The official Tailscale subreddit. Not routinely monitored by Tailscale employees. Please contact support via https://tailscale.com/contact/support if you need further help.
traffic going through tailscale derp servers using selfhosted headscale
Have anyone face or observed similar behavior ?
I got headscale selfhosted setup in local docker along with fly io app as the facing domain . I did connect two hosts and started moonlight streaming from one of the advertised hosts .
with ntopng running I can clearly see all the traffic going from the local WAN to the tailscale derp servers , and the traffic application was under tailscale not wireguard tunnel .
I did use the tailsclae service before and every traffic between two peers always through wireguard , tailscale derp only step in for coordination , so I was surprised when I seen this today
As per our docs:
headscale needs a list of DERP servers that can be presented to the clients.
By default, it uses Tailscale's https://github.com/juanfont/headscale/blob/main/config-example.yaml#L100
You can deploy your own or use headscale's embedded server, see that file a bit below.
Thanks its clear , going to look at that