override_local_dns dosent work on maos #603

New Issue

adam · 2025-12-29T02:21:05+01:00

adam commented

2025-12-29 02:21:05 +01:00

Originally created by @kfkawalec on GitHub (Dec 21, 2023).

Headscale: 0.22.3
Tailscale (console): 1.56.0

There is no DNS resolver pointing to 100.100.100.100 on MacOS.
Command: tailscale up --accept-dns --accept-routes

user@mac ~ % scutil --dns
DNS configuration

resolver #1
  nameserver[0] : 192.168.100.101
  nameserver[1] : 192.168.100.102
  if_index : 15 (en0)
  flags    : Request A records
  reach    : 0x00020002 (Reachable,Directly Reachable Address)

resolver #2
  domain   : local
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 300000

...

resolver #8
  domain   : search.tailscale
  search domain[0] : test.local
  search domain[1] : user1.ts.local
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)

DNS configuration (for scoped queries)

resolver #1
  nameserver[0] : 192.168.100.101
  nameserver[1] : 192.168.100.102
  if_index : 15 (en0)
  flags    : Scoped, Request A records
  reach    : 0x00020002 (Reachable,Directly Reachable Address)

Config:

dns_config:
  override_local_dns: true

  nameservers:
    - 1.1.1.1

  restricted_nameservers:
    test.local:
      - 10.10.0.1
  domains: ["test.local"]
 
  magic_dns: true

  base_domain: ts.local

Logs:

LinkChange: major, rebinding. New state: interfaces.State{defaultRoute=en0 ifs={en0:[192.168.100.59/24 llu6] utun4:[100.64.0.1/32 fd7a:115c:a1e0::1/128 llu6]} v4=true v6=false}
dns: Set: {DefaultResolvers:[1.1.1.1] Routes:{dev.ts.local.:[] test.local.:[10.10.0.1] users.ts.local.:[] users.ts.local.:[]}+65arpa SearchDomains:[test.local. users.ts.local.] Hosts:3}
dns: Resolvercfg: {Routes:{.:[1.1.1.1] test.local.:[10.10.0.1]} Hosts:3 LocalDomains:[users.ts.local.]+65arpa}
dns: OScfg: {Nameservers:[100.100.100.100] SearchDomains:[test.local. users.ts.local.] }
wgengine: set DNS config again after major link change

Originally created by @kfkawalec on GitHub (Dec 21, 2023). Headscale: 0.22.3 Tailscale (console): 1.56.0 There is no DNS resolver pointing to 100.100.100.100 on MacOS. Command: tailscale up --accept-dns --accept-routes ``` user@mac ~ % scutil --dns DNS configuration resolver #1 nameserver[0] : 192.168.100.101 nameserver[1] : 192.168.100.102 if_index : 15 (en0) flags : Request A records reach : 0x00020002 (Reachable,Directly Reachable Address) resolver #2 domain : local options : mdns timeout : 5 flags : Request A records reach : 0x00000000 (Not Reachable) order : 300000 ... resolver #8 domain : search.tailscale search domain[0] : test.local search domain[1] : user1.ts.local flags : Request A records reach : 0x00000000 (Not Reachable) DNS configuration (for scoped queries) resolver #1 nameserver[0] : 192.168.100.101 nameserver[1] : 192.168.100.102 if_index : 15 (en0) flags : Scoped, Request A records reach : 0x00020002 (Reachable,Directly Reachable Address) ``` Config: ``` dns_config: override_local_dns: true nameservers: - 1.1.1.1 restricted_nameservers: test.local: - 10.10.0.1 domains: ["test.local"] magic_dns: true base_domain: ts.local ``` Logs: ``` LinkChange: major, rebinding. New state: interfaces.State{defaultRoute=en0 ifs={en0:[192.168.100.59/24 llu6] utun4:[100.64.0.1/32 fd7a:115c:a1e0::1/128 llu6]} v4=true v6=false} dns: Set: {DefaultResolvers:[1.1.1.1] Routes:{dev.ts.local.:[] test.local.:[10.10.0.1] users.ts.local.:[] users.ts.local.:[]}+65arpa SearchDomains:[test.local. users.ts.local.] Hosts:3} dns: Resolvercfg: {Routes:{.:[1.1.1.1] test.local.:[10.10.0.1]} Hosts:3 LocalDomains:[users.ts.local.]+65arpa} dns: OScfg: {Nameservers:[100.100.100.100] SearchDomains:[test.local. users.ts.local.] } wgengine: set DNS config again after major link change ```

adam added the bug label 2025-12-29 02:21:05 +01:00

adam closed this issue

2025-12-29 02:21:05 +01:00

adam commented

2025-12-29 02:21:06 +01:00

@kfkawalec commented on GitHub (Dec 22, 2023):

https://github.com/tailscale/tailscale/wiki/Tailscaled-on-macOS

MagicDNS works, but you need to set 100.100.100.100 as your DNS server yourself. It doesn't yet change your DNS config.

:)

@kfkawalec commented on GitHub (Dec 22, 2023): https://github.com/tailscale/tailscale/wiki/Tailscaled-on-macOS ``` MagicDNS works, but you need to set 100.100.100.100 as your DNS server yourself. It doesn't yet change your DNS config. ``` :)

Sign in to join this conversation.

Branches Tags

main

update_flake_lock_action

gh-pages

kradalby/release-v0.27.2

dependabot/go_modules/golang.org/x/crypto-0.45.0

dependabot/go_modules/github.com/opencontainers/runc-1.3.3

copilot/investigate-headscale-issue-2788

copilot/investigate-visibility-issue-2788

copilot/investigate-issue-2833

copilot/debug-issue-2846

copilot/fix-issue-2847

dependabot/go_modules/github.com/go-viper/mapstructure/v2-2.4.0

dependabot/go_modules/github.com/docker/docker-28.3.3incompatible

kradalby/cli-experiement3

doc/0.26.1

doc/0.25.1

doc/0.25.0

doc/0.24.3

doc/0.24.2

doc/0.24.1

doc/0.24.0

kradalby/build-docker-on-pr

topic/docu-versioning

topic/docker-kos

juanfont/fix-crash-node-id

juanfont/better-disclaimer

update-contributors

topic/prettier

revert-1893-add-test-stage-to-docs

add-test-stage-to-docs

remove-node-check-interval

fix-empty-prefix

fix-ephemeral-reusable

bug_report-debuginfo

autogroups

logs-to-stderr

revert-1414-topic/fix_unix_socket

rename-machine-node

port-embedded-derp-tests-v2

port-derp-tests

duplicate-word-linter

update-tailscale-1.36

warn-against-apache

ko-fi-link

more-acl-tests

fix-typo-standalone

parallel-nolint

tparallel-fix

rerouting

ssh-changelog-docs

oidc-cleanup

web-auth-flow-tests

kradalby-gh-runner

fix-proto-lint

remove-funding-links

go-1.19

enable-1.30-in-tests

0.16.x

cosmetic-changes-integration

tmp-fix-integration-docker

fix-integration-docker

configurable-update-interval

show-nodes-online

hs2021

acl-syntax-fixes

ts2021-implementation

fix-spurious-updates

unstable-integration-tests

mandatory-stun

embedded-derp

prtemplate-fix

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/headscale#603