diff --git a/cmd/tailscaled/tailscaled.go b/cmd/tailscaled/tailscaled.go
index 6279dc850..b78827fef 100644
--- a/cmd/tailscaled/tailscaled.go
+++ b/cmd/tailscaled/tailscaled.go
@@ -709,7 +709,6 @@ func tryEngine(logf logger.Logf, sys *tsd.System, name string) (onlyNetstack boo
 		conf.DNS = d
 		conf.Router = r
 		if handleSubnetsInNetstack() {
-			conf.Router = netstack.NewSubnetRouterWrapper(conf.Router)
 			netstackSubnetRouter = true
 		}
 		sys.Set(conf.Router)
diff --git a/wgengine/netstack/subnet_router_wrapper.go b/wgengine/netstack/subnet_router_wrapper.go
deleted file mode 100644
index 97eb6406f..000000000
--- a/wgengine/netstack/subnet_router_wrapper.go
+++ /dev/null
@@ -1,28 +0,0 @@
-// Copyright (c) Tailscale Inc & AUTHORS
-// SPDX-License-Identifier: BSD-3-Clause
-
-package netstack
-
-import (
-	"tailscale.com/wgengine/router"
-)
-
-type subnetRouter struct {
-	router.Router
-}
-
-// NewSubnetRouterWrapper returns a Router wrapper that prevents the
-// underlying Router r from seeing any advertised subnet routes, as
-// netstack will handle them instead.
-func NewSubnetRouterWrapper(r router.Router) router.Router {
-	return &subnetRouter{
-		Router: r,
-	}
-}
-
-func (r *subnetRouter) Set(c *router.Config) error {
-	if c != nil {
-		c.SubnetRoutes = nil // netstack will handle
-	}
-	return r.Router.Set(c)
-}
diff --git a/wgengine/router/router.go b/wgengine/router/router.go
index 3c5497f42..da0b39739 100644
--- a/wgengine/router/router.go
+++ b/wgengine/router/router.go
@@ -80,8 +80,13 @@ type Config struct {
 	// callback. If zero, the MTU is unchanged.
 	NewMTU int
 
+	// SubnetRoutes is the list of subnets that this node is
+	// advertising to other Tailscale nodes.
+	// As of 2023-10-11, this field is only used for network
+	// flow logging and is otherwise ignored.
+	SubnetRoutes []netip.Prefix
+
 	// Linux-only things below, ignored on other platforms.
-	SubnetRoutes     []netip.Prefix         // subnets being advertised to other Tailscale nodes
 	SNATSubnetRoutes bool                   // SNAT traffic to local subnets
 	NetfilterMode    preftype.NetfilterMode // how much to manage netfilter rules
 	NetfilterKind    string                 // what kind of netfilter to use (nftables, iptables)
diff --git a/wgengine/userspace_ext_test.go b/wgengine/userspace_ext_test.go
index 4a3f6127c..5183d8f1b 100644
--- a/wgengine/userspace_ext_test.go
+++ b/wgengine/userspace_ext_test.go
@@ -12,7 +12,6 @@ import (
 	"tailscale.com/tstest"
 	"tailscale.com/types/logger"
 	"tailscale.com/wgengine"
-	"tailscale.com/wgengine/netstack"
 	"tailscale.com/wgengine/router"
 )
 
@@ -55,7 +54,7 @@ func TestIsNetstackRouter(t *testing.T) {
 			name: "hybrid_netstack",
 			conf: wgengine.Config{
 				Tun:    newFakeOSTUN(),
-				Router: netstack.NewSubnetRouterWrapper(newFakeOSRouter()),
+				Router: newFakeOSRouter(),
 			},
 			setNetstackRouter: true,
 			want:              true,