Tailscale hosts FQDN

Vetal · July 29, 2022, 2:41am

Tailscale version: 1.26.2

Your operating system & version: pfSense 2.6

Tailscale DNS overriding DNS (/etc/resolv.conf). I had to disable it, since I use split horizon DNS and full recursive resolver (Unbound). With some routes/subdomains going under the hood over VPN with NS-to-private-IP records leading to other private DNS servers. If some query goes out of VPN perimeter, it won’t come back from TailScale

Now, to make it nice, I want to forward Tailscale only queries to Tailscale (100.100.100.100) with Unbound’s “forward-zone” directive. E.g., put Tailscale after the resolver, not before. Obviously, I need FQDN for this hence “naked” hosts won’t be working

Is there a FQDN for my hosts? E.g., some-node == some-node.my-accound-id.tailscale.com. or such? So, I’d use my-accound-id.tailscale.com. subdomain for the forwarding.

I don’t need “naked” hosts, preferring to stick to FQDN for my infra.

Thank you

Vetal · July 29, 2022, 2:52am

As always, once spent a time to write a question, answer becomes obvious

Via host details, <host>.<dotted-email>.beta.tailscale.net

So, full custom config for Unbound would like like this:

server:
        private-domain: "beta.tailscale.net."

forward-zone:
        name: "beta.tailscale.net."
        forward-addr: 100.100.100.100

And I can confirm, it works great, tried in OpnSense

I think, it should be preferred option for pfSense/opnSense over modifying the resolv.conf

Topic		Replies	Views
How is local network hostname and FQDN resolution handled?	2	978	February 25, 2023
Best way to use TS & Route 53 for private hosted zones/custom dns & tld Linux	1	1373	April 26, 2023
Trying to use dnsmasq on linux with tailscale	2	916	September 21, 2022
Tailscale and local dnsmasq	7	2346	December 17, 2021
Tailscale DNS and sytstemd-resolved SUPPORT QUESTIONS	0	888	November 15, 2022

Tailscale hosts FQDN

Related Topics