12
tailscale 回家速度不理想,求教
source link: https://www.v2ex.com/t/942796
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
电信 300M 宽带有公网 ip ,千兆光猫设置了桥接,主路由硬件 RouterOS 设备负责拨号,副路由 Openwrt 上安装有 tailscale
拓扑为 华为光猫---RB760---Openwrt
最早在 RouterOS 配置了 NAT1 给 openwrt ,tailscale 的速度还凑活吧,现在关闭了 NAT1 ,tailscale 的速度就很慢了,但是凑活将就能用,网上说可通过自建 derper 的方式提速,但是我在阿里轻量云上安装并配置了 derper ,测试无法使用,下面我发出来步骤,请大家排查一下问题,谢谢了。
[安装 derper ]
wget --no-check-certificate https://go.dev/dl/go1.20.4.linux-amd64.tar.gz
tar -xzf go1.20.4.linux-amd64.tar.gz -C /usr/local
echo 'export GOROOT=/usr/local/go' | tee -a /etc/profile
echo 'export GOPATH=/usr/local/gopath' | tee -a /etc/profile
echo 'export GOBIN=$GOPATH/bin' | tee -a /etc/profile
echo 'export PATH=$PATH:$GOROOT/bin' | tee -a /etc/profile
echo 'export PATH=$PATH:$GOPATH/bin' | tee -a /etc/profile
source /etc/profile
go version
go env -w GOPROXY=https://goproxy.cn,direct
go install tailscale.com/cmd/derper@main
[阿里云申请 1 年免费证书并上传到 /home/admin/certs ]
浏览器 https 方式打开 deeper 页面也正常
[ aliyun 上关闭了防火墙和系统内置的 firewalld ]
[启动服务如下]
tee /etc/systemd/system/derper.service <<'EOF'
[Unit]
Description=Tailscale DERP Server
Requires=tailscaled.service
After=tailscaled.service
[Service]
Type=simple
User=root
Restart=always
RestartSec=5
ExecStart=/usr/local/gopath/bin/derper -c=/root/derper.conf --hostname=aliyun.111.com --verify-clients -a=:7777 -stun-port=8888 -http-port=-1 -certdir=/home/admin/certs/ -certmode=manual
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload && systemctl enable --now derper && systemctl status derper
[官方页面里配置 ACL 规则]
"derpMap": {
"OmitDefaultRegions": false,
"Regions": {
"900": {
"RegionID": 900,
"RegionCode": "aliyunderp",
"Nodes": [
{
"Name": "1",
"RegionID": 900,
"HostName": "aliyun.111.com",
"STUNPort": 7777,
"DERPPort": 8888,
},
],
},
},
},
[安装验证服务]
dnf config-manager --add-repo https://pkgs.tailscale.com/stable/centos/9/tailscale.repo
dnf install tailscale -y
systemctl enable --now tailscaled
tailscale up
测试时就有问题了,tailscale status 也显示无法连接到自建 derper 上
提示# Health check:
# - not connected to home DERP region 900
或者显示连接上了,使用命令 tailscale ping 不通 openwrt 和其他安装 tailscale 的设备,好奇怪,请有经验的各位大大指点指点,谢谢大家
拓扑为 华为光猫---RB760---Openwrt
最早在 RouterOS 配置了 NAT1 给 openwrt ,tailscale 的速度还凑活吧,现在关闭了 NAT1 ,tailscale 的速度就很慢了,但是凑活将就能用,网上说可通过自建 derper 的方式提速,但是我在阿里轻量云上安装并配置了 derper ,测试无法使用,下面我发出来步骤,请大家排查一下问题,谢谢了。
[安装 derper ]
wget --no-check-certificate https://go.dev/dl/go1.20.4.linux-amd64.tar.gz
tar -xzf go1.20.4.linux-amd64.tar.gz -C /usr/local
echo 'export GOROOT=/usr/local/go' | tee -a /etc/profile
echo 'export GOPATH=/usr/local/gopath' | tee -a /etc/profile
echo 'export GOBIN=$GOPATH/bin' | tee -a /etc/profile
echo 'export PATH=$PATH:$GOROOT/bin' | tee -a /etc/profile
echo 'export PATH=$PATH:$GOPATH/bin' | tee -a /etc/profile
source /etc/profile
go version
go env -w GOPROXY=https://goproxy.cn,direct
go install tailscale.com/cmd/derper@main
[阿里云申请 1 年免费证书并上传到 /home/admin/certs ]
浏览器 https 方式打开 deeper 页面也正常
[ aliyun 上关闭了防火墙和系统内置的 firewalld ]
[启动服务如下]
tee /etc/systemd/system/derper.service <<'EOF'
[Unit]
Description=Tailscale DERP Server
Requires=tailscaled.service
After=tailscaled.service
[Service]
Type=simple
User=root
Restart=always
RestartSec=5
ExecStart=/usr/local/gopath/bin/derper -c=/root/derper.conf --hostname=aliyun.111.com --verify-clients -a=:7777 -stun-port=8888 -http-port=-1 -certdir=/home/admin/certs/ -certmode=manual
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload && systemctl enable --now derper && systemctl status derper
[官方页面里配置 ACL 规则]
"derpMap": {
"OmitDefaultRegions": false,
"Regions": {
"900": {
"RegionID": 900,
"RegionCode": "aliyunderp",
"Nodes": [
{
"Name": "1",
"RegionID": 900,
"HostName": "aliyun.111.com",
"STUNPort": 7777,
"DERPPort": 8888,
},
],
},
},
},
[安装验证服务]
dnf config-manager --add-repo https://pkgs.tailscale.com/stable/centos/9/tailscale.repo
dnf install tailscale -y
systemctl enable --now tailscaled
tailscale up
测试时就有问题了,tailscale status 也显示无法连接到自建 derper 上
提示# Health check:
# - not connected to home DERP region 900
或者显示连接上了,使用命令 tailscale ping 不通 openwrt 和其他安装 tailscale 的设备,好奇怪,请有经验的各位大大指点指点,谢谢大家
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK