Does your router (with Tailscale installed on it) have a publicly accessible IP address? Or is it behind another, upstream router or have CGNAT?
Does
tailscale status on the router show that your clients have a direct connection or that they're using DERP?
I had the same then go to admin Console and access below you can do the setting all access
Thank you for the feedback, good to know. I’ve always used kernel mode (after a few initial trials on userspace) but TBH never tested for speed difference.
. In any case, good result, happy for you.
Puh-lease!!
Puh-lease!!
Yeah-Nah… Direct vs DERP I reckon, which is not userspace vs kernel dependent, as I understand it.
Well, DERP + Userspace would be the worst-case scenario for performance would be my thinking? Regardless, glad it's resolved! Really appreciate your help jumping in!
Yeah-Nah… Direct vs DERP I reckon, which is not userspace vs kernel dependent, as I understand it.
# Health check:
# - adding loopback allow rule for "fd7a:115c:a1e0::1d01:3e0e": running [/usr/sbin/ip6tables -t filter -I ts-input 1 -i lo -s fd7a:115c:a1e0::1d01:3e0e -j ACCEPT]: exit status 1: ip6tables: Resource temporarily unavailable.Messing with GNP probably messes with iptables, which Tailscale seems to be relying on as well. When you have multiple applications modifying iptables, someone can definitely lose the battle. For instance, KILLMON always loses out to Skynet whenever there ever are major changes to the iptables, so I have that on my list to fix here soon. I'm afraid this isn't anything TAILMON can help with as it's built-in functionality of Tailscale to keep track of it's iptables entries. Glad you were able to recover, and thanks for the report!
Hmm I’m really not qualified to make anything of that, I will say apart from the recent observation above kernel mode has been great for me.
Yeah, and it's a nat'ted test router too that's seen entirely too much abuse. Just found it interesting how Tailscale's DNS may have been a cause of this issue.
Nice. Now you convinced me to never try to kernel mode. Lol. Userspace mode has been so reliable for me!
I avoid the issue of Tailscale overriding the
resolv.conf file by setting the following parameter:tailscale set --accept-dns=false
tailscale.com
Hmm... maybe this is why I keep getting an error and can't access the remote client.I avoid the issue of Tailscale overriding theresolv.conffile by setting the following parameter:
Code:tailscale set --accept-dns=falseWhy is resolv.conf being overwritten? · Tailscale Docs
Learn why tailscaled overwrites /etc/resolv.conf
Current Operating Mode: Custom
Current values in Tailscale Service (/opt/etc/init.d/S06tailscaled):
(1) ARGS="--state=/opt/var/tailscaled.state --statedir=/opt/var/lib/tailscale --accept-dns=false"
(2) PREARGS="nohup"
(3) PRECMD="modprobe tun"
Current custom values being used for Tailscale Connection commandline:
(4) CMD="--advertise-routes=192.168.9.0/24,192.168.53.15/32"
---------------------------------------------------------------------------------------
Please enter item to modify (1-4)? (e=Exit):
TAILMON - v1.3.0 Operations Menu Wed Oct 8 10:50:22 CST 2025
(R)e-(S)tart / S(T)op Tailscale Service (C)onfiguration Menu / Main Setup Menu | RL
Tailscale Connection (U)p / (D)own (L)og Viewer / Trim Log Size (rows): 2000
Custom (O)peration Mode Settings (K)eep Tailscale Service Alive: Yes
(A)MTM Email Notifications: Failure Ti(M)er Check Loop Interval: 60sec
--------------------------------------------------------------------------------------------------------------
Tailscale Service v1.88.3
Checking tailscaled... dead.
Tailscale Connection Status:
failed to connect to local tailscaled; it doesn't appear to be running
Tailscale Service Options (Custom Mode)
PRECMD: modprobe tun
ARGS: --state=/opt/var/tailscaled.state --statedir=/opt/var/lib/tailscale --accept-dns=false
PREARGS: nohup
Tailscale Connection Commandline
--advertise-routes=192.168.9.0/24,192.168.53.15/32
Messages:
Executing: tailscale down
error fetching current status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: no such file or directory
Messages:
Checking tailscaled... dead.
Messages:
Starting tailscaled... done.
Messages:
Executing: tailscale up --advertise-routes=192.168.9.0/24,192.168.53.15/32
failed to connect to local tailscaled; it doesn't appear to be running
ERROR: Tailscale Connection did not start correctly
Continuing in 3/5... [s=Setup] [e=Exit] [Selection? ]# Health check:
# - Tailscale failed to fetch the DNS configuration of your device: getting OS base config is not supported
# - getting OS base config is not supported
Tailscale Service Options (Userspace Mode)
ARGS: --tun=userspace-networking --state=/opt/var/tailscaled.state --statedir=/opt/var/lib/tailscale
PREARGS: nohup
Tailscale Connection Commandline
--advertise-routes=192.168.9.0/24
11s / 18% [e=Exit] [Selection? ]# Health check:
# - flushing filter/ts-input: running [/usr/sbin/iptables -t filter -F ts-input]: exit status 1: iptables: Invalid argument. Run `dmesg' for more information.
Tailscale Service Options (Kernel Mode)
PRECMD: modprobe tun
ARGS: --state=/opt/var/tailscaled.state --statedir=/opt/var/lib/tailscale
PREARGS: nohup
Tailscale Connection Commandline
--advertise-routes=192.168.47.0/24
46s / 76% [e=Exit] [Selection? ]I don't use TAILMON but it looks like you would add it to your custom command line (4):
CMD="--advertise-routes=192.168.9.0/24,192.168.53.15/32 --accept-dns=false"
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!
