tailscale: Poor throughput and unexpected disconnection using a Windows exit node running in Hetzner

What is the issue?

I setup a simple Tailscale network between my machine and a remote server in Hetzner with a static IP. One of the reasons for doing this is because I need the static IP as an exit node for a specific subnet of public IPs as the remote company requires static allowed IPs. I thought Tailscale to be a perfect solution for this as I can reuse an existing server and help build up a secure internal network.

Unfortunately the performance and reliability of the subnet router for Windows is so bad that I’m unable to do the modest work I need to do with it. I thought maybe it is the remote company with the issue initially but after testing independent raw file downloads (like this one) I get speeds of 10+MB per sec going direct and 250KB per sec with the subnet router.

What’s worse is that within a few minutes the transfer will just stop. I can see in TCPView is doesn’t even disconnect. It just stops transferring data.

I know that on Windows Tailscale doesn’t have very good performance currently, and I would have accepted modest speeds. But the feature is unusable at the moment.

Exit Node: Windows 10 latest Client: Windows 11 latest

tailscale status
100.67.153.45   strichpc             scott@       windows -
100.105.22.123  brg-build-server     scott@       windows active; offers exit node; direct 65.108.200.160:41641, tx 5658356 rx 118077180
tailscale ping brg-build-server
pong from brg-build-server (100.105.22.123) via 65.108.200.160:41641 in 299ms

Client logs & bug report --record markers:

BUG-7293cdb875b1c33555c1bcc35df4c8d356c238be1400fb6014ed87709d1c0399-20230314161309Z-167fda2725fb0072
BUG-7293cdb875b1c33555c1bcc35df4c8d356c238be1400fb6014ed87709d1c0399-20230314161500Z-ed9d28c8c3d25686

Exit node logs & bug report --record markers:

BUG-abdb9690e897d5b0eb24ec1d4f3214e2cf280af13a6652a46455cbc5a4988d5c-20230314161301Z-193636b820a22a63
BUG-abdb9690e897d5b0eb24ec1d4f3214e2cf280af13a6652a46455cbc5a4988d5c-20230314161454Z-82f63b39e0179ffd

OS

Windows

OS version

Windows 10/11

Tailscale version

1.36.2

Other software

No response

Bug report

No response

About this issue

  • Original URL
  • State: open
  • Created a year ago
  • Reactions: 1
  • Comments: 20 (5 by maintainers)

Most upvoted comments

FYI: I observe exactly the same behavior with Tailscale, but accessing the Linux VM that has shared routes to some VMs on the same physical machine in Hetzner.

Sometimes traffic slows to hundreds of KB/s, sometimes pauses for seconds to tens of seconds.

There are also days when this does not happen, but it does definitely happens at least once per month.

I suspect Tailscale might be tripping some traffic shaping/antiDDOS heuristics but unfortunately it’s too random and transient so I don’t even know what to ask Hetzner support for.

But what is weird is that I never observed problems reaching Tailscale running on the physical hosts (including the same hypervisor i’m talking about)

Maybe VM Tailscale traffic gets confused with the HV host Tailscale traffic by peers/control plane? Because their public IP is the same but one is NATed and another is a directly open port

+4
wizzard0 on Mar 19, 2023

Just to add a bit of info re above: The Linux node I tried after the Windows exit node failed was on DigitalOcean, so it is unlikely to be some shaping Hetzner is doing.

+2
strich on Mar 21, 2023
Read more comments on GitHub
← tailscale: No internet connectivity when using Mullvad as exit node
tailscale-qpkg: failed to connect to local tailscaled error with v1.36.0 →