The net/netns package does not support FreeBSD or OpenBSD.

The point of the netns package is to let Tailscale dial out to things using the underlay network+routes (the machine's real network) rather than those connections looping back into Tailscale.

Concretely, this lets Tailscale use exit nodes and install 0.0.0.0/0 and ::/0 routes to capture all traffic to be handled by Tailscale.

But if we just install the /0 routes naively on FreeBSD without implementing netns support, then when Tailscale tries to connect to its control plane server or a DERP server, it tries to do so via its exit node, rather than directly. Those are TCP and might kinda work (even if not ideally), but the real problem is UDP. When Tailscale sends Wireguard UDP packets and STUN NAT traversal packets, without netns support those too would try to go via an exit node. But you can't send anything via an exit node if you can't send packets to an exit node directly in the first place.

So we need support on FreeBSD + OpenBSD to do TCP+UDP via a specific network interface (or ignoring a certain network interface like our tailscale0 or ignoring its routes).

I don't know FreeBSD well enough to know what options exist there.