Multi zone and domain setup question.
from Dust0741@lemmy.world to selfhosted@lemmy.world on 05 Aug 14:09
https://lemmy.world/post/33997126

I have an expanding homelab that is now including a family members home. I have homeA.com, and they have homeB.com. I manage both, and connect to theirs over Tailscale. Both servers run pihole and traefik. What I want, is to be able to connect to homeB.com from homeA.com. I have a DNS entry in homeA pihole for homeB.com=100.x.x.x (Tailscale ip). So, any device on Tailscale and homeA pihole can access homeB.com.

What I would like, is to make it so only the two servers need Tailscale. So on my laptop, without Tailscale, from homeA, can access homeB.com through the servers Tailscale connection. Is this possible?

#selfhosted

threaded - newest

SheeEttin@lemmy.zip on 05 Aug 14:20 next collapse

Yes, this is what IP routing does. Your router needs to know where to send that traffic, and the tunnel gateway (your server) needs to accept and route it over the tunnel.

Don’t forget that packet responses also need to reach your device.

SidewaysHighways@lemmy.world on 06 Aug 06:25 next collapse

pangolin might be cool for this?

azron@lemmy.ml on 06 Aug 12:38 collapse

This is what is called a site to site VPN connection. Id suggest just using wireguard without tailscale given the amount of set up you need is minimal. A typical pattern is to connect a site to site VPN on each router of the given network you want to connect. Lots of router software support wireguard nowadays so depending on the software you may just be able to search for your router software + site to site VPN configuration.

That being said tailscale also has docs on this: tailscale.com/kb/1214/site-to-site

The routers or computers you are using for this have to support forwarding traffic. With Linux this is pretty straight forward for other OSes I’m not sure how easy it is.

tux7350@lemmy.world on 06 Aug 13:04 next collapse

The routers or computers you are using for this have to support forwarding traffic. With Linux this is pretty straight forward for other OSes I’m not sure how easy it is.

You can get around this by having tailscale installed on the default gateway (router) of each network. It might be quite a pain for OP to change routers at each location. On the plus side, OpenWRT has some other cool features like PXE booting.

Here is an article about tailscale on an OpenWRT router.

MysteriousSophon21@lemmy.world on 07 Aug 16:50 collapse

Yep, just enable subnet routes in your Tailscale admin console and check “advertise routes” on both servers - that’ll let all your devices use the Tailscale connection without needing the client installed on evrything.