tailscale versions:
- 1.36.1 on windows
- 1.34.2 to 1.36.0 on linux (all systemd-resolved based)
- 1.36.0 on ios
description of the problem:
I have global resolvers set to cloudflare and google, override off:
dig @100.100.100.100 example.mytailnet.net works
external domains don’t:
$ dig @100.100.100.100 google.com
; <<>> DiG 9.18.11 <<>> @100.100.100.100 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 36445
;; flags: qr aa rd ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;google.com. IN A
;; Query time: 0 msec
;; SERVER: 100.100.100.100#53(100.100.100.100) (UDP)
;; WHEN: Fri Feb 10 21:19:56 UTC 2023
;; MSG SIZE rcvd: 28
On iOS this effectively breaks all the DNS because it seems that tailscale uses itself as a recursor no matter the override option.
Enabling ‘override local dns’ fixes the bug, but I can’t use it as I have machines in different environments that must use whatever the dhcp told them.