I have a split DNS nameserver set in my Tailscale console:
my-server.my-domain.com -> 100.ab.cd.ef (the Tailscale IP of one of my Tailscale machines)
In one of my Tailscale machines (Raspberry Pi 4) I have Docker installed and I have the following container on it:
tailscale:
image: tailscale/tailscale:v1.72.1
container_name: tailscale
restart: always
network_mode: host
hostname: server-2
volumes:
- ../volumes/tailscale/lib:/var/lib
- /dev/net/tun:/dev/net/tun
cap_add:
- net_admin
- net_raw
environment:
- TS_EXTRA_ARGS=--advertise-exit-node=false --accept-routes=true
- TS_ACCEPT_DNS=true # To allow to connect to my-server.my-domain.com
- TS_USERSPACE=false # To allow other processes on the server to access devices through Tailscale IPs. See: https://registry.hub.docker.com/r/tailscale/tailscale/
- TS_STATE_DIR=/var/lib/tailscale # Make sure this node is not ephemeral by forcing the state to be saved to disk instead of memory. See: https://github.com/tailscale/tailscale/issues/4913
If I SSH into that machine and run dig my-server.my-domain.com @100.ab.cd.ef the domain is resolved correctly, but if I run dig my-server.my-domain.com the domain is not resolved.
I expected that dig my-server.my-domain.com would still resolve correctly according to the DNS configuration in the Tailscale console. Is there anything I’m missing here? What is the solution to this?