I run Tailscale on my laptops, phone and NAS, and wanted to add an exit node so I could route traffic through my own connection when I’m out and about. The obvious place to put it was the NAS, since it’s already always on, but the NAS also holds everything I’d least like exposed if something went wrong. Making it double up as an exit node, with every device’s outbound traffic flowing through it, didn’t sit right. What I wanted instead was a disposable, isolated VM living on the same machine doing that job, leaving the NAS untouched. The plan The plan was to build a small Debian VM with KVM/libvirt, running on the NAS, that would advertise itself as the exit node. Tailscale handles its own NAT traversal and routing, so the VM doesn’t need any special bridged networking. The default libvirt NAT network is enough. The VM just needs ordinary outbound internet access; once it’s part of the tailnet and advertising as an exit node, other devices can route their traffic through it. Creating…
No comments yet. Log in to reply on the Fediverse. Comments will appear here.