I have two machines, vm1, vm2, with tailscale installed on both. each machine is running lxd with containers. each machine has its own private subnet, 10.55.1.0/24 and 10.55.5.0/24 respectively.
Tailscale is setup to advertise routes, so that containers on either vm1 or vm2 can talk to each other. Containers on either vm1 or vm2 can ping other containers on the other host, tcp and udp is working fine.
The problem is that once the packets jump through the tailscale tunnel, they lose their source ip but instead have the ip address of the tailscale0 address of the machine from which they originated. i.e. container1 (with address 10.55.1.20) pings container2 on vm2 (with address 10.55.5.20). When the packet arrives on vm2, it looks like its from vm1 (100.64.x.x) instead of 10.55.1.20)
I can not seem to find the right combination of tailscale up flags for tailscale not to nat the source address.
--snat-subnet-routes=false looks like the right flag to be used, but I can't see any difference in my testing.
vm1 tailscale up command:
tailscale up --accept-routes --accept-dns=false --advertise-routes=10.55.5.0/24 --snat-subnet-routes=false
vm2 tailscale up command is the same other than the advertised subnet.
What I want to see:
on container2, any packets from container1 should have a source address 10.55.1.20, rather than 100.64.x.x of vm1.
vm1 and vm2 are debian linux boxes, and are running latest tailscale client (1.26.1)
I tried setting up a bridge with tailscale0 as outlined here: Bridged interfaces and Tailscale "Raspberry" but not have had any success - but that could be a different question.
