Nomad host address mapping doesn't work as shown in nomad Web UI

I am using:

  • Nomad 1.8.0,
  • Consul 1.18.1,
  • Docker version 27.3.1, build ce12230
  • Ubuntu 24.04.1 LTS (Noble Numbat) on aarch64 (Raspberry 4)

If I add host network in my nomad config file:

client {
  enabled = true
  host_network "tailscale" {
    cidr = "100.121.82.120/32"
    reserved_ports = "22"
  }
  host_network "default" {
    cidr = "192.168.68.131/32"
    reserved_ports = "22"
  }
  host_network "localhost" {
    cidr = "127.0.0.1/32"
    reserved_ports = "22"
  }
}

and if I later try to put to use these networks in my nomad job:

    network {
      port "https" {
        static       = 443
        to           = 443
        host_network = "tailscale"
      }
      port "https-k3" {
        static       = 4443
        to           = 443
        host_network = "default"
      }
    }

I do see the mapping is correct and job is deployed without issues:

But, the problem is that the mapping in Docker is not correct: the IP 192.168.1.117 (which is also a correct IP, mind you - 192.168.68.131 is used above, but it doesn’t matter which one of the two gets picked up, as long as it’s not 100.* since that goes via Tailscale VPN) is never used, therefore it is not available, here is the inspect result of that docker container:

            "PortBindings": {
                "443/tcp": [
                    {
                        "HostIp": "100.121.82.120",
                        "HostPort": "443"
                    }
                ],
                "443/udp": [
                    {
                        "HostIp": "100.121.82.120",
                        "HostPort": "443"
                    }
                ]
            }

Question:
how do I make Nomad / Docker expose the port on the node 192.168.1.117 (or 192.168.68.131) correctly in this example?

If that is not possible, how can I make Nomad expose port on 0.0.0.0 (all IPs), I can then make further changes on my side.

Thank you. I have been stuggling with this issue for months already, trying different approaches but without any resolution, so I decided to always expose only 100.* IPs (coming from tailscale virtual network adapter), but I would really like to have this single port mapping work out, it would be a gateway to soo much user improvement in my homelab…