Comment by bradfitz
2 days ago
Happy to answer any questions!
A bunch of us are currently in https://meet.google.com/qre-gydb-mkv chatting about this. (Edit: the hour is over; we all left)
The earlier Apr 1st blog post was https://tailscale.com/blog/tailscale-enterprise-plan-9-suppo...
I've never set up a Plan 9 system... does this allow the distributed systems communications to run through my Tailnet?
Yes, you could do something like keep a small root fs or pack everything into the kernels paqfs to boot into a Tailscale VPN and pull root from another 9 machine on the VPN. Then pull resources in from other machines including non 9 systems.
Either way it makes VPN easy between 9 and non 9 machines. Otherwise Plan 9 can do it's own VPN-like over tls or ssh tunnels and bind remote network stacks to a local namespace. But that makes seamless Unix and Windows comms difficult.
> Otherwise Plan 9 can do it's own VPN-like over tls or ssh tunnels and bind remote network stacks to a local namespace
Note that one of Tailscale's main party tricks is NAT traversal, when both machines are behind different NATs and can't otherwise get a connection open to each other. (And then Tailscale ultimately falls back to a relay server on the internet if it can't get a direct connection for IP packets)
2 replies →
I think so! Caveat is I've never really used Plan 9 outside of single-user VMs.
[flagged]
We actually have that nowadays... the config file support to tailscaled, as Irbe mentioned on the bug Jan 2024: https://github.com/tailscale/tailscale/issues/1412#issuecomm...
Yeah I did find that in my quest but nowhere is this config file defined. I have no idea what to put into it so it's useless to me.
Also while I have you here, the tailscale container image lacks iptables support, making it useless.