diff --git a/systems/x86_64-linux/jallen-nas/services.nix b/systems/x86_64-linux/jallen-nas/services.nix
index a87d55b..da9035a 100755
--- a/systems/x86_64-linux/jallen-nas/services.nix
+++ b/systems/x86_64-linux/jallen-nas/services.nix
@@ -1,11 +1,19 @@
 { pkgs, ... }:
 {
+  systemd.network.wait-online.enable = false;
+  # Force tailscaled to use nftables (Critical for clean nftables-only systems)
+  # This avoids the "iptables-compat" translation layer issues.
+  systemd.services.tailscaled.serviceConfig.Environment = [ 
+    "TS_DEBUG_FIREWALL_MODE=nftables" 
+  ];
+  networking.nftables.enable = true;
+  boot.initrd.systemd.network.wait-online.enable = false;
   # Services configs
   services = {
     tailscale = {
       enable = true;
       openFirewall = true;
-      useRoutingFeatures = "client";
+      useRoutingFeatures = "server";
       extraUpFlags = [
         "--advertise-exit-node"
         "--accept-dns=false"