dotfiles/nixos-config
1
0
Fork 0
mirror of https://github.com/srid/nixos-config.git synced 2026-05-10 16:45:57 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions
nixos-config/docs/TAILSCALE-WIRED.md
Sridhar Ratnakumar 0e0d14b20c add docs
2026-03-22 11:39:51 -04:00

71 lines
2.6 KiB
Markdown
Raw Blame History

# Tailscale & Network Interface Selection on pureintent
pureintent has both ethernet (`enp1s0`) and wifi (`wlp2s0`) enabled on the same LAN subnet (192.168.2.0/24). Linux uses **route metrics** to decide which interface handles outbound traffic — lower metric = lower cost = preferred.
## Interface Overview
| Interface | Type | IP | Metric | Tailscale IP |
|-----------|------|------|--------|--------------|
| enp1s0 | Ethernet | 192.168.2.43 | 100 | — |
| wlp2s0 | WiFi | 192.168.2.134 | 600 | — |
| tailscale0 | Tunnel | 100.122.32.106 | — | 100.122.32.106 |
## How It Works
When multiple default routes exist, the kernel picks the one with the **lowest metric**. NetworkManager assigns ethernet a lower metric (100) than wifi (600) by default.
This means:
- **Ethernet is always preferred** when both are connected.
- Tailscale peers connecting remotely (e.g. from a coffee shop) reach pureintent via its Tailscale IP. The Tailscale daemon (`tailscaled`) sends/receives its tunnel traffic (WireGuard UDP) through the default route — **ethernet**.
- If ethernet is unplugged, the kernel automatically falls back to wifi (next lowest metric).
## Routing Table
```
default via 192.168.2.1 dev enp1s0 proto dhcp src 192.168.2.43 metric 100
default via 192.168.2.1 dev wlp2s0 proto dhcp src 192.168.2.134 metric 600
```
Both routes point to the same gateway (192.168.2.1), but the metric decides which wins.
## Connection Types
When a remote peer runs `tailscale ping`, the response reveals the connection type:
- **Direct** (`via <ip>:<port>`) — UDP hole-punch succeeded; traffic flows peer-to-peer. Low latency (~4ms on LAN).
- **DERP relay** (`via DERP(xxx)`) — NAT traversal failed; traffic is relayed through Tailscale's servers. Higher latency.
Example direct connection:
```
pong from pureintent (100.122.32.106) via 192.168.2.43:41641 in 4ms
```
The `192.168.2.43` confirms traffic is arriving on the ethernet interface.
## Verification Commands
```bash
# Check which interface a Tailscale connection uses
tailscale ping <tailscale-ip>
# View route metrics (lower = preferred)
ip route
# See real-time per-interface byte counters
ip -s link show enp1s0
ip -s link show wlp2s0
# Watch live traffic on a specific interface
iftop -i enp1s0
# Check Tailscale peer status (direct vs relayed)
tailscale status
# Inspect active Tailscale connections
ss -tunp | grep tailscale
```
## References
- [Route Priorities - Metric Values](https://www.marcusfolkesson.se/blog/route-metric-values/)
- [Linux Routing Fundamentals](https://blog.sdn.clinic/2025/01/linux-routing-fundamentals/)
Reference in a new issue View git blame Copy permalink