If it’s enable then this command should produce a 1 in the output
cat /proc/sys/net/ipv4/ip_forward
Codemichael
- 0 Posts
- 4 Comments
Joined 2 years ago
Cake day: July 22nd, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Read this section on setting up forwarding on Linux. You’ll want to do this on the host that is running docker and it should carry down into the container itself.
https://tailscale.com/kb/1019/subnets?q=forwarding#connect-to-tailscale-as-a-subnet-router
6·7 months agoYes, you can run Tailscale in a container. You could create a second VLAN, attach it to your hosts interface, add a macvlan docker interface to the container and put it directly on your network.
If you have concerns about the software running on your host I would recommend getting a dedicated piece of hardware instead (rpi, zimaboard, etc).
How paranoid are you wanting to be? You can either go Headscale, or Tailnet Lock (my preference) to give your self some peace of mind. It completely depends on your threat model, which you didn’t mention.
Did you end up enabling ipv6 as well? Did that help?