openwrt package #724
Comments
|
Notes to self, looking in to how I can run OpenWRT in a VM: https://openwrt.org/docs/guide-user/installation/openwrt_x86 |
|
Yes, yes it does :) That said, I needed Blog post with details and a simple init script: How I set up Tailscale on my WiFi router |
|
@willangley, that's great, thanks! |
And help out with missing packages. Thanks to @willangley for tips. Updates #724
|
@willangley, I pushed 5d8b88b to make things easier for people in the future too. |
|
The new version has been tested. The installation can be used in OpenWrt R20.7.1. But the open boot and pre-authentication keys are missing Start and start also need script operation, can this be integrated; |
|
It's rather painless to package for OpenWRT, I'm happy to assist. https://openwrt.org/docs/guide-developer/packages |
|
There is no problem with the installation. It is mainly the integration of startup after boot, and I hope it can be integrated into the package. After installation, it can be started |
|
``#!/bin/sh /etc/rc.common Copyright 2020 Google LLC.SPDX-License-Identifier: Apache-2.0USE_PROCD=1 start_service() { Set the port to listen on for incoming VPN packets.Remote nodes will automatically be informed about the new port number,but you might want to configure this in order to set external firewallsettings.procd_append_param command --port 41641 OpenWRT /var is a symlink to /tmp, so write persistent state elsewhere.procd_append_param command --state /etc/tailscale/tailscaled.state procd_set_param respawn procd_close_instance stop_service() { https://willangley.org/how-i-set-up-tailscale-on-my-wifi-router/ This service code is integrated into the application |
|
This is working for me pretty well adyanth/openwrt-tailscale-enabler. Looking into making an ipk from this. Note that I have to download the tailscale binaries on boot since my flash is only 8MB (3MB free) and the tailscale binaries are 14MB and 9MB. Thanks to @talway / @willangley this for the inspiration |
|
Pre-built binaries are generally frowned upon by OpenWRT, but here's an example of doing it right - https://github.com/yousong/waller/tree/master/k3s |
|
Yeah, that's correct. But in this case, that script only downloads the MIPS static binary which the (my) router runs on. It's a feeble attempt at automating the install with a version option to switch the arch, and a proper ipk should include compilation for the specific platform. |
|
@bradfitz Hello, can you integrate this installation script into the installation program to support the router system openwrt. |
This script yes@willangley, I just see the copy, can you push your script to this code base |
|
@adyanth There is no need to create an .ipk, just create a Makefile. If it's accepted upstream into OpenWRT, then end users can simply run Here's an example of a 3rd party package feed: https://github.com/zhaojh329/openwrt-feed |
|
@Strykar |
|
@Strykar that's interesting. Will check that out soon, and see if I can get something running. The issue is opkg by default installs in flash, but for many routers, ~20MB free space in flash is doubtful. |
I could, but honestly, IMHO, an openwrt luci-app-tailscale would be the way forward and scale adoption. Sadly, I am not the person to create and maintain a luci web interface app. |
@adyanth 32 MB Flash / 128 MB RAM is recommended going forward. |
|
Openwrt supports 8MB or above. Mine is 8MB flash with 128MB RAM, and is running the latest openwrt with no issues. I was surprised that I was even able to install packages such as openvpn in it, most of them being much less than 500kb in size. Maybe a highly stripped down version of tailscale would work. But I get that 32MB flash would provide more headroom to work with. Sadly this is the hardware I'm stuck with for now :/ |
Oh, I understand. I don't think it's a problem. How about writing it first? This can be solved through communication; |
|
Do you need testers in the future? Count me in... |
Most routers nowadays have a USB port, so I wonder if a cheap flash pendrive wouldn't solve this issue in most cases. Instructions here can be followed. |
|
FYI - On this here openwrt router But yeah! /etc/openwrt_release says: Note Apparently there is some confusion about mipsel v.s. mipsle which I didn't investigate much. |
|
@bhyde did the mipsle version work, or did both fail? I'm happy to update my blog post based on your experience – |
|
Hi, I created PR with tailscale package to OpenWrt packages repo openwrt/packages#15539 . Package is based on info from this issue . If you have any suggestions, please let me know. |
|
@ja-pa, thank you! |
The mipsle worked, at least I could ssh into the router using the magic dns name and the tailscale IP.
My excessively opaque comment "confusion about mipsel v.s. mipsle" was due to a brief glance at this posting - https://superuser.com/questions/1262144/naming-mipsle-vs-mipsel. |
Hi, The list of supported architectures is here https://github.com/openwrt/packages/blob/master/lang/golang/golang-values.mk#L126 (example https://downloads.openwrt.org/snapshots/packages/arm_cortex-a8_vfpv3/packages/tailscale_1.6.0-1_arm_cortex-a8_vfpv3.ipk and https://downloads.openwrt.org/snapshots/packages/arm_cortex-a8_vfpv3/packages/tailscaled_1.6.0-1_arm_cortex-a8_vfpv3.ipk ) Feel free to test it and let me know if you have any problems or suggestions for improvements. |
Thank you for your work. Can this version be kept up to date |
tailscale package contains just CLI utility (https://tailscale.com/kb/1080/cli/). It cannot be installed without installing tailscaled package. tailscaled package contains tailscaled binary, init script and uci config. Tailscaled runs as a daemon and provides connectivity to tailscale network. The reason why is tailscale utility separated is, that most users won't need it installed for the whole time and will use it only for setup. So it can be uninstalled later and save 6,8M of disk space. (That is the idea why it is packaged separately). I created a small readme how to use it https://github.com/openwrt/packages/tree/master/net/tailscale. |
|
Has anyone tried tailscale using the I'm able to use the exit node directly from the router (i.e. curl https://ifconfig.me shoes the exit node IP address). Unfortunately, it seems there needs to be something put in /etc/config/firewall rules (or maybe even /etc/config/network) to have traffic from my LAN exit out of the tailscale0 interface. Has anyone had any luck? I've also tried to --advertise-routes flag. |
I'll assume you mean on openwrt. Yes, I have some openwrt devices around the house acting to bridge the LAN Ethernet to wifi. On one of these I have the exit node setup, and that works. For example, I tell tailscale on my phone when I'm out and about to use that exit node and my traffic flows back to my house and then out again. I used https://myip.com/ to check that. I'll admit I haven't used it much; so it might be slow, fail under load, etc. And i've yet to upgrade to the new opkg. |
|
Hi I am not so much into OpenWRT, but when to "--accept-routes" on tailscale UP all bridge-lan traffic died - I am running wlan over wireless Any clues thanks Felix |
|
Accepting routes messes with the routing table that OpenWRT uses to, well, route everything, lan and wan traffic. Tailscale routes have higher priority. If you have overlapping IPs, it would cause issues. I always disable both accepting routes and DNS when using on routers. |
|
Tailscale normally only add routes to each subnet advertised from the tailscale mesh. I need "accept-routes" or else my tailscale client can't reach stuff on the mesh. - maybe tailscale is doing this differently on Openwrt Thanks |
|
Ohh, you are using the router as a Tailscale client for all the devices behind it? Then yes, you need to accept routes. But I have had issues using it in such a way. I'll let others comment on this usecase. PS: it's probably OpenWRT, not Tailscale client messing it up |
|
Yes and thanks - if I don't do "accept-routes" there is no issue with local bridge-lan |
Hello, friend! Thank you so much for your work! Those, who wants to use Tailscale appreciate it, and me too) About a month ago I started to use Tailscale on my fresh OpenWRT install. Most of the features works well, except using the exit node. There is some problems I don't know how to solve yet. When I'm trying to start using exit node in order to give access to devices connected to the router it fails. In other words router connects to the node, and It can establish connection through exit node (I've tried ping with it some servers and it works) but all the other devices cannot get access to the Internet. Hope you can help to find the solution for this issue. Thanks in advance! |
|
Can the Openwrt router be used as tailscale subnet? |
|
I usr it on OpenWrt and set the subnet It seems like tailscale can not send the package back to other computer. Do I need to set the firewall on OpenWrt? |
|
There seems to be a bit of confusion about subnet and exit routes. |
how you will enter the CIDR when ips are in range of 100.66.32.11 to 100.125.55.64? |
The |
|
Likely relevant for this audience: https://tailscale.com/kb/1207/small-tailscale/ |
|
Fixed by openwrt/packages#15539 |
User reports say that tailscale works on openwrt with the static arm binary. The only extra step that's required is
opkg install kmod-tun.(This is complicated by the fact that there's more than one flavor of openwrt.)
The text was updated successfully, but these errors were encountered: