[isaack]

I don't think Tailscale's use of 100.x.x.x address space conforms with the RFC, but I don't think that there are any better alternatives out there. Do note though, once people start abusing the 100.x.x.x space, it will become "just another private IP space" and lost its significance:

RFC6598 requires that, when used as a routable address, the device must be able to do address translation across router interfaces when the addresses are identical on two different interfaces.

[1]: https://tools.ietf.org/html/rfc6598#section-4

[tlynchpin]

CGNAT block is popular in private k8s as overlay network address space because often the enterprise network already claims rfc1918 blocks. I'm not sure how close to the line that kind of usage is but I suspect it is SHOULD NOT. Speaking of, I probably should not even post this comment as it will now be indexed and served in search results, further contributing to the corruption. Alas, it works.