Regional routing

When using your subnet routers in high availability (HA) mode, you can enable the regional routing option in your Tailscale network (tailnet) to automatically route traffic to the closest available HA subnet router for communicating with an IP address in the subnet router’s addressable range.

Regional routing is available for the Enterprise plan.
Regional routing is currently in private alpha. Therefore, this topic is currently hidden.

How regional routing works

Tailscale uses DERP servers to indicate which of your subnet routers is closest to any given client device. Subnet routers are automatically assigned a regional routing group.

Within each region, Tailscale selects a primary subnet router if more than one exists for a given address range. Tailscale regularly updates which HA subnet routers belong to each regional routing group.

Client devices identify which regional routing group is closest to them by finding the closest DERP server, and are instructed to send traffic directly to the closest subnet router.

Enabling regional routing for your tailnet

  1. Verify that you have at least two subnet routers in failover mode. This is also referred to as HA mode.
  2. Open the Settings page of the admin console.
  3. Enable the Regional Routing option.

The traffic for tailscale clients will automatically be routed regionally when connecting to addresses covered by an HA subnet router.

Example use case

On-ramping remote employees to transit backbones

You can use subnet routers in conjunction with regional routing to on-ramp remote employee traffic to transit gateways such as AWS Transit Gateway, Google Cloud Interconnect, Azure ExpressRoute, and other virtual private transit providers. By placing a subnet router in front of each network on-ramp point, regional routing will automatically route device traffic on to the transit provider as quickly as possible.

Last updated