juanfont/headscale
1
1
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2024-09-20 07:16:35 +08:00
Code Issues Packages Projects Releases Wiki Activity
headscale/docs/exit-node.md
nblock d66c5e144f
Update documentation for 0.23 (#2096) 
* docs/acl: fix path to policy file

* docs/exit-node: fixup for 0.23

* Add newlines between commands to improve readability
* Use nodes instead on name
* Remove query parameter from link to Tailscale docs

* docs/remote-cli: fix formatting

* Indent blocks below line numbers to restore numbering
* Fix minor typos

* docs/reverse-proxy: remove version information

* Websocket support is always required now
* s/see detail/see details

* docs/exit-node: add warning to manual documentation

* Replace the warning section with a warning admonition
* Fix TODO link back to the regular linux documentation

* docs/openbsd: fix typos

* the database is created on-the-fly

* docs/sealos: fix typos

* docs/container: various fixes

* Remove a stray sentence
* Remove "headscale" before serve
* Indent line continuation
* Replace hardcoded 0.22 with <VERSION>
* Fix path in debug image to /ko-app/headscale

Fixes: #1822

aa
2024-09-03 11:04:20 +00:00

1.5 KiB
Raw Blame History

Exit Nodes

On the node

Register the node and make it advertise itself as an exit node:

$ sudo tailscale up --login-server https://my-server.com --advertise-exit-node

If the node is already registered, it can advertise exit capabilities like this:

$ sudo tailscale set --advertise-exit-node

To use a node as an exit node, IP forwarding must be enabled on the node. Check the official Tailscale documentation for how to enable IP forwarding.

On the control server

$ # list nodes
$ headscale routes list
ID | Node   | Prefix    | Advertised | Enabled | Primary
1  |        | 0.0.0.0/0 | false      | false   | -
2  |        | ::/0      | false      | false   | -
3  | phobos | 0.0.0.0/0 | true       | false   | -
4  | phobos | ::/0      | true       | false   | -

$ # enable routes for phobos
$ headscale routes enable -r 3
$ headscale routes enable -r 4

$ # Check node list again. The routes are now enabled.
$ headscale routes list
ID | Node   | Prefix    | Advertised | Enabled | Primary
1  |        | 0.0.0.0/0 | false      | false   | -
2  |        | ::/0      | false      | false   | -
3  | phobos | 0.0.0.0/0 | true       | true    | -
4  | phobos | ::/0      | true       | true    | -

On the client

The exit node can now be used with:

$ sudo tailscale set --exit-node phobos

Check the official Tailscale documentation for how to do it on your device.