Private DNS stops working when using an exit node

I’m using v1.30.2 on both my laptop (Pop!_OS/Ubuntu) and a VPS (CentOS7) out on the internet. I also have my firewall (PFSense) setup as a client to expose my home /24.

Any time I start using an exit node I can no longer use the default DNS to resolve my internal services but I can still access them via IP. So, I do the following:

tailscale up --accept-routes --reset 
dig @ #works
dig @ #works
ping #works, resolves to
ping #works

and when I use an exit node Private DNS stops working.

tailscale up --accept-routes --reset --exit-node=
dig @ #fails
dig @ #works
ping #fails
ping #works

If I add to my host file, I can still access it and everything is fine so I’m 99% sure this is a DNS issue. I cant seem to figure out what’s going on. It seems to take my Exit Node DNS settings(???) so I can still access public services but private stops working. I’ve tried using --accept-dns=false, changing my edit node DNS to my private DNS IP, and I’ve spent a couple hours searching but I cant figure it out.

Can anyone replicate my problem or is my setup the issue? I can replicate this on Android, Windows, and Linux but I have no idea how to troubleshoot on Android or Windows.

Well, If anyone from google/searching is here,

this seems to be a bug.

  • when using an exit node, all DNS requests are sent to the exit node for resolution

However, I got an idea. I took down tailscale on my exit node, changed my /etc/reslove.conf to be that on my tailnet (, which broke DNS. I then added a host file entry for tailscale so that when I tailscale up it works. Et voilà, now I can resolve internal services while using an exit node.

I’ll undo this once the bug is fixed… Until then, I’ll hope I don’t forget that DNS isn’t going to work when my tailnet is down.