#What to do about tiny clients?

I have a 3d printer (AD5M) named kaylee that I'd like to access by that short name from within my home network and from without, on devices inside my tailnet. I am able to do this with my Home Assistant installation which is running on a Radxa X4 running Linux, which has absolutely no trouble running Tailscale. I was able to install the client on the printer as it runs embedded Linux, but the client used too much RAM and the printer stopped printing so that was no good. Failing some kind of absolute minimum client build, is there any way to do this? I've heard people say "oh yes subnet routers" but when pressed for details they wave vaguely in the direction of the documentation -- and while I do like the docs in general, this is one case where it isn't very clear to me at all how to do this. Help?

I myself don't like learning technical stuff from videos, but this might help you

You can run a subnet router on a small SBC such as your radxa,. Here's the official documentation .

What I do with my sovol printer is assign it a static DHCP reservation on my router and use my pihole/adguard home instance to give it an easily to remember name, (i.e. sovol -- very original, I know) pointed to that IP address . I do not run tailscale directly on the printer, fwiw.

I point my tailnet DNS through the admin console to my adguard home / pihole installation , and you can then use your nice friendly name when you're home (no tailscale) or out and about (while on tailscale).

FWIW, tailscale appears to be working on making building the tailscale executable more modular according to this github entry.

I still think your best bet is probably to utilize the subnet router approach especially if you don't want to get into the weeds about building your own tailscale executable.

Yes, I know I can run a subnet router, and I've seen the documentation -- that's what I mentioned in the original post. The how is just not there, or I'm not seeing it. I am curious about the pihole bit as I've got one of those running, but I just don't see how that would work.

That GitHub issue linked to https://tailscale.com/kb/1207/small-tailscale which I will take a closer look at later, perhaps there is some ground to be gained there.

The how is just not there, or I'm not seeing it.

If you read the entire article, you'll see a section entitled "Connect to Tailscale as a Subnet Router" . The how is all there, follow the linux instructions.

Unless you're running tailscale in a different manner which you'll have to confirm.

I think you may be misunderstanding me, or maybe I'm not being very clear. I have read that entire page, and had before asking for help here. It says at the top that one benefit is connecting to legacy devices, for instance, and that one use case is printers. The document also contains the video linked above, which didn't help me, but was a kind suggestion. It goes into detail on setting up IP forwarding and advertising routes -- but I don't know what routes to use, or why, when I'm in a flat network and everything inside can see everything already. I don't know what to put to achieve my goals, which is what I said earlier. There's even a section on DNS configuration but it appears to focus on putting Tailscale IPs in public records, where I believe I need the opposite.

I understand, you can't install tailscale on a printer , including a 3d printer --- a subnet router is exactly what you would use it for. Since you can't access it through a Tailnet IP address, if you could install tailscale on it... the next best thing is to set your radxa up as a subnet router. This would allow you to access your printer's web interface as if you were sitting on your home network. That's the why

Again from the article...

Make sure to replace the subnets in the example above with the correct ones for your network. All platforms except Apple TV support both IPv4 and IPv6 subnets. Apple TV only supports IPv4 subnets.

If your router is using the typical 192.168.1.1 network, you'd advertise 192.168.1.0/24 .

If you have a windows machine ipconfig /all should show you which network address you're using.
on Linux, it would be ip a . Use that as the base network you'd advertise.

Okay, let's say that's true, that "the correct ones" is "the subnet that the printer and router both share".

Example:
I have a flat network using 192.168.48.1 - .255.
I don't / can't run tailscale on my sovol printer. It sits at 192.168.48.15

I advertise using tailscale set --advertise-routes=192.168.48.0/24 so that I can use the web interface either through it's IP address, or since I'm using a self hosted DNS server , sovol.example.net in a web browser

Okay, you've got the printer at 192.168.48.15, and you have a public DNS name sovol.example.net that resolves to that address. You have some other machine on the 172.168.48.0/24 network, that other machine is running Tailscale, it's configured as a subnet router, and it is advertising that it can route traffic from other tailnet nodes to that network.

Yes, exactly. That's what a subnet router is.

So on some other tailnet node, say your phone or whatever, while you are out off your home network, you atttempt to resolve sovol.example.net.

It will get an IP address of 192.168.48.15 and resolve through the subnet router

Your phone goes to public DNS, gets 192.168.48.15, your phone doesn't have an explicit route for that network, but MagicDNS means it can learn somehow about the other machine on the tailnet that does know about 172.168.48.0/24, and off it goes?

From phone through tailnet to subnet router to the printer.

Yep. Tailscale does the magic routing that it knows to route 192.168.48.0/ 24 through tailscale.
It's not all sun and roses though, Tailscale trips sometimes if there are overlapping subnets. I'd really recommend getting off the 192.168.1.0/24 subnet if you're on it.

I'm not -- I actually have very few subnets I can use, because my company uses almost the entirety of RFC 1918 space for itself

Overlapping subnets screwed me up with work all the time until I found the right person to tell me what to use that wasn't going to be used by some work system somewhere.

Okay, the HA system has the routes, the machines page says that system is a subnet router (but not an exit node) and that the appropriate route is being advertised.

When my tablet is on the local network, it can reach the printer at its IP. Now switching the tablet to use the phone's hotspot, in order to get it outside the local network.

Okay, that does work. Now to break the subnet router piece and see if it still works, to see if this was a valid test.

Well, that's that. Stopping the route advertisement broke the connection.

Starting again made it work.

If you're taking suggestions on improving the documentation, an explicit example goes a long way to clearing up something like "the correct ones".

Thank you for your patience.

I mean ,I'm not a tailscale employee, and they did provide an example:
sudo tailscale set --advertise-routes=192.0.2.0/24,198.51.100.0/24 right above the text I provided you

It's all in the documentation

That is not quite what I mean.

An example would include the IPs of the devices under discussion, to make it clear which routes went in the advertise-routes bit

Because at least to me it was definitely not obvious.