local (non-tailnet) DNS is failing whenever Tailscale is connected and "Use Tailscale DNS Settings" is active.
I have reproduced this on the following platforms:
- macOS 15.6 (TS Standalone 1.86.2)
- iOS 18.6 (TS 1.84.1)
- tvOS 18.5 (TS 1.84.1)
- tvOS 18.6 (TS 1.84.1)
Below is me trying to resolve nytimes.com, first with "Use Tailscale DNS settings" enabled, then with it disabled. Finally, with it enabled again I was able to resolve a tailnet dns entry (but still unable to resolve nytimes.com)
hostname:[~]$ dig nytimes.com
; <<>> DiG 9.10.6 <<>> nytimes.com
;; global options: +cmd
;; connection timed out; no servers could be reached
hostname:[~]$ dig nytimes.com
; <<>> DiG 9.10.6 <<>> nytimes.com
;; global options: +cmd
;; Got answer:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 30167
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
[...]
hostname:[~]$ dig channels.donkey-cardassian.ts.net
; <<>> DiG 9.10.6 <<>> channels.donkey-cardassian.ts.net
;; global options: +cmd
;; Got answer:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 59872
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
[...]
- Ensure "Use Tailscale DNS settings" is enabled
- Try to resolve public DNS
I've recently updated macOS, iOS and tvOS, but I also have a second appleTV which was sitll on v18.5 and I am still able to reproduce it there.
My OpenBSD router uptime is 31 days and I am running unbound on it for local/caching DNS. Unbound hasn't been updated since April.