Issues with Tailscale only on EndeavourOS device

Kundalini · October 11, 2023, 11:25pm

Hi,

I use tailscale on multiple devices and noticed an issue with it only on my endeavourOS device. I spoke to tailscale about it, and they insisted it’s something on the linux side, so I figured I would give it a crack here and see what someone might know.

Basically, switching on and using tailscale on this eOS system completely ignores the DNS that is set by tailscale config. I know this by going to DNS leak test websites and seeing that it always shows my DNS resolver IP as my home ISP IP address. This happens on the eOS device whether tailscale is on or off.

On the other tailscale devices I have, it doesn’t show my local IP when tailscale is turned on. It only does this when tailscale is turned off, which is the way it’s supposed to behave.

Again I know some might blame tailscale, I don’t know if it is a tailscale issue or not, but one of their tech support agents made it sound as if though it’s a Linux issue because of how the main DNS is stored in different ways or something along those lines.

Your thoughts? Can I fix this?

Note: I use pihole with unbound, which is likely the reason why my home ISP IP is shown as my DNS resolver IP

BluishHumility · October 12, 2023, 1:37am

I also have an issue with Tailscale DNS on an EOS box. In my case I am connecting to an exit node in my home from inside a VM at work. I’m not sure if we are having the same issue or not but it sounds like it might be.

What is supposed to happen when Tailscale detects systemd-resolved is not in use (which is the default for EOS and Arch) is it overwrites /etc/resolv.conf with the Tailscale nameserver (100.100.100.100), and from there uses whatever DNS you have set up in Tailscale. For some reason on my EOS install it seems to incorrectly detect that systemd-resolved is in use and does not overwrite the file.

I opened an issue but it hasn’t gone anywhere yet:

github.com/tailscale/tailscale

Tailscale incorrectly detecting systemd-resolved

opened 03:59PM - 06 Oct 23 UTC

BluishHumility

OS-linux waiting-for-info dns

### What is the issue? I have an EndeavourOS VM which has been running Tailscal…e for a few months. It uses a remote exit node and generally works great. At some point over the last few weeks it stopped overwriting `/etc/resolv.conf` when the system would start up. From what I understand from reading through forums and issue threads, it appears to be detecting `systemd-resolved` is in use, although I do not use it--I use NetworkManager. ``` ❯ systemctl status systemd-resolved ○ systemd-resolved.service - Network Name Resolution Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; disabled; preset: enabled) Active: inactive (dead) Docs: man:systemd-resolved.service(8) man:org.freedesktop.resolve1(5) https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients ``` The bottom of my `tailscale status` output has these lines: ``` # Health check: # - dns-manager: systemd-resolved and NetworkManager are wired together incorrectly; MagicDNS will probably not work. For more info, see https://tailscale.com/s/resolved-nm # - dns-os: setLinkDNS: Unit dbus-org.freedesktop.resolve1.service not found. # - dns: setLinkDNS: Unit dbus-org.freedesktop.resolve1.service not found. ``` I am able to work around the issue by manually overwriting `/etc/resolv.conf` like this: ``` ❯ echo 'nameserver 100.100.100.100' | sudo tee /etc/resolv.conf ``` After overwriting `resolv.conf`, everything works great. The exit node is in use and I can access local resources on the LAN of the exit node, etc. It's no huge bother to manually overwrite `/etc/resolv.conf` at boot, but I just can't seem to figure out why it is needed. When I first set up the VM Tailscale was working without this intervention. I thought I would reach out in case there is something I am missing, or perhaps I have run into a bug. ### Steps to reproduce The issue recurs at each boot. The Tailscale service starts automatically, but fails to overwrite `/etc/resolv.conf`. ### Are there any recent changes that introduced the issue? I believe I noticed this change after taking a normal system update and rebooting. I wish I checked if Tailscale was one of the packages that was updated, but I did not think of it at the time. I can't think of any other changes that would have affected the networking configuration, but it is possible I changed something inadvertently. ### OS Linux ### OS version EndeavourOS ### Tailscale version 1.50.0 ### Other software EndeavourOS is a guest in VMware Workstation 17 Player, using NAT to share the host's IP address. This configuration has not changed between when it was working normally and now. ### Bug report BUG-51974eeedf1d8696323400a1f5c94dbacfc0c1c17f9b563e4ce7f7990d6378f1-20231006155910Z-8290586189d4db1f

In the meanwhile I have just been manually overriding the file whenever I start Tailscale in the VM like this:

echo 'nameserver 100.100.100.100' | sudo tee /etc/resolv.conf

One sure way to get Tailscale to cooperate is just give in and set up systemd-resolved. It is better supported by their tooling than using just NetworkManager. They wrote a blog post about it here:

I haven’t bothered with setting up systemd-resolved myself, but at some point I will probably do it just to learn it I think. In the meanwhile, I sure would like to figure out why Tailscale thinks systemd-resolved is running when it is not!

Kundalini · October 13, 2023, 9:03pm

You appear to be correct. Tailscale support responded to an email of mine regarding this issue, and they provided the following link as a solution. I just tried it out and it works. Problem solved.

system · October 15, 2023, 9:03pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.