Setup: I used to have a tailscale agent installed on my router/firewall, which was configured as an exit node and a subnet router, so all my home devices could be accessed without agents on them. This worked great. Now, I had to switch to a new firewall, which does not have the ability to install the agent.
So, I installed the agent on a dedicated VM (linux debian) and configured it to advertise as an exit node and to advertise a subnet. I enabled ip forwarding per the instructions and enabled in on the control plane.
I have the agent installed (and always connected) on my primary workstation (mac), as I often work away from home. However, now that the agent is not on my router, but on a dedicated host on the network, I’ve experienced a strange issue. When connected to the same network as the dedicated subnet router, my mac cannot resolve DNS to internet addresses. I can ping public IP addresses, but cannot resolve DNS names. The only fix is to disable “Use Tailscale Subnets” in the menu.
I find this peculiar for 2 reasons:
- I never had to do this when the subnet router was installed on my network router.
- This option continues to automatically re-enable itself at (seemingly) random.
Am I missing something? Why would this option interfere now? Is there some option I missed on the subnet router configuration?