Re: tailscale on NetBSD (more $ available)

["sunqingyao19970825%icloud.com@localhost" <sunqingyao19970825%icloud.com@localhost>]

Dear Ryo,

 

Thanks for the package! I can install it on NetBSD 10.1 but have some trouble starting the tailscale service. Please see the error message below (looks like I don’t have the “userspace-networking” interface?):

 

esbear# service tailscaled start

esbear# logtail started

Program starting: v1.81.0-ERR-BuildInfo, Go 1.23.6: []string{"/usr/pkg/bin/tailscaled", "-tun", "userspace-networking"}

LogID: 6e6ef0aa8d3fb3cfc2e38a54d67e975b2584a9c5defe535bf8adb04623e3a335

logpolicy: using system state directory "/var/db/tailscale"

dns: using dns.noopManager

cleanUp: ifdown=[ifconfig userspace-networking down]

cleanUp: interfaceName=userspace-networking

ifconfig down: exit status 1

usage: ifconfig [-h] [-m] [-v] [-z] [-L] interface

        [ af [ address [ dest_addr ] ] [ netmask mask ] [ prefixlen n ]

                [ alias | -alias ] ]

        [ up ] [ down ] [ metric n ] [ mtu n ]

        [ advbase n ] [ advskew n ] [ carpdev iface ] [ pass passphrase ] [ state state ] [ vhid n ]

        [ maxupd n ] [ syncdev iface ] [syncpeer peer_addr]

        [ anycast | -anycast ] [ deprecated | -deprecated ]

        [ pltime n ] [ vltime n ] [ eui64 ]

        [ media type ] [ mediaopt opts ] [ -mediaopt opts ] [ instance minst ]

        [ [ af ] tunnel src_addr dest_addr ] [ deletetunnel ]

        [ vlan n vlanif i ] [ -vlanif i ]

        [ nwid network_id ] [ nwkey network_key | -nwkey ]

        [ list scan ]

        [ powersave | -powersave ] [ powersavesleep duration ]

        [ hidessid | -hidessid ] [ apbridge | -apbridge ]

        [ agrport i ] [ -agrport i ]

        [ session local-session-id remote-session-id ]

        [ cookie local-cookie-length local-cookie remote-cookie-length remote-cookie ]

        [ laggproto p ]

        [ laggport i [ pri n ] ] [ -laggport i ]

        [ laggportpri i [ pri n]]

        [ lagglacp [ dumpdu | -dumpdu ] [ stopdu | -stopdu ]

                [ maxports n | -maxports ] [ optimistic | -optimistic ] ]

        [ laggfailover] [ rx-all | -rx-all ]

        [ arp | -arp ]

        [ preference n ]

        [ link0 | -link0 ] [ link1 | -link1 ] [ link2 | -link2 ]

        [ linkstr str | -linkstr ]

        [ unnumbered | -unnumbered ]

        [ description str | descr str | -description | -descr ]

       ifconfig -a [-b] [-d] [-h] [-m] [-u] [-v] [-z] [ af ]

       ifconfig -l [-b] [-d] [-s] [-u]

       ifconfig -C

       ifconfig -w n

       ifconfig interface create

       ifconfig interface destroy

wgengine.NewUserspaceEngine(tun "userspace-networking") ...

dns: using dns.noopManager

link state: interfaces.State{defaultRoute= ifs={wm0:[192.168.50.98/24 fd12:1869:2151:8b46:d56:52f3:6517:b497/64 llu6]} v4=true v6=true}

onPortUpdate(port=65531, network=udp6)

magicsock: failed to set UDP read buffer size to 7340032: set udp6 [::]:65531: setsockopt: no buffer space available

magicsock: failed to set UDP write buffer size to 7340032: set udp6 [::]:65531: setsockopt: no buffer space available

onPortUpdate(port=62964, network=udp4)

magicsock: failed to set UDP read buffer size to 7340032: set udp4 0.0.0.0:62964: setsockopt: no buffer space available

magicsock: failed to set UDP write buffer size to 7340032: set udp4 0.0.0.0:62964: setsockopt: no buffer space available

magicsock: disco key = d:0f0525ae75006803

Creating WireGuard device...

Bringing WireGuard device up...

Bringing router up...

Clearing router settings...

Starting network monitor...

Engine created.

pm: migrating "_daemon" profile to new format

logpolicy: using system state directory "/var/db/tailscale"

got LocalBackend in 2ms

Start

Backend: logs: be:6e6ef0aa8d3fb3cfc2e38a54d67e975b2584a9c5defe535bf8adb04623e3a335 fe:

Switching ipn state NoState -> NeedsLogin (WantRunning=false, nm=false)

blockEngineUpdates(true)

wgengine: Reconfig: configuring userspace WireGuard config (with 0/0 peers)

wgengine: Reconfig: configuring router

wgengine: Reconfig: configuring DNS

dns: Set: {DefaultResolvers:[] Routes:{} SearchDomains:[] Hosts:0}

dns: Resolvercfg: {Routes:{} Hosts:0 LocalDomains:[]}

dns: OScfg: {}

health(warnable=is-using-unstable-version): error: This is an unstable version of Tailscale meant for testing and development purposes. Please report any issues to Tailscale.

health(warnable=wantrunning-false): error: Tailscale is stopped.

 

Once I can successfully run tailscale SSH, I’m willing to make the payment as promised. You can send you Venmo/Zelle/PayPal/whatever account to this email address, and we’ll figure out how to send you $200!

 

Regarding the fact that tailscale/wireguard-go does not handle NetBSD's tun(4) device properly so we must use userspace networking, what’s the impact and where should we open an issue? I hope this can be resolved.

 

 

Bests,

Qingyao

 

From: Ryo ONODERA <ryo%tetera.org@localhost>
Date: Tuesday, February 11, 2025 at 04:02
To: rxg%lavabit.com@localhost <rxg%lavabit.com@localhost>, wb9ypa%fourway.net@localhost <wb9ypa%fourway.net@localhost>
Cc: sunqingyao19970825%icloud.com@localhost <sunqingyao19970825%icloud.com@localhost>, pkgsrc-users%netbsd.org@localhost <pkgsrc-users%netbsd.org@localhost>, qs234%cornell.edu@localhost <qs234%cornell.edu@localhost>, abs%absd.org@localhost <abs%absd.org@localhost>
Subject: Re: tailscale on NetBSD (more $ available)

Hi,

Rui-Xiang Guo <rxg%lavabit.com@localhost> writes:

> On Sun, Feb 09, 2025 at 04:42:24PM -0500, wb9ypa wrote:
>> Dear NetBSD pkgsrc-users,Even I would be willing to kick in a donation to whoever needed the money to kick this Tailscale project off to a start.Mike sienicki
>> -------- Original message --------From: sunqingyao19970825%icloud.com@localhost Date: 2/9/25  10:21  (GMT-05:00) To: pkgsrc-users%netbsd.org@localhost Cc: Qingyao Sun <qs234%cornell.edu@localhost>, abs%absd.org@localhost Subject: tailscale on NetBSD (more $ available)
>>
>> Dear all,
>> ?
>> Last year, David offered $200 to encourage the inclusion of tailscale into pkgsrc in
>> a previous thread, but unfortunately nobody is motivated enough to do the work. I?m familiar with neither go modules nor pkgsrc, so it will probably take me forever to package
>>  it on my own. Moreover, I cannot use their
>> static builds because these are Linux ELF files.
>> ?
>> Since I really want a NetBSD box on my tailnet, I am matching David?s bounty by offering an additional $200 to whoever packages tailscale into pkgsrc (a platform-agnostic package would be perfect, but a NetBSD-only package suffice for now).
>
> Hi,
> Not to sign up. :) Just do a quick review.
> I supposed the required module below should be added NetBSD support first:
> https://github.com/WireGuard/wireguard-go
>
> and this PR - https://github.com/WireGuard/wireguard-go/pull/49
> could be used as a reference.

wireguard-go is in pkgsrc/net/wireguard-go.
However it seems that it does not handle NetBSD's tun(4) device properly.

I have just added my userspace-networking only package as
pkgsrc/net/tailscale.

You can connect tailscale.com as follows:

(1) Install pkgsrc/net/tailscale
(2) Copy /usr/pkg/share/examples/rc.d/tailscaled under /etc/rc.d
(3) Add tailscaled=YES in /etc/rc.conf
(4) Run `service tailscaled start`
(5) Run `tailscale up` as root and get URI of login.tailscale.com
(6) Login tailscale.com with the URI

I am using SSH and ping between tailscale clients.
I have no idea about the other functionalities.

Thank you.

> -rxg
>

--
Ryo ONODERA // ryo%tetera.org@localhost
PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB  FD1B F404 27FA C7D1 15F3