Trying to use dnsmasq on linux with tailscale

I have my own personal tailscale network set up, but I have one host that is already connected via wireguard to a separate server that I don’t control (and can’t put tailscale on) and trying to get DNS to work on it is complicated but similar to the issue here. Basically I need to keep dnsmasq as my primary DNS. A standard sudo tailscale up overwrites /etc/resolv.conf and messes everything up so that nothing resolves. Instead I started with sudo tailscale up --accept-dns=false which keeps my DNS working, but now I can’t connect to other tailscale hosts.

I edited /etc/dnsmasq.conf with
server=/ and restarted it but still not able to resolve my other hosts.

Then I tried
and now nslookup works with but not ping or ssh. Ideally I’d like to be able to resolve server1.local, but if anyone could help me resolve that’d be great too.


I should have realized that with nslookup working this wasn’t a DNS issue. Instead it was the IP routing from the wireguard tunnel where everything was routed through the wireguard interface. I added ip route add dev tailscale0 and now can connect to my tailscale network. I am still stuck with long dns names like Anyone have an idea on how I can configure dns so that ssh user@server1 would work as well as ssh

I’m not as familiar with dnsmasq, but in unbound DNS, you can set domain overrides that allow you to specify authoritative name servers for particular domains. So you could say “for any query * use For everything else, use the regular name servers”

Perhaps there’s something similar in dnsmasq?