Subnet router failover

When using subnet routers in large networks, you may want to provide a failover subnet router (also called a HA subnet router or high-availability subnet router) to ensure users of your network can continue to access resources if one routing device goes offline.

This feature is available for the Free, Premium, and Enterprise plans.
High-availability subnet routers is currently in beta. To try it, follow the steps below to enable it for your network using Tailscale v1.12 or later.

Step 1: Set up multiple subnet routers

Follow our guide to configure subnet routers, exposing the same routes on the same network on 2+ devices. For example, to expose 10.0.0.0/24,10.1.0.0/24, you’ll want to run a command like this on 2+ devices.

sudo tailscale up --advertise-routes=10.0.0.0/24,10.1.0.0/24

You can configure as many subnet routers as you want to act as a failover.

Step 2: Activate the subnet routers in the admin console

Visit the admin console, navigate to the Machines page, locate your subnet router and using the ellipsis icon icon at the end of the table, select Review subnet routes. This will open up the Subnet settings.

Click Enable on your routes so that Tailscale distributes the subnet routes to the rest of the nodes on your Tailscale network.

You may want to disable key expiry on your server to avoid having to periodically reauthenticate. See key expiry for more information about machine keys and how to disable their expiry.

Step 3: Done!

Once you have 2+ subnet routers exposing the same route on the same network, the Tailscale control server will automatically manage the failover between the different routers. Currently, if a subnet router is disconnected from the control plane for more than 15 seconds, traffic will be routed to another subnet router.

Last updated

On This Page

Related Pages