Magic DNS not resolving on Windows only

Windows
1

I have four devices in my little tailscale network (a mac, a linux server, an iphone, and a windows 10 box). Magic DNS works just fine on all devices except for the Windows machine, which cannot resolve any of the others’ host names. Resolve-DnsName just times out, as does ping. All other machines, however, have no problem resolving the host names of each other, including the Windows machine’s host name.

I’m not sure how to go about debugging this, to be honest. Can anyone point me in the right direction to get me started?

Thanks in advance.

2

hi,
what version of windows?
what version of ts?

3

Windows 21H1 and tailscale 1.14.0.

When I run Resolve-DnsName -Name {machine-name} in powershell, I get a message that says “this operation returned because the timeout period expired.”

I get the same error when trying to resolve {machine-name}.{username}.{emaildomain}.beta.tailscale.net.

I have no problem at all reaching tailscale devices by their tailscale IP from this windows box. It’s like Windows just totally ignores magic dns.

Things I have tried: toggling on/off magic DNS; flushing the dns cache in windows; and reinstalling tailscale.

4

i do not use magicdns, i hardcode names using hosts in the acls

but found this post, not sure it will help…

5

@ klittle32 : with Tailscale off what DNS servers is it using? Powershell Get-DnsClient | Format-List and Get-DnsClientServerAddress | Format-List can tell this.

In Tailscale, are the Global nameservers configured to override the local or not?

I assume that web browsing works when Tailscale is disconnected?

The point of these questions is to figure out where the DNS config is coming from.

6 
Get-DnsClientServerAddress | Format-List

shows something possibly interesting here. Tailscale isn’t showing any IPv4 values for ServerAddresses, but it does show addresses for the IPv6 entry. After the two entries for the Tailscale interface, there are two for Ethernet, which shows an IPv4 address for my DNS host (a sonicwall router running a DNS proxy cache, which points to 8.8.8.8 for its primary upstream DNS).

In Tailscale, global nameservers are not configured to override local.

No problem browsing the internet when Tailscale is disconnected.

So for others running Tailscale in Windows, what do you see for the Tailscale interface when you run Get-DnsClientServerAddress? Do you see any IPv4 values for ServerAddresses? Or if you’re like me, are you getting something like the following:

InterfaceAlias  : Tailscale
InterfaceIndex  : 7
AddressFamily   : IPv4
ServerAddresses : {}

InterfaceAlias  : Tailscale
InterfaceIndex  : 7
AddressFamily   : IPv6
ServerAddresses : {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3}

I would think that the IPv4 entry for Tailscale would show 100.100.100.100 for its server address.

7

Tailscale doesn’t add addresses in that form, I think that is what Windows adds if DHCP times out (though Tailscale interfaces don’t use DHCP at all). Windows would add a 169.254.x.x IPv4 address, an IPv6 link-local addresses, and fec0:0:0:ffff::1 DNS servers.

8

Bug report:

BUG-b8a6b41f5ca545e3c13752047033b9596078026d61d98d188833827071f5ba4a-20210913132229Z-564c0b60f8301326

I installed Tailscale on a new windows 10 client and am having the same problem. I’m thinking it could be a bug.

Thanks, everyone.

9

we have logged the GitHub issue for the same : MagicDNS is failing on windows 10 machine. · Issue #2841 · tailscale/tailscale · GitHub

10

Using MagicDNS on my Win10 system I could resolve Tailscale FQDNs but not short names.
If I modify the Tailscale Tunnel adapter, IPv4 settings, under advanced settings, DNS I add mydomainname.net.beta.tailscale.net to the "Append these DNS suffixes (in order) field.
Now short and full domain lookups appear to work as they should.

This will stop working when you change the MagicDNS suffix.

edit - on an entirely different machine that is on an isolated network with no DNS suffixes at all specified, MagicDNS short names appear to work correctly on Win10.

On the shortname non-working LAN I have a DNS suffix from DHCP. Now I have both with the local one first and the tailscale one second.