TL;DR After updating the tailscale agent on my windows pc, all of my
nslookup requests using domains from local dns records created in my pihole instance, seem to be going through magicdns however I have magicdns disabled. Is this new or expected behavior?
I run tailscale across my home network and I use pi-hole for local dns resolution. I have the pi-hole tailscale ip set as the nameserver in tailscale and use “override local dns” to force all the computers and servers in my network to use it. This has worked mostly without issues for many months now. I recently updated tailscale on my main windows computer to 1.30.0 and thats when I started noticing “odd” behavior.
Previously, when I would do an
nslookup I would get results similar to this:
powershell> nslookup vm300.tailscale.lan Server: pi-hole Address: 100.82.122.19 Non-authoritative answer: Name: vm300.tailscale.lan Address: 100.89.214.89
However, now when I run it, I get results like this where it indicates its using tailscales magicdns:
Server: magicdns.localhost-tailscale-daemon Address: 100.100.100.100 Name: vm300.tailscale.lan Address: 100.89.214.89
I have magicdns disabled within tailscale since I use pihole for my dns. As you can see it still returns the correct IP but the whole reason I noticed this is because I randomly had issues today resolving some domains created within pihole. When I ran
nslookup at that time, it couldn’t find the domain (e.g.
*** dns.opendns.com can't find vm300.tailscale.land: Non-existent domain). It references opendns since its not using pihole and instead using the nameserver set within my router.
I tried a bunch of things to fix this, ran commands like
NETSH winsock reset catalog among others and then restarted the computer. I also reinstalled the agent. The only way to get it to not reference magicdns is to hardcode the pihole tailscale ip as the nameserver within windows network settings but shouldn’t I not need to do that since I’m using “override local dns”?
Ultimately, my question is, why is it using magicdns when I don’t have it enabled? Is this something new where it always uses it before forwarding the request on to pihole? And maybe I didn’t notice earlier? If I run
nslookup from one of my linux servers then it doesn’t mention magicdns. Just feels like something odd has been happening since the agent updated but I can’t pinpoint what.