Is it possible to make the 100.100.100.100 server listen for DNS queries from other hosts on the same internal network? I’m implementing NextDNS on my internal network and would like to make it so *.beta.tailscale.net addresses are resolved, regardless of if they are on Tailscale (or can even connect to that resource). This is just to cover when I’m at home and dont need Tailscale DNS or subnets for 99% of traffic and just want to connect to a TS resource by hostname.
I did this in the past with AdGuard Home forwarding queries to 100.100.100.100 (on the same machine), but it seems 100.100.100.100 only listens to the client its on, so I cant query it via nslookup or other tools from other machines without something like AdGuard or another DNS server there as well.
Probably an edge case, but curious if this is possible.
I don’t think this would be straightforward to make work. As you note, 100.100.100.100 isn’t a real node it is code within the local tailscaled which watches for DNS queries. We’re may add other functionality using 100.100.100.100, but always things which are in some way tied to the local node.
One alternative is tailscale status --json, which can provide the list of tailnet hostnames and addresses and might be a basis to populate NextDNS.
I set up a quick instance of DNSMasq on that machine to use 100.100.100.100 for beta.tailacale.net addresses. Seems to work so far. Was just hoping you could just tell the 100.100.100.100 instance to respond on other interfaces, but this works. Thanks for the help.
Should be possible if you allow forwarding from LAN to Tailscale network on the tailscale gateway.
Then in your router add a static route, where [u]t<tailscale gateway’s IP-address>[/u]as gateway to 100.100.100.100/32 as destination network.
(Just remember that if your tailscale device and your internet router is two different devices, that it’s on tailscale device you enable/allow forwarding, but static route you would need to configure on your internet router device).