On my network, I’ve implemented wide-area Bonjour (DNS-SD via Unicast DNS resolution) to enable AirPrint on my various VLANs without having to reflect all of the mDNS names under .local using something like Avahi.
I have the DNS-SD discovery record served up from the local DNS in the same domain as I set as the default domain in DHCP option 15. This works as expected for devices on the local network. On a Mac, “dns-sd -F” will return both .local (via mDNS) as well as my DNS-SD domain. Furthermore, AirPrint printers, etc. are then discoverable.
If the client is also connected to my Tailnet, then discovery fails. “dns-sd -F” only shows .local, on the same network. I have my Tailscale DNS settings configured to forward requests for my domain to the same DNS server that is hosting the DNS-SD record (reachable via subnet router for remote clients, to support split-horizon DNS). Everything else under that domain resolves correctly via Tailscale.
While I was not expecting the DNS-SD to work for remote clients via Tailscale, I was surprised to see discovery fail when connected to the local network with Tailscale running (i.e. where the DHCP option DNS domain being provided on the local network is the same as domain I am doing split-horizon DNS with in my Tailscale configuration, and both the local network’s DHCP server and the Tailscale configuration are pointing clients at the same DNS server).
Is this expected behavior?
Tailscale client: 1.18.2