After installing and starting tailscape the host lookup tools don’t use /etc/hosts anymore, i.e. host, dig, nslookup don’t work for entries in /etc/hosts.
However I can still ping those hosts so it’s not all lost.
Anybody can shed some light on this? How to solve it, will it possibly be solved in future by tailscape or …?
Thanks!
erikI don’t think those tools have ever used /etc/hosts, as far as I know. They’ve always generated their own DNS request packets so they can parse the responses, and DNS requests packets have to go to a real DNS server.
Have you tried MagicDNS instead? https://tailscale.com/kb/1081/magic-dns
What’s your nsswitch.conf say? I suppose we might need to make the Magic DNS blend in those hosts entries too.
Just checked that host, nslookup, dig use /etc/hosts when tailscale is down:
erik@jojda:~$ grep -w nas /etc/hosts
192.168.1.65 nas
erik@jojda:~$ host nas
nas has address 192.168.1.65
Host nas not found: 3(NXDOMAIN)
erik@jojda:~$ nslookup nas
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: nas
Address: 192.168.1.65
erik@jojda:~$ dig nas
; <<>> DiG 9.16.6-Ubuntu <<>> nas
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21299
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;nas. IN A
;; ANSWER SECTION:
nas. 0 IN A 192.168.1.65
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Mon Dec 07 19:47:19 PST 2020
;; MSG SIZE rcvd: 48
Now with tailscale up:
erik@jojda:~$ host nas
Host nas not found: 3(NXDOMAIN)
erik@jojda:~$ nslookup nas
Server: 100.100.100.100
Address: 100.100.100.100#53
** server can't find nas: NXDOMAIN
erik@jojda:~$ dig nas
; <<>> DiG 9.16.6-Ubuntu <<>> nas
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33945
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;nas. IN A
;; AUTHORITY SECTION:
. 85726 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020120702 1800 900 604800 86400
;; Query time: 28 msec
;; SERVER: 100.100.100.100#53(100.100.100.100)
;; WHEN: Mon Dec 07 19:46:26 PST 2020
;; MSG SIZE rcvd: 107
According to dig, looks like you have a DNS server running on 127.0.0.1 that is responding wtih /etc/hosts entries? That’s… not what I expected. Maybe this is a macOS or systemd-resolved thing?
Just to clarify, I am already using MagicDNS, it works pretty well but my NAS does not run tailscale (ReadyNAS https://github.com/tailscale/tailscale/issues/882) so I keep using /etc/hosts for that.
Think it would be pretty useful if /etc/hosts entries were used by MagicDNS.
I have default ubuntu nsswitch.conf:
erik@jojda:~$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: compat systemd sss
group: compat systemd sss
shadow: compat sss
hosts: files myhostname mdns4_minimal [NOTFOUND=return] dns mdns4 mymachines
networks: files
protocols: db files
services: db files sss
ethers: db files
rpc: db files
netgroup: nis sss
automount: sss
yeah, you’re right, there’s local DNS server running, I think it’s systemd-resolved (running Ubuntu), here’s resolv.conf when tailscale is down:
erik@jojda:~$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.
nameserver 127.0.0.53
search attlocal.net
And here’s resolv.conf when tailscale is up:
erik@jojda:~$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.
nameserver 100.100.100.100
nameserver 127.0.0.53
search zasran.gmail.com.beta.tailscale.net attlocal.net
But I am less interested in how it’s working without tailscale and more interested if/how it’s possible to make /etc/hostst work with tailscale 
yes, I’m using MagicDNS, it works great but my NAS does not work with tailscale so I want to keep using /etc/hosts for that one (ReadyNAS https://github.com/tailscale/tailscale/issues/882).
Okay, that makes sense (although it’s a feature of systemd-resolved that I didn’t know about). The correct fix will be an adjustment to tailscale so it can allow your “regular default” nameserver as a fallback, instead of overriding your corp dns settings. Stay tuned! And thanks for the report.