Tailscale Support

[vtomaili]

Support for use keenetic modem as Tailscale exit node and access home/work network from keenetic modem. 
Subnet routers and traffic relay nodes · Tailscale
Exit Nodes (route all traffic) · Tailscale

I currently use raspberry pi as exit node in my network. 

Here is a client github repository
tailscale/tailscale: The easiest, most secure way to use WireGuard and 2FA. (github.com)

Tailscale is a VPN that modifies the Wireguard protocol slightly by adding Tailscale discovery messages. 

Relevant code: https://github.com/tailscale/tailscale/blob/main/disco/disco.go

 

 

Edited February 17 by vtomaili
Adding additional info about how to tailscale works in background

[admin]

14 hours ago, vtomaili said:

Support for use keenetic modem as Tailscale exit node and access home/work network from keenetic modem.

What was the reason for making such modifications to the protocol? Is manual configuration (no discovery) still allows to connect existing Wireguard to your provider?

[zyxmon]

Entware has tailscale package. There is a topic in Russian on it - 

The problem is iptables rules that are recreated by firmware. Hooks should be used for tailscale on Keenetic to work.

Wireguard protocol is embeded in tailscale binary and is independent from firmware wireguard support.

I do use wireguard on Keenetic as an alternative internet route and use tailscale on my NAS (with --advertise-routes) to access my entire home lan from other places.