The official Tailscale subreddit. Not routinely monitored by Tailscale employees. Please contact support via https://tailscale.com/contact/support if you need further help.
DNS over Tailscale
I'm in a unique situation that I'm not sure Tailscale can solve for.
Configuration:
-
Subnet router advertises remote LAN network.
-
Tailscale has the remote LAN DNS server added with split DNS enabled restricted to the remote LAN domain (domain.com).
-
Client connected to Tailscale receives DHCP provided DNS entries on foreign network.
-
When client connects to Tailscale, client receives remote DNS server, which is reachable, in the DNS resolver list however the client resolves against the PUBLIC DNS (which is also domain.com) using the DHCP DNS servers. No requests for the internal domain ever make it to the remote LAN DNS server as a result.
Is there anyway to solve this issue?
What are you trying to accomplish? Assuming using your localDNS resolver even when not on your local net?
Not sure which device you have Tailscale on but if you can put it on the same as your dns resolver it would work better instead of bridging it though a sn router.
What’s worked for me is doing what’s above (main server rpi with TS, and pihole dns) and inputting the localip as the main dns, then it’s TailscaleIP, then 1.1.1.1; and overriding dns settings turned on. That way when you’re at home and on TS, you’re using your dns resolver and when away you’re using the dns resolver still. And if it goes down you have cloud flare fallback (I don’t recommend Google dns 8.8.8.8 at all)
Let me know if this was in the wheelhouse of what you were wanting
My goal is to reference my internal domain by name when Tailscale is connected, then resolve the external domain records when it's not.
I'm running my DNS server (adguard), as well as my Tailscale subnet router, as docker containers on the same host. I'm not sure I can enable the adguard container to be directly on the tailnet so I'm not sure that's an option.
With your proposed solution, wouldn't enabling TS break local DNS resolution on the client domain if I sent all DNS requests to the remote resolver?
I’d just use the pi-hole guide for Tailscale as a guide to what you want, use the Tailscale IPs of your DNS servers as the DNS IPs and then have a subnet router also. That’s how I do it and it works great. Means I can use my pi-holes anywhere.
Wouldn't that break my local DHCP dns resolution? I need to resolve Internet and local DNS against those servers while only resolving my TS LAN DNS entries for subnet router network name resolution.