You can use --netfilter-mode=off when running Tailscale.
This will prevent aggressive packets take over by Tailscale daemon.
It doesn’t exclude the possibility of conflict but chances are low.
https://github.com/netbirdio/netbird/issues/544
--netfilter-mode (Linux only) Advanced feature for controlling the degree of automatic firewall configuration. Values are either “off”, “nodivert”, or “on”. Defaults to “on”, except for Synology which defaults to “off”. Setting this flag to “off” disables all management of netfilter. Setting to “nodivert” creates and manages Tailscale sub-chains, but leaves the calling of those chains up to the administrator. Setting to “on” means using full management of Tailscale’s rules. Note that if you set --netfilter-mode to “off” or “nodivert”, it is your responsibility to configure the firewall securely for Tailscale traffic. We recommend using the rules installed by --netfilter-mode=on as a starting point.
https://tailscale.com/kb/1241/tailscale-up