[Bug] Subnet routes are pushed to clients when not in allowed ACL

[Nathanael-Mtd]

Is this a support request?

• This is not a support request

Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

When we allow only one route from subnet router node for clients, all routes from that subnet router nodes are pushed to clients.

Expected Behavior

Only push routes allowed by ACLs, not every subnet node router routes.

Steps To Reproduce

1. Add a node and announce multiple subnet (example : 10.10.10.0/24, 10.10.11.0/24, 10.10.12.0/24)
2. Add ACL to only allow one subnet 10.10.12.0/24 for a client
3. Check routing table from client (ip route show table 52 on linux) and all routes should appear

Environment

- OS: Ubuntu 24.04 for Headscale server and clients (but same issue for Windows clients)
- Headscale version: 0.24.0
- Tailscale version: 1.78.1

Runtime environment

• Headscale is behind a (reverse) proxy
• Headscale runs in a container

Anything else?

Netmap dump from the client with tag:headscale (cleaned and redacted for some parts) : netmap-hs.json

ACL config (important parts) : acl-redacted.json

Routes output :

user@ks-headscale:~$ ip route show table 52
10.108.0.0/24 dev tailscale0
10.108.1.0/24 dev tailscale0
10.108.2.0/24 dev tailscale0
REDACTED.66 dev tailscale0
REDACTED.67 dev tailscale0
100.64.0.1 dev tailscale0
100.64.0.4 dev tailscale0
100.64.0.9 dev tailscale0
100.64.0.11 dev tailscale0
100.64.0.16 dev tailscale0
100.64.0.27 dev tailscale0
100.64.0.68 dev tailscale0
100.100.100.100 dev tailscale0

The 5 first routes you can see is the ones announced from subnet router node, ACL allow only trafic to REDACTED.67 but other routes are present.

[github-actions]

This issue is stale because it has been open for 90 days with no activity.

[cv-prod-github]

Hello,

i think here should also be considered, that only subnet routes, that are not local to the node should be pushed.
When i use my local notebook, that has tailscale installed, it always prioritize the routes of tailscale, no matter the metric. So if im in the local network it still doesn't communicate directly and hops over the tailscale link.

[Nathanael-Mtd]

Hello,

i think here should also be considered, that only subnet routes, that are not local to the node should be pushed.
When i use my local notebook, that has tailscale installed, it always prioritize the routes of tailscale, no matter the metric. So if im in the local network it still doesn't communicate directly and hops over the tailscale link.

I think it's out of Headscale scope, because Headscale don't know (and don't need to know) about your local attached node networks.
You should search if there are an issue on Tailscale client project about that.

[kradalby]

Just so I understand correctly, the two concern for why this would be desired would be:

• If a node does not have access to a subnet, why should it know about it (akin to peer trimming)
  • There is no security concern per say as they policy should drop it and they wont work, just confusing.
• If a node gets the route from Headscale and it does not have access to it and it also has the local range available.

I imagine this can be implemented in a similar way to the peer trimming, it might be somewhat computational expensive, but that is traditionally not something we think about until later.

[kradalby]

I would be interested to hear what upstream does here, if they dont trim this, I do not think we will implement it. If they do, then it seems worthwhile to continue our goal of parity.

[Nathanael-Mtd]

Upstream Tailscale only push allowed routes, I just tested it.

Before (with dst *) :

After (only one subnet allowed) :

[kradalby]

So we need something like what we are doing here for routes: https://github.com/juanfont/headscale/blob/main/hscontrol/policy/policy.go#L27

[kradalby]

Can you give #2561 a go?