PCP mapping: PCP response not ok, code 2` ip addr: ``` 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 52:54:00:58:ba:f8 brd ff:ff:ff:ff:ff:ff inet 192.168.1.20/24 brd 192.168.1.255 scope global dynamic enp2s0 valid_lft 603136sec preferred_lft 603136sec inet6 xxxxxxx/64 scope global dynamic mngtmpaddr valid_lft 7199sec preferred_lft 3599sec inet6 fe80::xxxxxxxxxx/64 scope link valid_lft forever preferred_lft forever 3: tailscale0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UNKNOWN group default qlen 500 link/none inet 10.10.0.1/32 scope global tailscale0 valid_lft forever preferred_lft forever inet6 fe80::acbc:9e59:7f26:4720/64 scope link stable-privacy valid_lft forever preferred_lft forever ``` cat /etc/resolv.conf ``` # resolv.conf(5) file generated by tailscale # DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN nameserver 100.100.100.100 search test.local mynamespace.test.local ``` tailscale status --json ``` { "Version": "1.16.0-t86bcf6a96-gf787a582e", "BackendState": "Running", "AuthURL": "", "TailscaleIPs": [ "10.10.0.1" ], "Self": { "ID": "1", "PublicKey": "SrmqTrYB7AJ+OaNTeloDnI0ahrD8ztQ840acgtEaoCc=", "HostName": "ts-client", "DNSName": "ts-client.mynamespace.test.local", "OS": "linux", "UserID": 1, "TailAddr": "10.10.0.1", "TailscaleIPs": [ "10.10.0.1" ], "Addrs": [ "95.223.xx.xx:64217", "[xxxx]:41641", "10.10.0.1:41641", "192.168.1.20:41641" ], "CurAddr": "", "Relay": "nyc", "RxBytes": 0, "TxBytes": 0, "Created": "0001-01-01T00:00:00Z", "LastWrite": "0001-01-01T00:00:00Z", "LastSeen": "0001-01-01T00:00:00Z", "LastHandshake": "0001-01-01T00:00:00Z", "KeepAlive": false, "ExitNode": false, "Active": false, "PeerAPIURL": [ "http://10.10.0.1:60498" ], "Capabilities": [ "https://tailscale.com/cap/file-sharing" ], "InNetworkMap": false, "InMagicSock": false, "InEngine": false }, "Health": null, "MagicDNSSuffix": "mynamespace.test.local", "CertDomains": null, "Peer": { "nezpJ879rXXucGUgVoz2Ubt1dBy25H2uWe+cuTKtnGc=": { "ID": "2", "PublicKey": "nezpJ879rXXucGUgVoz2Ubt1dBy25H2uWe+cuTKtnGc=", "HostName": "peer2", "DNSName": "peer2.mynamespace.test.local", "OS": "linux", "UserID": 1, "TailAddr": "", "TailscaleIPs": [], "Addrs": null, "CurAddr": "10.7.0.6:41641", "Relay": "nyc", "RxBytes": 1160, "TxBytes": 1368, "Created": "2021-10-11T18:25:16.02669197+02:00", "LastWrite": "2021-10-11T18:30:35.612250253+02:00", "LastSeen": "2021-10-11T16:30:16.995742891Z", "LastHandshake": "2021-10-11T18:30:35.61210014+02:00", "KeepAlive": true, "ExitNode": false, "Active": true, "PeerAPIURL": null, "InNetworkMap": true, "InMagicSock": true, "InEngine": true } }, "User": { "1": { "ID": 1, "LoginName": "mynamespace", "DisplayName": "mynamespace", "ProfilePicURL": "", "Roles": [] } } } ```
adam commented 2025-12-29 01:21:01 +01:00
Author
Owner
Copy Link

@mhhakim commented on GitHub (Oct 11, 2021):

This is my first time setup.

Here's the outputs.

ip addr

1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:  mtu 9000 qdisc mq state UP group default qlen 1000
    link/ether 02:00:17:01:b6:92 brd ff:ff:ff:ff:ff:ff
    altname enp0s3
    inet 10.0.0.154/24 brd 10.0.0.255 scope global dynamic eth0
       valid_lft 74180sec preferred_lft 74180sec
    inet6 PUBLIC_IPv6/128 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::17ff:fe01:b692/64 scope link
       valid_lft forever preferred_lft forever
3: ztv4t3w3z4:  mtu 2800 qdisc fq state UNKNOWN group default qlen 1000
    link/ether 66:be:78:8e:94:ee brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.143/24 brd 10.10.10.255 scope global ztv4t3w3z4
       valid_lft forever preferred_lft forever
    inet6 fe80::f491:87ff:feae:c6ca/64 scope link
       valid_lft forever preferred_lft forever
4: wg0:  mtu 8920 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet 10.66.66.1/24 scope global wg0
       valid_lft forever preferred_lft forever
    inet6 fd42:42:42::1/64 scope global
       valid_lft forever preferred_lft forever
6: tailscale0:  mtu 1280 qdisc fq state UNKNOWN group default qlen 500
    link/none
    inet 10.0.1.2/32 scope global tailscale0
       valid_lft forever preferred_lft forever
    inet6 fe80::ee60:498d:5290:4b4c/64 scope link stable-privacy
       valid_lft forever preferred_lft forever
7: br-be1ace317cd9:  mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:44:44:44:16 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.1/16 brd 172.18.255.255 scope global br-be1ace317cd9
       valid_lft forever preferred_lft forever
    inet6 fe80::42:44ff:fe44:4416/64 scope link
       valid_lft forever preferred_lft forever
8: docker0:  mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:8d:59:44:31 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
14: veth0d19f34@if13:  mtu 1500 qdisc noqueue master br-be1ace317cd9 state UP group default
    link/ether 12:0c:60:07:a8:a5 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::100c:60ff:fe07:a8a5/64 scope link
       valid_lft forever preferred_lft forever
16: nm-main:  mtu 1280 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet 10.11.11.8/24 scope global nm-main
       valid_lft forever preferred_lft forever

cat /etc/resolv.conf

# resolv.conf(5) file generated by tailscale
# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 100.100.100.100
search main.local.net

tailscale status --json

{
  "Version": "1.16.0-t86bcf6a96-gf787a582e",
  "BackendState": "Running",
  "AuthURL": "",
  "TailscaleIPs": [
    "10.0.1.2"
  ],
  "Self": {
    "ID": "2",
    "PublicKey": "QKphoL3CkI2vD20S5Ne7g2p6cPwcAlRA2h0hKJ/lNVU=",
    "HostName": "mum-1",
    "DNSName": "mum-1.main.local.net",
    "OS": "linux",
    "UserID": 1,
    "TailAddr": "10.0.1.2",
    "TailscaleIPs": [
      "10.0.1.2"
    ],
    "Addrs": [
      "PUBLIC_v4:41641",
      "10.0.0.154:41641",
      "10.0.1.2:41641",
      "10.11.11.8:41641",
      "10.66.66.1:41641",
      "172.17.0.1:41641",
      "172.18.0.1:41641",
      "[PUBLIC_v6]:41641"
    ],
    "CurAddr": "",
    "Relay": "blr",
    "RxBytes": 0,
    "TxBytes": 0,
    "Created": "0001-01-01T00:00:00Z",
    "LastWrite": "0001-01-01T00:00:00Z",
    "LastSeen": "0001-01-01T00:00:00Z",
    "LastHandshake": "0001-01-01T00:00:00Z",
    "KeepAlive": false,
    "ExitNode": false,
    "Active": false,
    "PeerAPIURL": [
      "http://10.0.1.2:35199"
    ],
    "Capabilities": [
      "https://tailscale.com/cap/file-sharing"
    ],
    "InNetworkMap": false,
    "InMagicSock": false,
    "InEngine": false
  },
  "Health": null,
  "MagicDNSSuffix": "main.local.net",
  "CertDomains": null,
  "Peer": {
    "8IFinpYQZ3IKygOp2nkXiBor/+bisT4Opbb/+ZGQcFs=": {
      "ID": "1",
      "PublicKey": "8IFinpYQZ3IKygOp2nkXiBor/+bisT4Opbb/+ZGQcFs=",
      "HostName": "dub-1",
      "DNSName": "dub-1.main.local.net",
      "OS": "linux",
      "UserID": 1,
      "TailAddr": "",
      "TailscaleIPs": [],
      "Addrs": null,
      "CurAddr": "10.11.11.5:41641",
      "Relay": "sin",
      "RxBytes": 33468,
      "TxBytes": 23368,
      "Created": "2021-10-11T12:32:54.845811961+06:00",
      "LastWrite": "2021-10-12T00:14:31.914971403+06:00",
      "LastSeen": "2021-10-11T18:13:50.339081241Z",
      "LastHandshake": "2021-10-12T00:13:15.782278837+06:00",
      "KeepAlive": true,
      "ExitNode": false,
      "Active": true,
      "PeerAPIURL": null,
      "InNetworkMap": true,
      "InMagicSock": true,
      "InEngine": true
    },
    "Gv7hpxpwnSww922gYvY7CdgKI6fpB9/FFm4wKDuUbkU=": {
      "ID": "3",
      "PublicKey": "Gv7hpxpwnSww922gYvY7CdgKI6fpB9/FFm4wKDuUbkU=",
      "HostName": "hub-3",
      "DNSName": "hub-3.main.local.net",
      "OS": "linux",
      "UserID": 1,
      "TailAddr": "",
      "TailscaleIPs": [],
      "Addrs": null,
      "CurAddr": "10.11.11.3:41641",
      "Relay": "sfo",
      "RxBytes": 24172,
      "TxBytes": 32792,
      "Created": "2021-10-11T12:40:13.65182005+06:00",
      "LastWrite": "2021-10-12T00:14:27.267750772+06:00",
      "LastSeen": "2021-10-11T18:13:45.356754978Z",
      "LastHandshake": "2021-10-12T00:14:01.138016949+06:00",
      "KeepAlive": true,
      "ExitNode": false,
      "Active": true,
      "PeerAPIURL": null,
      "InNetworkMap": true,
      "InMagicSock": true,
      "InEngine": true
    }
  },
  "User": {
    "1": {
      "ID": 1,
      "LoginName": "main",
      "DisplayName": "main",
      "ProfilePicURL": "",
      "Roles": []
    }
  }
}
@mhhakim commented on GitHub (Oct 11, 2021): This is my first time setup. Here's the outputs. #### ip addr <pre> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq state UP group default qlen 1000 link/ether 02:00:17:01:b6:92 brd ff:ff:ff:ff:ff:ff altname enp0s3 inet 10.0.0.154/24 brd 10.0.0.255 scope global dynamic eth0 valid_lft 74180sec preferred_lft 74180sec inet6 PUBLIC_IPv6/128 scope global valid_lft forever preferred_lft forever inet6 fe80::17ff:fe01:b692/64 scope link valid_lft forever preferred_lft forever 3: ztv4t3w3z4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc fq state UNKNOWN group default qlen 1000 link/ether 66:be:78:8e:94:ee brd ff:ff:ff:ff:ff:ff inet 10.10.10.143/24 brd 10.10.10.255 scope global ztv4t3w3z4 valid_lft forever preferred_lft forever inet6 fe80::f491:87ff:feae:c6ca/64 scope link valid_lft forever preferred_lft forever 4: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 8920 qdisc noqueue state UNKNOWN group default qlen 1000 link/none inet 10.66.66.1/24 scope global wg0 valid_lft forever preferred_lft forever inet6 fd42:42:42::1/64 scope global valid_lft forever preferred_lft forever 6: tailscale0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc fq state UNKNOWN group default qlen 500 link/none inet 10.0.1.2/32 scope global tailscale0 valid_lft forever preferred_lft forever inet6 fe80::ee60:498d:5290:4b4c/64 scope link stable-privacy valid_lft forever preferred_lft forever 7: br-be1ace317cd9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:44:44:44:16 brd ff:ff:ff:ff:ff:ff inet 172.18.0.1/16 brd 172.18.255.255 scope global br-be1ace317cd9 valid_lft forever preferred_lft forever inet6 fe80::42:44ff:fe44:4416/64 scope link valid_lft forever preferred_lft forever 8: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:8d:59:44:31 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever 14: veth0d19f34@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-be1ace317cd9 state UP group default link/ether 12:0c:60:07:a8:a5 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::100c:60ff:fe07:a8a5/64 scope link valid_lft forever preferred_lft forever 16: nm-main: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1280 qdisc noqueue state UNKNOWN group default qlen 1000 link/none inet 10.11.11.8/24 scope global nm-main valid_lft forever preferred_lft forever </pre> #### cat /etc/resolv.conf <pre> # resolv.conf(5) file generated by tailscale # DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN nameserver 100.100.100.100 search main.local.net </pre> #### tailscale status --json <pre> { "Version": "1.16.0-t86bcf6a96-gf787a582e", "BackendState": "Running", "AuthURL": "", "TailscaleIPs": [ "10.0.1.2" ], "Self": { "ID": "2", "PublicKey": "QKphoL3CkI2vD20S5Ne7g2p6cPwcAlRA2h0hKJ/lNVU=", "HostName": "mum-1", "DNSName": "mum-1.main.local.net", "OS": "linux", "UserID": 1, "TailAddr": "10.0.1.2", "TailscaleIPs": [ "10.0.1.2" ], "Addrs": [ "PUBLIC_v4:41641", "10.0.0.154:41641", "10.0.1.2:41641", "10.11.11.8:41641", "10.66.66.1:41641", "172.17.0.1:41641", "172.18.0.1:41641", "[PUBLIC_v6]:41641" ], "CurAddr": "", "Relay": "blr", "RxBytes": 0, "TxBytes": 0, "Created": "0001-01-01T00:00:00Z", "LastWrite": "0001-01-01T00:00:00Z", "LastSeen": "0001-01-01T00:00:00Z", "LastHandshake": "0001-01-01T00:00:00Z", "KeepAlive": false, "ExitNode": false, "Active": false, "PeerAPIURL": [ "http://10.0.1.2:35199" ], "Capabilities": [ "https://tailscale.com/cap/file-sharing" ], "InNetworkMap": false, "InMagicSock": false, "InEngine": false }, "Health": null, "MagicDNSSuffix": "main.local.net", "CertDomains": null, "Peer": { "8IFinpYQZ3IKygOp2nkXiBor/+bisT4Opbb/+ZGQcFs=": { "ID": "1", "PublicKey": "8IFinpYQZ3IKygOp2nkXiBor/+bisT4Opbb/+ZGQcFs=", "HostName": "dub-1", "DNSName": "dub-1.main.local.net", "OS": "linux", "UserID": 1, "TailAddr": "", "TailscaleIPs": [], "Addrs": null, "CurAddr": "10.11.11.5:41641", "Relay": "sin", "RxBytes": 33468, "TxBytes": 23368, "Created": "2021-10-11T12:32:54.845811961+06:00", "LastWrite": "2021-10-12T00:14:31.914971403+06:00", "LastSeen": "2021-10-11T18:13:50.339081241Z", "LastHandshake": "2021-10-12T00:13:15.782278837+06:00", "KeepAlive": true, "ExitNode": false, "Active": true, "PeerAPIURL": null, "InNetworkMap": true, "InMagicSock": true, "InEngine": true }, "Gv7hpxpwnSww922gYvY7CdgKI6fpB9/FFm4wKDuUbkU=": { "ID": "3", "PublicKey": "Gv7hpxpwnSww922gYvY7CdgKI6fpB9/FFm4wKDuUbkU=", "HostName": "hub-3", "DNSName": "hub-3.main.local.net", "OS": "linux", "UserID": 1, "TailAddr": "", "TailscaleIPs": [], "Addrs": null, "CurAddr": "10.11.11.3:41641", "Relay": "sfo", "RxBytes": 24172, "TxBytes": 32792, "Created": "2021-10-11T12:40:13.65182005+06:00", "LastWrite": "2021-10-12T00:14:27.267750772+06:00", "LastSeen": "2021-10-11T18:13:45.356754978Z", "LastHandshake": "2021-10-12T00:14:01.138016949+06:00", "KeepAlive": true, "ExitNode": false, "Active": true, "PeerAPIURL": null, "InNetworkMap": true, "InMagicSock": true, "InEngine": true } }, "User": { "1": { "ID": 1, "LoginName": "main", "DisplayName": "main", "ProfilePicURL": "", "Roles": [] } } } </pre>
adam commented 2025-12-29 01:21:02 +01:00
Author
Owner
Copy Link

@juanfont commented on GitHub (Oct 12, 2021):

We have been able to replicate the issue. We will let you know ASAP :)

@juanfont commented on GitHub (Oct 12, 2021): We have been able to replicate the issue. We will let you know ASAP :)
adam commented 2025-12-29 01:21:04 +01:00
Author
Owner
Copy Link

@juanfont commented on GitHub (Oct 16, 2021):

Small update on this.

We are quite sure this is a 'feature' of the Tailscale client. They filter out the IP addresses that don't belong to their 100.64.0.0/10.

I need some more time to change their code, and perhaps trigger a PR to them.

@juanfont commented on GitHub (Oct 16, 2021): Small update on this. We are quite sure this is a 'feature' of the Tailscale client. They filter out the IP addresses that don't belong to their 100.64.0.0/10. I need some more time to change their code, and perhaps trigger a PR to them.
adam commented 2025-12-29 01:21:04 +01:00
Author
Owner
Copy Link

@enoperm commented on GitHub (Nov 21, 2021):

Grepping through the tailscale code led me to 22a1a5d7cf/ipn/ipnlocal/local.go (L389)

I think moving that below the } might do the trick, though I have yet to test it.

@enoperm commented on GitHub (Nov 21, 2021): Grepping through the tailscale code led me to https://github.com/tailscale/tailscale/blob/22a1a5d7cf1e365d4a8d93176e5eef3abfc0144b/ipn/ipnlocal/local.go#L389 I think moving that below the `}` might do the trick, though I have yet to test it.
adam commented 2025-12-29 01:21:05 +01:00
Author
Owner
Copy Link

@enoperm commented on GitHub (Nov 21, 2021):

Though I guess the IsSingleIP call might still be useful here, so maybe it is a little bit more than just swapping two lines.

@enoperm commented on GitHub (Nov 21, 2021): Though I guess the `IsSingleIP` call might still be useful here, so maybe it is a little bit more than just swapping two lines.
adam commented 2025-12-29 01:21:05 +01:00
Author
Owner
Copy Link

@kradalby commented on GitHub (Jun 12, 2022):

I am going to shelve this for now, if this is still an issue, please reopen.

@kradalby commented on GitHub (Jun 12, 2022): I am going to shelve this for now, if this is still an issue, please reopen.
adam commented 2025-12-29 01:21:05 +01:00
Author
Owner
Copy Link

@1itt1eB0y commented on GitHub (Jun 16, 2022):

I am going to shelve this for now, if this is still an issue, please reopen.

still a problem without using 100.64.0.0/10
图片

And this problem will cause linux client can't use exit node function properly.

@1itt1eB0y commented on GitHub (Jun 16, 2022): > I am going to shelve this for now, if this is still an issue, please reopen. still a problem without using `100.64.0.0/10` ![图片](https://user-images.githubusercontent.com/29831189/174121454-04a8399d-52e5-473f-95d1-0632d0a5d490.png) And this problem will cause linux client can't use exit node function properly.
adam commented 2025-12-29 01:21:05 +01:00
Author
Owner
Copy Link

@restanrm commented on GitHub (Aug 24, 2022):

I think this issue should be reopened, it's not fixed and not fixable by headscale. Or we could open a new issue to remove the ability to change network prefixes for Headscale since it doesn't work at all with the tailscale client.

By removing prefix choice I mean choosing between

  • IPv4
  • IPv6
  • Both

not removing completely that ability.

The network prefixes are deeply embedded in tailscale client. Removing the iptables on client side is not enough.

@restanrm commented on GitHub (Aug 24, 2022): I think this issue should be reopened, it's not fixed and not fixable by headscale. Or we could open a new issue to remove the ability to change network prefixes for Headscale since it doesn't work at all with the tailscale client. By removing prefix choice I mean choosing between - IPv4 - IPv6 - Both not removing completely that ability. The network prefixes are deeply embedded in tailscale client. Removing the `iptables` on client side is not enough.
adam commented 2025-12-29 01:21:07 +01:00
Author
Owner
Copy Link

@yangboyd commented on GitHub (Dec 6, 2022):

Please document this . (100.64.0.0/10) It is hardcoded in tailscale.

@yangboyd commented on GitHub (Dec 6, 2022): Please document this . (100.64.0.0/10) It is hardcoded in tailscale.
adam commented 2025-12-29 01:21:07 +01:00
Author
Owner
Copy Link

@Gerrit91 commented on GitHub (Mar 30, 2023):

The same applies for IPv6 prefixes, they need to be inside fd7a:115c:a1e0:ab12::/64

https://tailscale.com/kb/1033/ip-and-dns-addresses/#tailscale-ipv6-local-address-prefix

@Gerrit91 commented on GitHub (Mar 30, 2023): The same applies for IPv6 prefixes, they need to be inside `fd7a:115c:a1e0:ab12::/64` https://tailscale.com/kb/1033/ip-and-dns-addresses/#tailscale-ipv6-local-address-prefix
adam commented 2025-12-29 01:21:07 +01:00
Author
Owner
Copy Link

@axxonadmin commented on GitHub (Oct 8, 2023):

I can't see ipv4 address in windows tailscale client despite the fact that it assigned and works,
I see only IPv6

@axxonadmin commented on GitHub (Oct 8, 2023): I can't see ipv4 address in windows tailscale client despite the fact that it assigned and works, I see only IPv6
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
CLI
DERP
DNS
Nix
OIDC
SSH
bug
database
documentation
duplicate
enhancement
faq
good first issue
grants
help wanted
might-come
needs design doc
needs investigation
no-stale-bot
out of scope
performance
policy 📝
pull-request
Mirrored from GitHub Pull Request
 question
regression
routes
stale
tags
tailscale-feature-gap
well described ❤️
wontfix
No Label bug tailscale-feature-gap
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/headscale#44
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?