Tailscale hosts FQDN

Tailscale version: 1.26.2

Your operating system & version: pfSense 2.6

Tailscale DNS overriding DNS (/etc/resolv.conf). I had to disable it, since I use split horizon DNS and full recursive resolver (Unbound). With some routes/subdomains going under the hood over VPN with NS-to-private-IP records leading to other private DNS servers. If some query goes out of VPN perimeter, it won’t come back from TailScale

Now, to make it nice, I want to forward Tailscale only queries to Tailscale ( with Unbound’s “forward-zone” directive. E.g., put Tailscale after the resolver, not before. Obviously, I need FQDN for this hence “naked” hosts won’t be working

Is there a FQDN for my hosts? E.g., some-node == some-node.my-accound-id.tailscale.com. or such? So, I’d use my-accound-id.tailscale.com. subdomain for the forwarding.

I don’t need “naked” hosts, preferring to stick to FQDN for my infra.

Thank you

As always, once spent a time to write a question, answer becomes obvious

Via host details, <host>.<dotted-email>.beta.tailscale.net

So, full custom config for Unbound would like like this:

        private-domain: "beta.tailscale.net."

        name: "beta.tailscale.net."

And I can confirm, it works great, tried in OpnSense

I think, it should be preferred option for pfSense/opnSense over modifying the resolv.conf