I’m having similar issues. I think that your answer to ss4pc’s question but I wanted to document my use case here, as well, including feedback.
I just received the Beryl AX which I bought specifically for a travel router that will route my traffic through a tailscale exit node. I don’t have any experience with OpenWRT but saw that Beryl AX was running an openwrt version which supported tailscale, so I thought I’d be fine. My tailscale network is already set up, including my exit node.
I received the Beryl today and tried to install tailscale with Luci. For some reason only the tailscale package is available, but it has a dependency on tailscaled, which was not available, and so I could not install tailscale.
After a lot of searching and poking around I found that the 4.2 supports tailscale natively, so I had to figure out how to install that.
After installing that I went to enable tailscale and turned it on but then had issues with the authentication step. I looked at my RPC traffic and saw requests (get_auth, I think) and empty responses. I noticed a bunch of entries in the log for
skip line without '=' Default every time I enable tailscale. So I ssh’ed in and ran
tailscale up, went through the auth steps, and it connected.
However, my intention is to route all WAN traffic through tailscale to the exit node to the internet. Something like this:
[Local Network] -> MT-3000 (100.99.49.42) -> tailscale (via internet) -> exit node (100.78.129.41) -> internet
I consider tailscale to be a VPN, so I’m surprised that it’s in the Apps section. Also, there’s no “Block non-VPN traffic” equivalent for tailscale, so I’m starting to get worried that the Beryl won’t do what I bought it for.
In any case, your instructions refer to enabling subnet routes, but there are no subnet routes to enable in the Tailscale UI. I understand that they have to be “requested” by the local app, and that hasn’t happened, so maybe something else is broken? I set the “allow remote access LAN” setting.
Also, I notice even after a few restarts when I turn on the “enable tailscale” button the client doesn’t actually come online (based
tailscale status). Only the daemon is started, and when I turn it off via the UI the daemon is stopped, but even when the switch is on in the UI I get
# Health check:
# - state=Stopped
I tried to manually run
tailscale up --exit-node ... but all that did was turn off my local connection altogether. Luckily because tailscale was up I was able to access my Beryl via the tailscale network.