⚠ Switch to EXCALIDRAW VIEW in the MORE OPTIONS menu of this document. ⚠ You can decompress Drawing data with the command palette: ‘Decompress current Excalidraw file’. For more info check in plugin settings under ‘Saving’
Excalidraw Data
Text Elements
physical subnet
machine A
machine B
…
tailscale subnet router
other network
machine C with tailscale installed
machine D
tailnet
data packet
machine A has no idea that the traffic comes from another subnet, they can only see that traffic comes from subnet router
Qn: how does machine C know where to send packet if it wants to connect to machine A?
Ans: subnet router is advertising to the whole tailnent:
“i have 192.168.16.0/24 in my physical network, connect to me if you wanna connect to them”
Ans: the packet already contains machine A’s private ip, so subnet router just forwards directly to machine A
this only works if machine C already knows machine A’s ip (private ip in its physical network) what if dns is needed?
Route DNS lookups to an internal DNS server
of course, when these two subnets are not directly connected, there’s no way machineC could just send packets to subnet router (it doesn’t even know what’s the subnet router’s ip!) the process is more like this:
tailnet
machine C with tailscale installed
tailscale subnet router
tailscale server