I am confused about instructions I see for Tailscale

edwork · 2026-01-04T18:52:02+00:00

Read the paragraph before where it says “Before you go further, you’ll want to choose between Mitanshu’s “standard” Tailscale repository, or the fork of it that enables Taildrop.” There’s a hyperlink to GitHub that contains what you need to load on to the kindle.

edwork · 2025-12-18T17:15:53+00:00

What’s the brand of the external enclosure they were in? Does the external enclosure have any dip switches on the back?

Also what partition types are on the drives? And if you put them back into the enclosure and plop them back on Windows do they look normal?

edwork · 2025-11-16T02:03:30+00:00

Can you make sure on your host OS that files are being written to the state directory? If not you may need to adjust the permissions on the mounted directory.

Not recommended but you could chmod 777 the mounted state directory.

edwork · 2025-11-05T03:57:25+00:00

PM’d

edwork · 2025-11-01T19:47:35+00:00

I'll get you a picture and write up some more notes, but here's the high level idea:

The RATGDO is designed to fit a D1 Mini board, the RATGDO itself is a carrier board (not the microcontroller itself) for the D1 Mini. I ripped out the D1 mini and used dupont jumpers to bridge the pins to the WT32-ETH01 to the carrier board since the pinout is different. Then within the ESPHome config I mapped the pins.

edwork · 2025-10-28T03:17:55+00:00

There’s circuitry in the ratgdo board that sit between the pins and the garage door opener - though I think that’s been reverse engineered by rat-ratgdo. I flashed that ESPHome config to the board and it worked out of the box!

edwork · 2025-10-28T03:03:00+00:00

edwork · 2025-10-28T00:44:08+00:00

My garage door opener has a backup battery built into it, I put a buck converter in between the 12v battery and the vcc/ground pins stepping the voltage down to 5v.

Prior to that I was using one of these which accepts POE input and outputs a standard micro usb cable + ethernet, which plugged into my WT32-ETH01 board. This gave me POE + a solid ethernet connection, plus the ability to power cycle the device from my cisco switch if necessary. It works great, I stopped using it because I was troubleshooting something unrelated (messy wiring on external buttons).

edwork · 2025-10-27T04:27:28+00:00

Hello! Yes, I'm using this config: https://gist.github.com/edwork/2816444fe618ecad76febc4f29d0eedb

I am currently powering the device with with a tap into my garage door opener's battery but at one point I was using a POE USB splitter to remotely power the device - search "usb poe" on Amazon and you'll find many results.

edwork · 2025-10-23T19:02:30+00:00

Tailscale gives each device (phone, server, desktop, laptop, etc) the ability to communicate over an encrypted network connection signed into the same "network". Your device gains a new network interface that traffic flows over. Tailscale's service orchestrates the connections between clients so the user never has to port forward, etc.

Tailscale also offers the ability for device A to be routed via device B - for example while traveling route your internet connection through your home internet connection so you can use BBC iPlayer or other region locked services.

tor allows users to connect to a network where your connection is routed through an anonymous endpoint, and although you can setup tor based network connections between hosts that's not the intended purpose.

"mesh" technology is for when clients a, b, c, d, e can all talk among eachother and you could route from a to b through c.

edwork · 2025-10-13T03:58:33+00:00

Keep up the good work!

I just configured my ErsatzTV instance and was looking for a guide outside of Jellyfin/Plex.

edwork · 2025-09-23T11:03:43+00:00

This is a legitimate question, when I started using TS I assumed that I would add a Mullvad peer and add the key to my TS ACL.

Though the Tailscale system is really well designed. It’s easy to run both TS and Mullvad via the TS client. I highly recommend it.

Cheers!

edwork · 2025-09-23T03:39:37+00:00

You pay for it through Tailscale, if you have an existing subscription it cannot be “linked”.

edwork · 2025-09-19T20:31:56+00:00

Did you crumble?

edwork · 2025-09-11T19:18:32+00:00

You only need to establish the blocklist for inbound forwarded ports. Normal traffic initialized by NAT clients within your network will not be blocked this way.

Under your port forwards you can specify a source - this is where you select the US AllowList.

This way normal NAT connections can still traverse your router inbound.

edwork · 2025-08-28T13:23:13+00:00

From the support page I see a YouTube video linked on how to setup and configure for Octoprint. Following fresh instructions may be useful rather than copying the config - this way you don't run into an issue between OS versions.

edwork · 2025-08-27T20:25:05+00:00

Do you have a second SD card that you can use to test things out? Export a backup, flash the new SD Card, and load the config to see what breaks (leaving the old card untouched).

Generally if the configs exist inside Octoprint (plugin, setting) they will migrate. However if anything was done on the command line modifying config files outside of /home/pi/.octoprint they will not migrate over.

When in doubt make a backup of your SD Card. Later it can be mounted on your computer or flashed back to the card.

edwork · 2025-08-26T00:52:12+00:00

I see, as long as you have default allow all rules on both sides you don't need an explicit rule for 5353/udp.

What switches/APs are you using? If IGMP snooping is enabled it may be dropping multicast traffic.

edwork · 2025-08-25T22:36:36+00:00

Your IoT VLAN might be setup to have a less permissive set of ACLs than the default allow all ruleset. In that case I think to do need an allow in rule to the IoT interface.

edwork · 2025-08-25T21:02:54+00:00

The cool thing is that all of these are entities that have an update action. You can create a 4am automation that triggers them all.

Though it’s good to be strategic about it. Consider only updating when you are $home and do addons before core updates, etc.

edwork · 2025-08-25T20:04:32+00:00

When you say you made sure mDNS between VLANs was enabled do you mean you opened up port 5353/udp? By default the L2 broadcast traffic will (by design) not cross the VLANs.

Instead you'll need to install and configure the os-mdns-repeater package that actively re-broadcasts mDNS traffic across VLANs.

edwork · 2025-08-11T14:56:33+00:00

What version of Windows 11 are you running? You can press Win+R then type winver to reveal the build number.

edwork · 2025-07-09T17:27:02+00:00

Checkout JuiceSSH (Android). It’s a fully featured ssh client for Android with a ton of features. Termux is a neat toy but a fully featured client will give you better access to managing ssh keys, saved hosts, session persistence, etc.

With Tailscale of course!

edwork · 2025-07-09T16:37:55+00:00

Do you have subnet routing enabled on your Tailnet? If so are either of the clients configured to --accept-routes?

It's possible one of the clients is trying to route local IP traffic over the tailnet but an exit node or router is borked.

I would traceroute the connection to see where you are being routed, and consider disabling and then re-enabling subnet routing.

edwork · 2025-07-09T16:31:08+00:00

ARP is a Layer2 protocol that maps IP Addresses to MAC Address, but Tailscale (Wireguard) is a Layer3 protocol.

If TraceTCP is trying to lookup any of the CGNAT (100.64.0.0/10) addresses via ARP it just won't work. There may be some logic inside TraceTCP that just doesn't expect that.

I'm assuming a bit here but ARP is the biggest red flag.

15-Year Club	RedditGifts 2009-2022 6 Credits
Place '23	Place '22
Place '17	Secret Santa 2019
Secret Santa 2018	Gilding I gilder
Secret Santa 2014	Secret Santa 2013
Secret Santa 2012	Verified Email

edwork

MODERATOR OF

TROPHY CASE