Setting up subnet routes on Linux relays
Tailscale’s subnet routing feature facilitates incremental deployment by allowing a single agent to grant access to entire subnets (and not just a single machine). For instance, a relaynode deployed on the NAT Instance (from above) could provide access to all machines running on both the private and public subnets.
To define available subnets that you wish a relaynode to provide access to, use the --routes=... switch.
For the NAT Instance described above, use
--routes=10.0.0.0/24,10.0.1.0/24to permit access to both subnets.
Then, in the admin console, activate them by selecting the Enable Subnet Routes option in the relaynode’s entry: