NixOS & Tailscale Exit Node Issue

I am trying to run these two commands on startup or at least get the Tailscale package to function correctly with Exit Node options.

Terminal Command 1:
NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ")

Terminal Command 2:
sudo ethtool -K $NETDEV rx-udp-gro-forwarding on rx-gro-list off

I have added the following to my nix config for the two commands to work:


   environment.systemPackages = with pkgs; [
        ethtool
        networkd-dispatcher
   ];

When I run the two commands myself in terminal the error goes away, and comes back when I restart!

I have already looked for a solution on Reddit and on discorse.nixos.org, however I cant figure out how to get these two commands to stick after a reboot.

This is for a Tailscale Exit Node, I got the TCP part working from HERE,
However I am struggling to get the two terminal settings above from HERE to stick after a reboot.

The commands to save the UDP settings are:

printf '#!/bin/sh\n\nethtool -K %s rx-udp-gro-forwarding on rx-gro-list off \n' "$(ip -o route get 8.8.8.8 | cut -f 5 -d " ")" | sudo tee /etc/networkd-dispatcher/routable.d/50-tailscale
sudo chmod 755 /etc/networkd-dispatcher/routable.d/50-tailscale

This gives me the error:

printf '#!/bin/sh\n\nethtool -K %s rx-udp-gro-forwarding on rx-gro-list off \n' "$(ip -o route get 8.8.8.8 | cut -f 5 -d " ")" | sudo tee /etc/networkd-dispatcher/routable.d/50-tailscale
sudo chmod 755 /etc/networkd-dispatcher/routable.d/50-tailscale
tee: /etc/networkd-dispatcher/routable.d/50-tailscale: No such file or directory
#!/bin/sh

ethtool -K enp5s0 rx-udp-gro-forwarding on rx-gro-list off 
chmod: cannot access '/etc/networkd-dispatcher/routable.d/50-tailscale': No such file or directory

Any help to get me at least pointed in the right direction is greatly appreciated.

I found this for Tailscale here NixOS Search

I added it in my configuration.nix as:


  services.tailscale = {
        enable = true;
        useRoutingFeatures = "both";
};

but it is still giving me this error when I run: tailscale up --advertise-exit-node

Warning: UDP GRO forwarding is suboptimally configured on enp5s0, UDP forwarding throughput capability will increase with a configuration change.
See Performance best practices · Tailscale Docs

I now find: Tailscale - NixOS Wiki

Modifying and adding this to my configuration.nix:

  #services = {
  services.networkd-dispatcher = {
    enable = true;
    rules."50-tailscale" = {
      onState = ["routable"];
      script = ''
        "${pkgs.ethtool} NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ") | -K enp5s0 rx-udp-gro-forwarding on rx-gro-list off
      '';
    };
  };

It will let me: nixos-rebuild switch.

I am at a loss, its odd because when I run the two commands myself in terminal the error goes away, and comes back when I restart, ignoring my attempts to automate / fix the UDP error.

I found the solution.

in your /etc/nixos/configuration.nix add the following to your config:

# Add Tailscale to your active programs.
services.tailscale = {
        enable = true;
        useRoutingFeatures = "both"; # this could be: "none", "client", "server", "both".
};
# Set Tailscale UDP as they do not stick and I have not figured out how to make ethtool settings stick.
  services.tailscale.interfaceName = "userspace-networking"; # Tailscale Exit Nodes expect a powerful modern CPU, this could hammer your CPU with enough traffic!
  services.networkd-dispatcher = {
    enable = true;
    rules."50-tailscale" = {
      onState = ["routable"];
      script = ''
        "${pkgs.ethtool} NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ") | -K enp5s0 rx-udp-gro-forwarding on rx-gro-list off
      '';
    };
  };

environment.systemPackages = with pkgs; [
        ethtool
        networkd-dispatcher

   ];
 

And upon reboot that should set your UDP-GRO-Forwarding up correctly. You may need to run tailscale up --advertise-exit-node in order to get your network adapter name, in my case it was:

enp5s0

1 Like