Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue with DERP_VERIFY_CLIENTS #12

Open
YueMiyuki opened this issue May 9, 2024 · 6 comments
Open

Issue with DERP_VERIFY_CLIENTS #12

YueMiyuki opened this issue May 9, 2024 · 6 comments

Comments

@YueMiyuki
Copy link

When I enable DERP_VERIFY_CLIENTS and mount the tailscale socket, the log spams:

2024/05/09 13:53:09 derp: 192.168.1.1:33204: client 6e6f64656b65793a38363561646163373162613765313461366266646161616666393336356338303233633966353363386134646532386637613536316262306532313562623331 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:11 derp: 182.239.114.237:18604: client 6e6f64656b65793a64316361636365353235343863303031393437336361393230636439633832616334366630383866323937383536386166326232383666303835656239333662 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:22 derp: 39.144.44.249:28107: client 6e6f64656b65793a64623934633866613833303739363332653562646639383030353137623437353539326435376261623463653038343435346162643339646366313763653763 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:31 derp: 39.144.44.249:28110: client 6e6f64656b65793a64623934633866613833303739363332653562646639383030353137623437353539326435376261623463653038343435346162643339646366313763653763 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:33 derp: 182.239.114.237:5269: client 6e6f64656b65793a64316361636365353235343863303031393437336361393230636439633832616334366630383866323937383536386166326232383666303835656239333662 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:33 derp: 39.144.44.249:28111: client 6e6f64656b65793a64623934633866613833303739363332653562646639383030353137623437353539326435376261623463653038343435346162643339646366313763653763 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:34 derp: 182.239.114.237:5270: client 6e6f64656b65793a64316361636365353235343863303031393437336361393230636439633832616334366630383866323937383536386166326232383666303835656239333662 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:35 derp: 192.168.1.1:37602: client 6e6f64656b65793a38363561646163373162613765313461366266646161616666393336356338303233633966353363386134646532386637613536316262306532313562623331 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:46 derp: 39.144.44.249:28120: client 6e6f64656b65793a64623934633866613833303739363332653562646639383030353137623437353539326435376261623463653038343435346162643339646366313763653763 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:48 derp: 192.168.1.1:58130: client 6e6f64656b65793a38363561646163373162613765313461366266646161616666393336356338303233633966353363386134646532386637613536316262306532313562623331 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:49 derp: 182.239.114.237:18606: client 6e6f64656b65793a64316361636365353235343863303031393437336361393230636439633832616334366630383866323937383536386166326232383666303835656239333662 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:56 derp: 192.168.1.1:58136: client 6e6f64656b65793a38363561646163373162613765313461366266646161616666393336356338303233633966353363386134646532386637613536316262306532313562623331 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:54:04 derp: 192.168.1.1:41912: client 6e6f64656b65793a38363561646163373162613765313461366266646161616666393336356338303233633966353363386134646532386637613536316262306532313562623331 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:54:12 derp: 192.168.1.1:54770: client 6e6f64656b65793a38363561646163373162613765313461366266646161616666393336356338303233633966353363386134646532386637613536316262306532313562623331 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused

Local tailscale is up and running

Command for starting the container:

 docker run -d -p 80:80 -p 443:443 -p 3478:3478/udp --name derper --restart=unless-stopped -v ./derper/certs:/app/certs -v /var/run/tailscale/tailscaled.sock:/var/run/tailscale/tailscaled.sock -e DERP_ADDR=":443" -e DERP_VERIFY_CLIENTS=true -e DERP_DOMAIN="derper.my-domain" fredliang/derper
@YueMiyuki
Copy link
Author

Also having these problems even without Verify clients.... Pls help :(

image

@lingbaoboy
Copy link

一样的问题,目前使用高位端口就当加密了

@northsea4
Copy link

根据我这前些天瞎折腾所得:

  1. 必须映射tailscaled.sock到容器,我映射的是目录: /var/run/tailscale:/var/run/tailscale
  2. 如果主机的tailscaled服务重启了,容器也需要重启
  3. 我没有遇到connection refused,但遇到了invalid 'addr' parametercmd/tailscaled, derper: add cheaper derp --verify-clients lookup method tailscale/tailscale#12465 ,我认为是已安装的tailscale版本不支持验证nodekey:xxx这种凭据信息,于是我直接clone了tailscale仓库并自行编译了tailscale和tailscaled,测试可行。不过说明一下,我使用的是 yangchuansheng/ip_derper

@northsea4
Copy link

测试tailscale是否支持验证nodekey:xxx:

curl --unix-socket /var/run/tailscale/tailscaled.sock "http://local-tailscaled.sock/localapi/v0/whois?addr=nodekey%3Axxx"

如果支持验证,则结果为 invalid nodekey in 'addr' parameter,否则会是 invalid 'addr' parameter
如果替换 xxx 为真实且有效的设备的key,则会显示设备信息(json)。

@Calcifer97
Copy link

根据我这前些天瞎折腾所得:

  1. 必须映射tailscaled.sock到容器,我映射的是目录: /var/run/tailscale:/var/run/tailscale
  2. 如果主机的tailscaled服务重启了,容器也需要重启
  3. 我没有遇到connection refused,但遇到了invalid 'addr' parametercmd/tailscaled, derper: add cheaper derp --verify-clients lookup method tailscale/tailscale#12465 ,我认为是已安装的tailscale版本不支持验证nodekey:xxx这种凭据信息,于是我直接clone了tailscale仓库并自行编译了tailscale和tailscaled,测试可行。不过说明一下,我使用的是 yangchuansheng/ip_derper

我也遇到了这个问题,我使用了旧版的ip_derper可以运行了,应该需要等待tailscaled更新下

@Calcifer97
Copy link

tailscale/tailscale#12558

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@lingbaoboy @Calcifer97 @YueMiyuki @northsea4