Tailscale DNS

• Tailscale overrides /etc/resolv.conf, when the tunnel is up local name resolving doesn't work anymore.
  • Why is resolv.conf being overwritten?
  • Configuring Linux DNS
  • Interface-specific DNS not set if not overriding local nameserver
• Private DNS with MagicDNS

Config

• State file: /var/lib/tailscale/tailscaled.state

Show basic infos:

sudo jq -r ._profiles /var/lib/tailscale/tailscaled.state  | base64 -d | jq

Show details incl. advertised routes etc.:

current_profile=$(jq -r '."_current-profile"' /var/lib/tailscale/tailscaled.state | base64 -d)
sudo jq -r ".\"$current_profile\"" /var/lib/tailscale/tailscaled.state | base64 -d | jq

Further usage

tailscale status
tailscale ip casita

Issues

Captive portals

• Captive Wi-fi portal login didn't show up
  • Better support captive portals in Hotels, Airports, etc
• FR: Flag health errors for self-signed or otherwise invalid certificates
  • MR: control/controlclient: cache control key
• Firefox Docs: Captive portal detection

How to fix Tailscale with captive portals

• Problem: No DNS resolution works because Tailscale is the default resolver (configured for DNS Domains: ~.)
• Solution: Add ~. to the Additional search domains of the configured Wifi connection in the Network Manager UI. This will route all DNS queries directly over the wifi interface, circumventing the catch-all DNS resolution of Tailscale. Beware: This might have other side-effects !