subnet routes is not work on my devices

[SAFEluren]

as title, ts subnetroutes is not work on my devices

When I use Tailscale Andorid, I can access it fine.

Here's what I tried on the console:

https://pastebin.ubuntu.com/p/vTQ2Nc6h7h/

Let me know if you need more information

[anasfanani]

maybe because tailscale is in mode userspace-networking with proxy, any network traffict from device to other device must going to local socks5 proxy on port 1099

you may check latest pre-release at https://github.com/anasfanani/Magisk-Tailscaled/releases and try add ip to the iptables.

anyway I'm not yet use the subnetroutes feature, for now I cant help so much because I dont have enough knowledge for subnetroutes.

[SAFEluren]

After updating to the pre-release version, the subroutes still don't work, and when accessing the Subroutes IP in a browser, this will prompt ERR_CONNECTION_TIMED_OUT. but it is possible to access other devices in the tailnet.
In any case, thank you!
(Machine translated by DeepL)

[anasfanani]

Bellow is just for notes in case other people asking the exit node.

Exit Nodes

I trying use Android as exit node based on this documentation:
https://tailscale.com/kb/1103/exit-nodes?tab=linux#advertise-a-device-as-an-exit-node

I see the problem at file /etc/resolv.conf

Current available solution for dns error while using android as exit node is:

su
mkdir -p /data/adb/modules/magisk-tailscaled/system/etc/
printf "nameserver 1.1.1.1\nnameserver 1.0.0.1" >> /data/adb/modules/magisk-tailscaled/system/etc/resolv.conf

Then reboot the device.

In second machine I'm using Ubuntu in AWS for test exit node

sudo tailscale up --exit-node=100.123.227.100

After enter the command, my connection to the Ubuntu machine is disconnect, I dont know why, but I check in the tailscale dashboard my device still connected to the machine, so I reconnect it with ssh ubuntu@100.68.147.73

Connection success.

Try to check which network is used for internet connection with curl ipinfo.io -v and show my Ubuntu machine is using IP from my Android.

But when try curl to 192.168.1.1 (Wi-Fi router connected in my Android network), the connection is timed out.

I assume the exit node is partially working ( or my configuration is wrong ).

Subnet Routes

Based on this documentation https://tailscale.com/kb/1019/subnets

I'm using OpenWRT for testing, first I need Enable IP forwarding, then advertise routes in the OpenWRT machine.

sudo tailscale up --advertise-routes=192.168.0.0/24,192.168.1.0/24

After that Enable subnet routes from the admin console

Now go to my Ubuntu machine to test the subnet routes is working or not.

sudo tailscale up --accept-routes

Then test the connection

ubuntu@ip-172-31-45-215:~$ curl 192.168.1.1 -v
*   Trying 192.168.1.1:80...
* Connected to 192.168.1.1 (192.168.1.1) port 80 (#0)
> GET / HTTP/1.1
> Host: 192.168.1.1
> User-Agent: curl/7.81.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Connection: Keep-Alive
< Keep-Alive: timeout=20
< ETag: "2db0-30c-6531a3aa"
< Last-Modified: Thu, 19 Oct 2023 21:46:18 GMT
< Date: Thu, 02 May 2024 22:17:17 GMT
< Content-Type: text/html
< Content-Length: 780
<
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
        <head>
                <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
                <meta http-equiv="Pragma" content="no-cache" />
                <meta http-equiv="Expires" content="0" />
                <meta http-equiv="refresh" content="0; URL=cgi-bin/luci/" />
                <style type="text/css">
                        body { background: white; font-family: arial, helvetica, sans-serif; }
                        a { color: black; }

                        @media (prefers-color-scheme: dark) {
                                body { background: black; }
                                a { color: white; }
                        }
                </style>
        </head>
        <body>
                <a href="cgi-bin/luci/">LuCI - Lua Configuration Interface</a>
        </body>
</html>
* Connection #0 to host 192.168.1.1 left intact

My subnet routes is perfectly working.

Now switch to the Android phone with Magisk-Tailscaled module installed the pre-release version and execute this as root.

su
tailscale up --accept-routes

Because my latest pre-release version add the socks5 tunnel with interface named as tailscale0, now I test the connection to my OpenWRT router using curl on specific interface, my android is connected to 4G LTE network.

curl 192.168.1.1 -v --interface tailscale0

or I can use socks5 directly

curl 192.168.1.1 -v -x 0.0.0.0:1099

Connection success.

For subnet routes solution for now is add your own iptables route in /data/adb/tailscale/scripts/tailscaled.tun.up and /data/adb/tailscale/scripts/tailscaled.tun.down file.

tailscaled.tun.up is executed when tailscaled started.
tailscaled.tun.down is executed when tailscaled stopped.

[SAFEluren]

Thanks, I didn't let traffic through the socks tunnel earlier.🤓

[anasfanani]

Thankyou brother for open issue, let me close this issue because already fixed, however you may check latest version.

https://github.com/anasfanani/Magisk-Tailscaled/releases/tag/v1.66.0.1

But all your modifed files in tailscaled.tun.up tailscaled.tun.down is replaced when you flash this.