Re: Progress on tailscale on NetBSD (plus $ available)

To: abs%absd.org@localhost, ktnb%netbsd.org@localhost, ryo%tetera.org@localhost
Subject: Re: Progress on tailscale on NetBSD (plus $ available)
From: Kevin Bloom <ktnb%netbsd.org@localhost>
Date: Mon, 20 Apr 2026 18:54:17 +0000 (UTC)

> From: Kevin Bloom <ktnb%netbsd.org@localhost>
>
> > Following up on my previous message
> >
> > Using pkgsrc/wip/tailscale (many thanks to ktnb for maintaining that!)
> > I seem to be able to get a pretty reliable full (not needing the -tun
> > userspace-networking workaround) tailscale client on NetBSD-11_RC3 by:
> >
>
> My apologies for not getting the NetBSD support for wip/tailscale
> better. That's partly why I keep it in wip and not merged in -current.
> I use tailscale for work but I only use macOS and Linux (both with
> pkgsrc) so I mostly keep it up-to-date for those systems.
>
> I do, however, make sure that it at least always compiles on NetBSD!
>
> > Initial tailscale connect (needed once)
> > - "/etc/rc.d/tailscaled onestart" (Using the default "-tun
> > userspace-networking")
> > - "tailscale up" (and configure as normal)
> > - Note the assigned ip - "tailscale ip", or login to tailscale.com, or
> > check from another machine on the tailnet) - eg 100.125.57.19
> > - "/etc/rc.d/tailscaled onestop"
> > - Replace the tailscaled_start() section of  /etc/rc.d/tailscaled with
> > the below (where the IP is the same as noted above)
> >         ifconfig tun0 create 100.125.57.19 > /dev/null 2>&1
> >         ${command} > /var/log/tailscaled.log 2>&1 &
> >
> > >From that point tailscaled can be started as normal.
> >
> > As mentioned, I'd be very happy to contribute $200 of beverage monies
> > to anyone who was able to resolve this final "needing to manually
> > assign IP" issue :-p
> >
>
> I can't guarantee I'll get very far but I can give it a shot. I'll
> be taking a holiday next week so it may be a little bit until I can
> devote a large chunk of time to it.
>
> > Thanks
> >
> > David
> >
> > On Thu, 5 Mar 2026 at 16:45, David Brownlee <abs%absd.org@localhost> wrote:
> > >
> > > I have some potential progress on tailscale working on NetBSD
> > >
> > > I created a Freelancer.com project for "Fix Tailscale tun networking
> > > on NetBSD" with a small amount of $ for "have a look and document what
> > > you tried" and somewhat more for "get it working". While @vudinhgiang
> > > did not get it fully working, they found enough of interest that they
> > > were paid the full amount :)
> > >
> > > Anyway, back to the progress.
> > >
> > > This is based on the wip/tailscale package, which is v1.94.2
> > >
> > > The status quo is: rc.d/tailscaled has "-tun userspace-networking",
> > > which has tailscale working with (unsurprisingly) userspace
> > > networking, changing it to "-tun tun0" will cause tailscale to try to
> > > start tun networking and fail.
> > >
> > > @vudinhgiang discovered that if you manually set the IP address on
> > > tun0, the tailscale network comes up. As a proof of concept he hacked
> > > in some code inside tailscale to shell out to ifconfig to set the IP,
> > > but it also works if you manually set the IP before {re,}starting
> > > tailscaled
> > >
> > > I don't know what is special about tailscale and NetBSD, as tailscale
> > > runs fine on other BSDs and wireguard runs fine on NetBSD, but maybe
> > > someone with more tun knowledge has an idea?
> > >
>
> There is a bunch of OS specific stuff that is compiled out for
> NetBSD so that might be what is causing it to not work. In the case
> of most of the stuff in tailscale, matching what is done with OpenBSD
> tends to get you close to a solution.
>
> > > Once the tun networking has started we still cannot contact other
> > > systems as the NetBSD end appears to use its main IP address, not the
> > > IP of the tun interface
> > >
> > > So - at least we now have two clearly defined issues with tailscale on NetBSD
> > >
> > > Based on that, if anyone is interested in taking another tilt I'm
> > > happy to re-offer the $200 for a working NetBSD tailscale pkgsrc
> > > package using tun networking :)
> > >
> > > Thanks
> > >
> > > David
> >
>
> Thanks,
>
> kev
>

Okay, I'm not 100% sure I have it good enough to consider this "fixed"
but I think I do having it working.

https://mail-index.netbsd.org/pkgsrc-wip-changes/2026/04/20/msg036257.html

Once intsalled:
# tailscaled
$ tailscale login
...
# tailscale up --accept-routes
Done.

ifconfig(8) shows the tun0 with status active as well. So I'm guessing
it's working.

I can ping everyone on the tailnet. No need to do anything with the ip.
Let me know if it works for y'all.

References:
- tailscale on NetBSD (more $ available)
  - From: sunqingyao19970825%icloud.com@localhost
- RE: tailscale on NetBSD (more $ available)
  - From: wb9ypa
- Re: tailscale on NetBSD (more $ available)
  - From: Rui-Xiang Guo
- Re: tailscale on NetBSD (more $ available)
  - From: Ryo ONODERA
- Re: tailscale on NetBSD (more $ available)
  - From: sunqingyao19970825%icloud.com@localhost
- Re: tailscale on NetBSD (more $ available)
  - From: ci4ic4
- Re: tailscale on NetBSD (more $ available)
  - From: Ryo ONODERA
- Re: tailscale on NetBSD (more $ available)
  - From: ci4ic4
- Re: tailscale on NetBSD (more $ available)
  - From: ci4ic4
- Re: tailscale on NetBSD (more $ available)
  - From: Ryo ONODERA
- Re: tailscale on NetBSD (more $ available)
  - From: David Brownlee
- Progress on tailscale on NetBSD (plus $ available)
  - From: David Brownlee
- Re: Progress on tailscale on NetBSD (plus $ available)
  - From: David Brownlee
- Re: Progress on tailscale on NetBSD (plus $ available)
  - From: Kevin Bloom

Prev by Date: Announcing release 5.6 of reposurgeon
Previous by Thread: Re: Progress on tailscale on NetBSD (plus $ available)
Next by Thread: pkgsrc forked
Indexes:

Home | Main Index | Thread Index | Old Index