best it to reboot and to check logs as follow
journalctl -u tailscaled
Wow is that output big after a reboot, lots of DNS errorsā¦ Itās always DNS but nothing I can see that points out about it failing in any type of way but I may be blind.
$ sudo journalctl -u tailscaled
systemd[1]: Starting tailscaled.service - Tailscale node agent...
tailscaled[368]: logtail started
tailscaled[368]: Program starting: v1.48.2-ta6bcfd691-g62c580b04, Go 1.21.0: []string{"/usr/sbin/tailscaled", "--cleanup"}
tailscaled[368]: LogID: 15fd327205891c4111602e9b7db454f2e66669582ab47bb5b0f82c98d4e84e18
tailscaled[368]: logpolicy: using $STATE_DIRECTORY, "/var/lib/tailscale"
tailscaled[368]: dns: [rc=unknown ret=direct]
tailscaled[368]: dns: using "direct" mode
tailscaled[368]: dns: using *dns.directManager
tailscaled[368]: deleting [-j ts-input] in filter/INPUT: running [/usr/sbin/iptables -t filter -D INPUT -j ts-input --wait]: exit status 2: iptables v1.8.9 (nf_tables): Chain 'ts-input' does not exist
tailscaled[368]: Try `iptables -h' or 'iptables --help' for more information.
tailscaled[368]: deleting [-j ts-forward] in filter/FORWARD: running [/usr/sbin/iptables -t filter -D FORWARD -j ts-forward --wait]: exit status 2: iptables v1.8.9 (nf_tables): Chain 'ts-forward' does not exist
tailscaled[368]: Try `iptables -h' or 'iptables --help' for more information.
tailscaled[368]: deleting [-j ts-postrouting] in nat/POSTROUTING: running [/usr/sbin/iptables -t nat -D POSTROUTING -j ts-postrouting --wait]: exit status 2: iptables v1.8.9 (nf_tables): Chain 'ts-postrouting' does not exist
tailscaled[368]: Try `iptables -h' or 'iptables --help' for more information.
tailscaled[368]: deleting [-j ts-input] in filter/INPUT: running [/usr/sbin/ip6tables -t filter -D INPUT -j ts-input --wait]: exit status 2: ip6tables v1.8.9 (nf_tables): Chain 'ts-input' does not exist
tailscaled[368]: Try `ip6tables -h' or 'ip6tables --help' for more information.
tailscaled[368]: deleting [-j ts-forward] in filter/FORWARD: running [/usr/sbin/ip6tables -t filter -D FORWARD -j ts-forward --wait]: exit status 2: ip6tables v1.8.9 (nf_tables): Chain 'ts-forward' does not exist
tailscaled[368]: Try `ip6tables -h' or 'ip6tables --help' for more information.
tailscaled[368]: [RATELIMIT] format("deleting %v in %s/%s: %v")
tailscaled[368]: flushing log.
tailscaled[368]: logger closing down
tailscaled[480]: logtail started
tailscaled[480]: Program starting: v1.48.2-ta6bcfd691-g62c580b04, Go 1.21.0: []string{"/usr/sbin/tailscaled", "--state=/var/lib/tailscale/tailscaled.state", "--socket=/run/tailscale/tailscaled.sock", "--port=41641"}
tailscaled[480]: LogID: 15fd327205891c4111602e9b7db454f2e66669582ab47bb5b0f82c98d4e84e18
tailscaled[480]: logpolicy: using $STATE_DIRECTORY, "/var/lib/tailscale"
tailscaled[480]: wgengine.NewUserspaceEngine(tun "tailscale0") ...
systemd[1]: Started tailscaled.service - Tailscale node agent.
tailscaled[480]: router: default choosing iptables
tailscaled[480]: router: using iptables
tailscaled[480]: router: v6nat = true
tailscaled[480]: dns: [rc=unknown ret=direct]
tailscaled[480]: dns: using "direct" mode
tailscaled[480]: dns: using *dns.directManager
tailscaled[480]: link state: interfaces.State{defaultRoute=eth0 ifs={eth0:[192.168.1.4/24]} v4=true v6=false}
tailscaled[480]: magicsock: disco key = d:PotentiallySensitiveKey
tailscaled[480]: Creating WireGuard device...
tailscaled[480]: Bringing WireGuard device up...
tailscaled[480]: Bringing router up...
tailscaled[480]: external route: up
tailscaled[480]: Clearing router settings...
tailscaled[480]: Starting network monitor...
tailscaled[480]: Engine created.
tailscaled[480]: pm: using backend prefs for "profile-94d0": Prefs{ra=false dns=true want=true routes=[] nf=off Persist{lm=, o=, n=[h1vSm] u="TailscaleAccount"}}
tailscaled[480]: envknob: PORT="41641"
tailscaled[480]: logpolicy: using $STATE_DIRECTORY, "/var/lib/tailscale"
tailscaled[480]: synology Taildrop support: shared folder "Taildrop" not found
tailscaled[480]: got LocalBackend in 801ms
tailscaled[480]: Start
tailscaled[480]: Backend: logs: be:PotentialySensitive fe:
tailscaled[480]: control: client.Login(false, 0)
tailscaled[480]: control: doLogin(regen=false, hasUrl=false)
tailscaled[480]: health("overall"): error: not in map poll
tailscaled[480]: monitor: [unexpected] network state changed, but stringification didn't: interfaces.State{defaultRoute=eth0 ifs={eth0:[192.168.1.4/24]} v4=true v6=false}
tailscaled[480]: monitor: [unexpected] old: {"InterfaceIPs":{"eth0":["192.168.1.4/24"],"lo":["127.0.0.1/8","::1/128"]},"Interface":{"eth0":{"Index":2,"MTU":1500,"Name":"eth0","HardwareAddr":"5F8BDIu1","Flags":19,"AltAddrs":null,"Desc":""},"lo":{"Index":1,"MTU":65536,"Name":"lo","HardwareAddr":null,"Flags":37,"AltAddrs":null,"Desc":""}},"HaveV6":false,"HaveV4":true,"IsExpensive":false,"DefaultRouteInterface":"eth0","HTTPProxy":"","PAC":""}
tailscaled[480]: monitor: [unexpected] new: {"InterfaceIPs":{"eth0":["192.168.1.4/24","LinkLocalIPv6/64"],"lo":["127.0.0.1/8","::1/128"],"tailscale0":["fe80::87a1:4887:7fdf:5818/64"]},"Interface":{"eth0":{"Index":2,"MTU":1500,"Name":"eth0","HardwareAddr":"5F8BDIu1","Flags":51,"AltAddrs":null,"Desc":""},"lo":{"Index":1,"MTU":65536,"Name":"lo","HardwareAddr":null,"Flags":37,"AltAddrs":null,"Desc":""},"tailscale0":{"Index":3,"MTU":1280,"Name":"tailscale0","HardwareAddr":null,"Flags":57,"AltAddrs":null,"Desc":""}},"HaveV6":false,"HaveV4":true,"IsExpensive":false,"DefaultRouteInterface":"eth0","HTTPProxy":"","PAC":""}
tailscaled[480]: monitor: RTM_NEWROUTE: src=, dst=, gw=fLinkLocalIPv6, outif=2, table=254
tailscaled[480]: monitor: RTM_NEWROUTE: src=, dst=LinkGlobalIPv6Block::/64, gw=, outif=2, table=254
tailscaled[480]: LinkChange: major, rebinding. New state: interfaces.State{defaultRoute=eth0 ifs={eth0:[192.168.1.4/24]} v4=true v6=false}
tailscaled[480]: Rebind; defIf="eth0", ips=[192.168.1.4/24 LinkLocalIPv6/64]
tailscaled[480]: magicsock: 0 active derp conns
tailscaled[480]: LinkChange: major, rebinding. New state: interfaces.State{defaultRoute=eth0 ifs={eth0:[192.168.1.4/24 LinkGlobalIPv6/64]} v4=true v6=true}
tailscaled[480]: Rebind; defIf="eth0", ips=[192.168.1.4/24 LinkGlobalIPv6/64 LinkLocalIPv6/64]
tailscaled[480]: magicsock: 0 active derp conns
tailscaled[480]: monitor: RTM_NEWROUTE: src=, dst=fd8d:9c44:d6fc:e31b::/64, gw=, outif=2, table=254
tailscaled[480]: LinkChange: major, rebinding. New state: interfaces.State{defaultRoute=eth0 ifs={eth0:[192.168.1.4/24 LinkGlobalIPv6/64 GoogleNestHubsRALinkGlobalAddress/64]} v4=true v6=true}
tailscaled[480]: Rebind; defIf="eth0", ips=[192.168.1.4/24 LinkGlobalIPv6/64 GoogleNestHubsRALinkGlobalAddress/64 LinkLocalIPv6/64]
tailscaled[480]: magicsock: 0 active derp conns
tailscaled[480]: Received error: fetch control key: Get "https://controlplane.tailscale.com/key?v=68": write tcp 192.168.1.4:52392->3.124.108.117:443: use of closed network connection
tailscaled[480]: control: doLogin(regen=false, hasUrl=false)
tailscaled[480]: control: control server key from https://controlplane.tailscale.com: ts2021=[fSeS+], legacy=[nlFWp]
tailscaled[480]: control: RegisterReq: onode= node=[h1vSm] fup=false nks=false
tailscaled[480]: control: creating new noise client
tailscaled[480]: control: RegisterReq: got response; nodeKeyExpired=false, machineAuthorized=true; authURL=false
tailscaled[480]: monitor: RTM_NEWROUTE: src=, dst=LinkGlobalIPv6/128, gw=, outif=2, table=255
tailscaled[480]: monitor: RTM_NEWROUTE: src=, dst=LinkGlobalIPv6Block::/128, gw=, outif=2, table=255
tailscaled[480]: [RATELIMIT] format("monitor: %s: src=%v, dst=%v, gw=%v, outif=%v, table=%v")
tailscaled[480]: control: netmap: got new dial plan from control
tailscaled[480]: active login: TailscaleAccount
tailscaled[480]: Switching ipn state NoState -> Starting (WantRunning=true, nm=true)
tailscaled[480]: magicsock: SetPrivateKey called (init)
tailscaled[480]: wgengine: Reconfig: configuring userspace WireGuard config (with 0/3 peers)
tailscaled[480]: wgengine: Reconfig: configuring router
tailscaled[480]: wgengine: Reconfig: configuring DNS
tailscaled[480]: dns: Set: {DefaultResolvers:[192.168.1.4] Routes:{} SearchDomains:[] Hosts:4}
tailscaled[480]: dns: Resolvercfg: {Routes:{.:[192.168.1.4]} Hosts:4 LocalDomains:[]}
tailscaled[480]: dns: OScfg: {Nameservers:[100.100.100.100] SearchDomains:[] MatchDomains:[] Hosts:[]}
tailscaled[480]: peerapi: serving on http://100.114.200.106:45100
tailscaled[480]: peerapi: serving on http://[fd7a:115c:a1e0:ab12:4843:cd96:6272:c86a]:45100
tailscaled[480]: magicsock: home is now derp-4 (fra)
tailscaled[480]: magicsock: adding connection to derp-4 for home-keep-alive
tailscaled[480]: control: NetInfo: NetInfo{varies=false hairpin=false ipv6=true ipv6os=true udp=true icmpv4=false derp=#4 portmap= link="" firewallmode="ipt-default"}
tailscaled[480]: magicsock: 1 active derp conns: derp-4=cr0s,wr0s
tailscaled[480]: magicsock: endpoints changed: PublicIPv4:52565 (stun), [LinkGlobalIPv6]:41641 (stun), 192.168.1.4:41641 (local)
tailscaled[480]: Switching ipn state Starting -> Running (WantRunning=true, nm=true)
tailscaled[480]: derphttp.Client.Connect: connecting to derp-4 (fra)
tailscaled[480]: magicsock: derp-4 connected; connGen=1
tailscaled[480]: health("overall"): ok
tailscaled[480]: LinkChange: major, rebinding. New state: interfaces.State{defaultRoute=eth0 ifs={eth0:[192.168.1.4/24 LinkGlobalIPv6/64 GoogleNestHubsRALinkGlobalAddress/64] tailscale0:[100.114.200.106/32 fd7a:115c:a1e0:ab12:4843:cd96:6272:c86a/128] br-4fee1fcf6e63:down} v4=true v6=true}
tailscaled[480]: dns: Set: {DefaultResolvers:[192.168.1.4] Routes:{} SearchDomains:[] Hosts:4}
tailscaled[480]: dns: Resolvercfg: {Routes:{.:[192.168.1.4]} Hosts:4 LocalDomains:[]}
tailscaled[480]: dns: OScfg: {Nameservers:[100.100.100.100] SearchDomains:[] MatchDomains:[] Hosts:[]}
tailscaled[480]: Received error: PollNetMap: read tcp 192.168.1.4:60902->3.124.108.117:80: use of closed network connection
tailscaled[480]: wgengine: set DNS config again after major link change
tailscaled[480]: Rebind; defIf="eth0", ips=[192.168.1.4/24 LinkGlobalIPv6/64 GoogleNestHubsRALinkGlobalAddress/64 LinkLocalIPv6/64]
tailscaled[480]: magicsock: 1 active derp conns: derp-4=cr7s,wr7s
tailscaled[480]: post-rebind ping of DERP region 4 okay
tailscaled[480]: control: netmap: got new dial plan from control
tailscaled[480]: LinkChange: major, rebinding. New state: interfaces.State{defaultRoute=eth0 ifs={br-4fee1fcf6e63:[172.19.0.1/16] eth0:[192.168.1.4/24 LinkGlobalIPv6/64 GoogleNestHubsRALinkGlobalAddress/64] tailscale0:[100.114.200.106/32 fd7a:115c:a1e0:ab12:4843:cd96:6272:c86a/128] docker0:down} v4=true v6=true}
tailscaled[480]: dns: Set: {DefaultResolvers:[192.168.1.4] Routes:{} SearchDomains:[] Hosts:4}
tailscaled[480]: dns: Resolvercfg: {Routes:{.:[192.168.1.4]} Hosts:4 LocalDomains:[]}
tailscaled[480]: Received error: PollNetMap: read tcp [LinkGlobalIPv6]:34464->[2a05:d014:386:202:2697:66bf:c24a:a674]:80: use of closed network connection
tailscaled[480]: dns: OScfg: {Nameservers:[100.100.100.100] SearchDomains:[] MatchDomains:[] Hosts:[]}
tailscaled[480]: wgengine: set DNS config again after major link change
tailscaled[480]: Rebind; defIf="eth0", ips=[192.168.1.4/24 LinkGlobalIPv6/64 GoogleNestHubsRALinkGlobalAddress/64 LinkLocalIPv6/64]
tailscaled[480]: magicsock: 1 active derp conns: derp-4=cr7s,wr7s
tailscaled[480]: [RATELIMIT] format("magicsock: %v active derp conns%s")
tailscaled[480]: magicsock: endpoints changed: PublicIPv4:52565 (stun), [LinkGlobalIPv6]:41641 (stun), 172.19.0.1:41641 (local), 192.168.1.4:41641 (local)
tailscaled[480]: post-rebind ping of DERP region 4 okay
tailscaled[480]: control: netmap: got new dial plan from control
tailscaled[480]: LinkChange: major, rebinding. New state: interfaces.State{defaultRoute=eth0 ifs={br-4fee1fcf6e63:[172.19.0.1/16] docker0:[172.17.0.1/16 2001:db8:1::1/64] eth0:[192.168.1.4/24 LinkGlobalIPv6/64 GoogleNestHubsRALinkGlobalAddress/64] tailscale0:[100.114.200.106/32 fd7a:115c:a1e0:ab12:4843:cd96:6272:c86a/128]} v4=true v6=true}
tailscaled[480]: Received error: PollNetMap: read tcp [LinkGlobalIPv6]:34476->[2a05:d014:386:202:2697:66bf:c24a:a674]:80: use of closed network connection
tailscaled[480]: [RATELIMIT] format("LinkChange: major, rebinding. New state: %v")
tailscaled[480]: dns: Set: {DefaultResolvers:[192.168.1.4] Routes:{} SearchDomains:[] Hosts:4}
tailscaled[480]: dns: Resolvercfg: {Routes:{.:[192.168.1.4]} Hosts:4 LocalDomains:[]}
tailscaled[480]: dns: OScfg: {Nameservers:[100.100.100.100] SearchDomains:[] MatchDomains:[] Hosts:[]}
tailscaled[480]: wgengine: set DNS config again after major link change
tailscaled[480]: Rebind; defIf="eth0", ips=[192.168.1.4/24 LinkGlobalIPv6/64 GoogleNestHubsRALinkGlobalAddress/64 LinkLocalIPv6/64]
tailscaled[480]: [RATELIMIT] format("Rebind; defIf=%q, ips=%v")
tailscaled[480]: magicsock: endpoints changed: PublicIPv4:52565 (stun), [LinkGlobalIPv6]:41641 (stun), 172.17.0.1:41641 (local), 172.19.0.1:41641 (local), 192.168.1.4:41641 (local), [2001:db8:1::1]:41641 (local)
tailscaled[480]: post-rebind ping of DERP region 4 okay
tailscaled[480]: control: netmap: got new dial plan from control
tailscaled[480]: [RATELIMIT] format("monitor: %s: src=%v, dst=%v, gw=%v, outif=%v, table=%v") (9 dropped)
tailscaled[480]: monitor: RTM_NEWROUTE: src=, dst=2001:db8:1::/64, gw=, outif=5, table=254
tailscaled[480]: monitor: [unexpected] network state changed, but stringification didn't: interfaces.State{defaultRoute=eth0 ifs={br-4fee1fcf6e63:[172.19.0.1/16] docker0:[172.17.0.1/16 2001:db8:1::1/64] eth0:[192.168.1.4/24 LinkGlobalIPv6/64 GoogleNestHubsRALinkGlobalAddress/64] tailscale0:[100.114.200.106/32 fd7a:115c:a1e0:ab12:4843:cd96:6272:c86a/128]} v4=true v6=true}
tailscaled[480]: monitor: [unexpected] old: {"InterfaceIPs":{"br-4fee1fcf6e63":["172.19.0.1/16"],"docker0":["172.17.0.1/16","2001:db8:1::1/64","fe80::1/64"],"eth0":["192.168.1.4/24","LinkGlobalIPv6/64","GoogleNestHubsRALinkGlobalAddress/64","LinkLocalIPv6/64"],"lo":["127.0.0.1/8","::1/128"],"tailscale0":["100.114.200.106/32","fd7a:115c:a1e0:ab12:4843:cd96:6272:c86a/128","fe80::87a1:4887:7fdf:5818/64"]},"Interface":{"br-4fee1fcf6e63":{"Index":4,"MTU":1500,"Name":"br-4fee1fcf6e63","HardwareAddr":"AkKXFR4j","Flags":19,"AltAddrs":null,"Desc":""},"docker0":{"Index":5,"MTU":1500,"Name":"docker0","HardwareAddr":"AkImHtB1","Flags":51,"AltAddrs":null,"Desc":""},"eth0":{"Index":2,"MTU":1500,"Name":"eth0","HardwareAddr":"5F8BDIu1","Flags":51,"AltAddrs":null,"Desc":""},"lo":{"Index":1,"MTU":65536,"Name":"lo","HardwareAddr":null,"Flags":37,"AltAddrs":null,"Desc":""},"tailscale0":{"Index":3,"MTU":1280,"Name":"tailscale0","HardwareAddr":null,"Flags":57,"AltAddrs":null,"Desc":""}},"HaveV6":true,"HaveV4":true,"IsExpensive":false,"DefaultRouteInterface":"eth0","HTTPProxy":"","PAC":""}
tailscaled[480]: monitor: [unexpected] new: {"InterfaceIPs":{"br-4fee1fcf6e63":["172.19.0.1/16"],"docker0":["172.17.0.1/16","2001:db8:1::1/64","fe80::1/64"],"eth0":["192.168.1.4/24","LinkGlobalIPv6/64","GoogleNestHubsRALinkGlobalAddress/64","LinkLocalIPv6/64"],"lo":["127.0.0.1/8","::1/128"],"tailscale0":["100.114.200.106/32","fd7a:115c:a1e0:ab12:4843:cd96:6272:c86a/128","fe80::87a1:4887:7fdf:5818/64"]},"Interface":{"br-4fee1fcf6e63":{"Index":4,"MTU":1500,"Name":"br-4fee1fcf6e63","HardwareAddr":"AkKXFR4j","Flags":19,"AltAddrs":null,"Desc":""},"docker0":{"Index":5,"MTU":1500,"Name":"docker0","HardwareAddr":"AkImHtB1","Flags":19,"AltAddrs":null,"Desc":""},"eth0":{"Index":2,"MTU":1500,"Name":"eth0","HardwareAddr":"5F8BDIu1","Flags":51,"AltAddrs":null,"Desc":""},"lo":{"Index":1,"MTU":65536,"Name":"lo","HardwareAddr":null,"Flags":37,"AltAddrs":null,"Desc":""},"tailscale0":{"Index":3,"MTU":1280,"Name":"tailscale0","HardwareAddr":null,"Flags":57,"AltAddrs":null,"Desc":""}},"HaveV6":true,"HaveV4":true,"IsExpensive":false,"DefaultRouteInterface":"eth0","HTTPProxy":"","PAC":""}
tailscaled[480]: dns: Set: {DefaultResolvers:[192.168.1.4] Routes:{} SearchDomains:[] Hosts:4}
tailscaled[480]: dns: Resolvercfg: {Routes:{.:[192.168.1.4]} Hosts:4 LocalDomains:[]}
tailscaled[480]: dns: OScfg: {Nameservers:[100.100.100.100] SearchDomains:[] MatchDomains:[] Hosts:[]}
tailscaled[480]: Received error: PollNetMap: read tcp [LinkGlobalIPv6]:34488->[2a05:d014:386:202:2697:66bf:c24a:a674]:80: use of closed network connection
tailscaled[480]: wgengine: set DNS config again after major link change
tailscaled[480]: post-rebind ping of DERP region 4 okay
tailscaled[480]: control: netmap: got new dial plan from control
tailscaled[480]: monitor: [unexpected] network state changed, but stringification didn't: interfaces.State{defaultRoute=eth0 ifs={br-4fee1fcf6e63:[172.19.0.1/16] docker0:[172.17.0.1/16 2001:db8:1::1/64] eth0:[192.168.1.4/24 LinkGlobalIPv6/64 GoogleNestHubsRALinkGlobalAddress/64] tailscale0:[100.114.200.106/32 fd7a:115c:a1e0:ab12:4843:cd96:6272:c86a/128]} v4=true v6=true}
tailscaled[480]: monitor: [unexpected] old: {"InterfaceIPs":{"br-4fee1fcf6e63":["172.19.0.1/16"],"docker0":["172.17.0.1/16","2001:db8:1::1/64","fe80::1/64"],"eth0":["192.168.1.4/24","LinkGlobalIPv6/64","GoogleNestHubsRALinkGlobalAddress/64","LinkLocalIPv6/64"],"lo":["127.0.0.1/8","::1/128"],"tailscale0":["100.114.200.106/32","fd7a:115c:a1e0:ab12:4843:cd96:6272:c86a/128","fe80::87a1:4887:7fdf:5818/64"]},"Interface":{"br-4fee1fcf6e63":{"Index":4,"MTU":1500,"Name":"br-4fee1fcf6e63","HardwareAddr":"AkKXFR4j","Flags":19,"AltAddrs":null,"Desc":""},"docker0":{"Index":5,"MTU":1500,"Name":"docker0","HardwareAddr":"AkImHtB1","Flags":19,"AltAddrs":null,"Desc":""},"eth0":{"Index":2,"MTU":1500,"Name":"eth0","HardwareAddr":"5F8BDIu1","Flags":51,"AltAddrs":null,"Desc":""},"lo":{"Index":1,"MTU":65536,"Name":"lo","HardwareAddr":null,"Flags":37,"AltAddrs":null,"Desc":""},"tailscale0":{"Index":3,"MTU":1280,"Name":"tailscale0","HardwareAddr":null,"Flags":57,"AltAddrs":null,"Desc":""}},"HaveV6":true,"HaveV4":true,"IsExpensive":false,"DefaultRouteInterface":"eth0","HTTPProxy":"","PAC":""}
tailscaled[480]: monitor: [unexpected] new: {"InterfaceIPs":{"br-4fee1fcf6e63":["172.19.0.1/16","fe80::42:97ff:fe15:1e23/64"],"docker0":["172.17.0.1/16","2001:db8:1::1/64","fe80::1/64"],"eth0":["192.168.1.4/24","LinkGlobalIPv6/64","GoogleNestHubsRALinkGlobalAddress/64","LinkLocalIPv6/64"],"lo":["127.0.0.1/8","::1/128"],"tailscale0":["100.114.200.106/32","fd7a:115c:a1e0:ab12:4843:cd96:6272:c86a/128","fe80::87a1:4887:7fdf:5818/64"],"veth0047ee9":null,"veth10f2123":null,"veth29870bb":null,"veth5bab94d":null,"veth69024c4":null,"veth75847b5":null,"veth7f12023":null,"veth914f206":null,"vetha5db0c4":null,"vethc722c2c":null,"vethd6c9a47":null,"vethf857548":null},"Interface":{"br-4fee1fcf6e63":{"Index":4,"MTU":1500,"Name":"br-4fee1fcf6e63","HardwareAddr":"AkKXFR4j","Flags":51,"AltAddrs":null,"Desc":""},"docker0":{"Index":5,"MTU":1500,"Name":"docker0","HardwareAddr":"AkImHtB1","Flags":19,"AltAddrs":null,"Desc":""},"eth0":{"Index":2,"MTU":1500,"Name":"eth0","HardwareAddr":"5F8BDIu1","Flags":51,"AltAddrs":null,"Desc":""},"lo":{"Index":1,"MTU":65536,"Name":"lo","HardwareAddr":null,"Flags":37,"AltAddrs":null,"Desc":""},"tailscale0":{"Index":3,"MTU":1280,"Name":"tailscale0","HardwareAddr":null,"Flags":57,"AltAddrs":null,"Desc":""},"veth0047ee9":{"Index":16,"MTU":1500,"Name":"veth0047ee9","HardwareAddr":"Xmv4ZquV","Flags":18,"AltAddrs":null,"Desc":""},"veth10f2123":{"Index":12,"MTU":1500,"Name":"veth10f2123","HardwareAddr":"Rr6sGMIv","Flags":18,"AltAddrs":null,"Desc":""},"veth29870bb":{"Index":7,"MTU":1500,"Name":"veth29870bb","HardwareAddr":"LnUopbqQ","Flags":19,"AltAddrs":null,"Desc":""},"veth5bab94d":{"Index":14,"MTU":1500,"Name":"veth5bab94d","HardwareAddr":"Egqaozol","Flags":18,"AltAddrs":null,"Desc":""},"veth69024c4":{"Index":15,"MTU":1500,"Name":"veth69024c4","HardwareAddr":"Vr23dH2N","Flags":19,"AltAddrs":null,"Desc":""},"veth75847b5":{"Index":13,"MTU":1500,"Name":"veth75847b5","HardwareAddr":"RlBXWG7V","Flags":19,"AltAddrs":null,"Desc":""},"veth7f12023":{"Index":17,"MTU":1500,"Name":"veth7f12023","HardwareAddr":"7suAFQcJ","Flags":19,"AltAddrs":null,"Desc":""},"veth914f206":{"Index":8,"MTU":1500,"Name":"veth914f206","HardwareAddr":"/oJHOg1u","Flags":18,"AltAddrs":null,"Desc":""},"vetha5db0c4":{"Index":6,"MTU":1500,"Name":"vetha5db0c4","HardwareAddr":"EmPtAJ0W","Flags":18,"AltAddrs":null,"Desc":""},"vethc722c2c":{"Index":9,"MTU":1500,"Name":"vethc722c2c","HardwareAddr":"Ur8Aw06+","Flags":19,"AltAddrs":null,"Desc":""},"vethd6c9a47":{"Index":11,"MTU":1500,"Name":"vethd6c9a47","HardwareAddr":"Ro9T8kok","Flags":19,"AltAddrs":null,"Desc":""},"vethf857548":{"Index":10,"MTU":1500,"Name":"vethf857548","HardwareAddr":"+hu7PEpG","Flags":18,"AltAddrs":null,"Desc":""}},"HaveV6":true,"HaveV4":true,"IsExpensive":false,"DefaultRouteInterface":"eth0","HTTPProxy":"","PAC":""}
tailscaled[480]: [RATELIMIT] format("LinkChange: major, rebinding. New state: %v") (1 dropped)
tailscaled[480]: LinkChange: major, rebinding. New state: interfaces.State{defaultRoute=eth0 ifs={br-4fee1fcf6e63:[172.19.0.1/16] docker0:[172.17.0.1/16 2001:db8:1::1/64] eth0:[192.168.1.4/24 LinkGlobalIPv6/64 GoogleNestHubsRALinkGlobalAddress/64] tailscale0:[100.114.200.106/32 fd7a:115c:a1e0:ab12:4843:cd96:6272:c86a/128]} v4=true v6=true}
tailscaled[480]: dns: Set: {DefaultResolvers:[192.168.1.4] Routes:{} SearchDomains:[] Hosts:4}
tailscaled[480]: dns: Resolvercfg: {Routes:{.:[192.168.1.4]} Hosts:4 LocalDomains:[]}
tailscaled[480]: Received error: PollNetMap: read tcp [LinkGlobalIPv6]:34502->[2a05:d014:386:202:2697:66bf:c24a:a674]:80: use of closed network connection
tailscaled[480]: dns: OScfg: {Nameservers:[100.100.100.100] SearchDomains:[] MatchDomains:[] Hosts:[]}
tailscaled[480]: wgengine: set DNS config again after major link change
tailscaled[480]: [RATELIMIT] format("Rebind; defIf=%q, ips=%v") (1 dropped)
tailscaled[480]: Rebind; defIf="eth0", ips=[192.168.1.4/24 LinkGlobalIPv6/64 GoogleNestHubsRALinkGlobalAddress/64 LinkLocalIPv6/64]
tailscaled[480]: [RATELIMIT] format("magicsock: %v active derp conns%s") (2 dropped)
tailscaled[480]: magicsock: 1 active derp conns: derp-4=cr14s,wr14s
tailscaled[480]: post-rebind ping of DERP region 4 okay
tailscaled[480]: control: netmap: got new dial plan from control
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: [RATELIMIT] format("dns udp query: %v")
tailscaled[480]: [RATELIMIT] format("dns udp query: %v") (1 dropped)
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
tailscaled[480]: dns udp query: context deadline exceeded
At least after manually editing the setting through sysctl directly and adding the dietpi-tailscale.conf file through the -e flag the system gets IPv6 again through RA. Now I just need Tailscale to be running as well.
you are running Docker in that device?
Yes, hence all the veths. Do you think the Docker networks are somehow causing issues with tailscale?
It seems that Tailscale is trying to reconfigure many times after the network changes. Could be that it starts early in the boot process and then some docker configuration changes the network.
Are you able to resolve after all booting process is finished?
I know docker is causing issues for WireGuard and OpenVPN because Docker sets iptables policy for the FORWARD chain to DROP. Maybe itās doing similar for Tailscale
Sorry for the late reply, got lost in Starfield.
All the things Iāve tried so far has been after rebooting. I try to reboot as little as possible so no, it doesnāt get resolved after rebooting and restarting the services sadly.
Interesting. Seems like on this device is it only an issue. Have been working just fine before. Iāll see if I can investigate that a bit.
Alright so I had some time over to check the things and did some unrelated configuration on the Tailscale admin panel and I noticed that the Pi is shown as connected, I went in and checked on the Pi and sure enough, tailscale is up and running and connected to the tailnet. However I still canāt get the Tailscale config software to connect to tailscaled. Iām glad it works at least.
I think when I configured tailscale while running the daemon manually in a separate bash instance and configured it that way the settings mustāve gotten saved and gets connected now. Itās a good step forward for my network setup at least. The logs show a similar output to before.
Iām guessing thereās something wrong with how Tailscaled is setup so the client canāt interface with the sock in some way. I canāt seem to find the sock anywhere on the system when doing a search using sudo find / -type f -name "tailscaled.sock" so it must not be creating it for some reason.
Iāll paste the systemd files for tailscale. I have not modified these to be clear.
$ sudo cat /lib/systemd/system/tailscaled.service
[Unit]
Description=Tailscale node agent
Documentation=https://tailscale.com/kb/
Wants=network-pre.target
After=network-pre.target NetworkManager.service systemd-resolved.service
[Service]
EnvironmentFile=/etc/default/tailscaled
ExecStartPre=/usr/sbin/tailscaled --cleanup
ExecStart=/usr/sbin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port=${PORT} $FLAGS
ExecStopPost=/usr/sbin/tailscaled --cleanup
Restart=on-failure
RuntimeDirectory=tailscale
RuntimeDirectoryMode=0755
StateDirectory=tailscale
StateDirectoryMode=0700
CacheDirectory=tailscale
CacheDirectoryMode=0750
Type=notify
[Install]
WantedBy=multi-user.target
$ sudo cat /etc/default/tailscaled
# Set the port to listen on for incoming VPN packets.
# Remote nodes will automatically be informed about the new port number,
# but you might want to configure this in order to set external firewall
# settings.
PORT="41641"
# Extra flags you might want to pass to tailscaled.
FLAGS=""
$ sudo cat /var/lib/tailscale/tailscaled.state
{
"_current-profile": "secret",
"_machinekey": "secret",
"_profiles": "secret",
"secret": "secret"
}
$ ls /run/tailscale/
tailscaled.sock
Apparently the tailscale sock exists anyways. Must be doing something wrong with find. Iāll continue to test some things.
Did you do a ss -tunlp | grep 41641 ? This will show you if the socket is open.