Skip to content

Restore support for "Override local DNS" #2438

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kradalby merged 1 commit into from
Apr 17, 2025
Merged

Restore support for "Override local DNS" #2438

kradalby merged 1 commit into from
Apr 17, 2025

Conversation

@nblock
Copy link
Collaborator

@nblock nblock commented Feb 20, 2025
edited
Loading

Tailscale allows to override the local DNS settings of a node via "Override local DNS" [1]. Restore this flag with the same config setting name dns.override_local_dns but disable it by default to align it with Tailscale's default behaviour.

Tested with Tailscale 1.80.2 and systemd-resolved on Debian 12.

With dns.override_local_dns: false:

Link 12 (tailscale0)
Current Scopes: DNS
     Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 100.100.100.100
    DNS Domain: tn.example.com ~0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa [snip]

With dns.override_local_dns: true:

Link 12 (tailscale0)
Current Scopes: DNS
     Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 100.100.100.100
    DNS Domain: tn.example.com ~.

[1] https://tailscale.com/kb/1054/dns#override-local-dns

Fixes: #2256

  • have read the CONTRIBUTING.md file
  • raised a GitHub issue or discussed it on the projects chat beforehand
  • added unit tests
  • added integration tests
  • updated documentation if needed
  • updated CHANGELOG.md

@nblock nblock marked this pull request as ready for review March 2, 2025 16:11
@nblock nblock mentioned this pull request Apr 13, 2025
Closed
2 tasks
@kradalby kradalby added this to the v0.26.0 milestone Apr 14, 2025
@ghost
Copy link

ghost commented Apr 16, 2025
edited by ghost
Loading

Pull Request Revisions

RevisionDescription
r2
Added DNS configuration test casesExpanded test cases for DNS configuration in config_test.go, adding new YAML test files and additional test scenarios for DNS override and configuration handling
r1
Restore DNS override local settingsAdded override_local_dns configuration option to control DNS resolver behavior, with validation and default settings
✅ AI review completed for r2
Help React with emojis to give feedback on AI-generated reviews:
  • 👍 means the feedback was helpful and actionable
  • 👎 means the feedback was incorrect or unhelpful
💬 Replying to feedback with a comment helps us improve the system. Your input also contributes to shaping future interactions with the AI reviewer.

We'd love to hear from you—reach out anytime at [email protected].

ghost
ghost approved these changes Apr 16, 2025
View reviewed changes
@nblock @kradalby
Restore support for "Override local DNS"
3cd301e 
Tailscale allows to override the local DNS settings of a node via
"Override local DNS" [1]. Restore this flag with the same config setting
name `dns.override_local_dns` but disable it by default to align it with
Tailscale's default behaviour.

Tested with Tailscale 1.80.2 and systemd-resolved on Debian 12.

With `dns.override_local_dns: false`:

```
Link 12 (tailscale0)
Current Scopes: DNS
     Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 100.100.100.100
    DNS Domain: tn.example.com ~0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa [snip]
```

With `dns.override_local_dns: true`:

```
Link 12 (tailscale0)
Current Scopes: DNS
     Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 100.100.100.100
    DNS Domain: tn.example.com ~.
```

[1] https://tailscale.com/kb/1054/dns#override-local-dns

Fixes: juanfont#2256
@kradalby kradalby merged commit 1e0516b into juanfont:main Apr 17, 2025
269 of 276 checks passed
SuperSandro2000
SuperSandro2000 reviewed May 5, 2025
View reviewed changes
hscontrol/types/config.go

viper.SetDefault("dns.magic_dns", true)
viper.SetDefault("dns.base_domain", "")
viper.SetDefault("dns.override_local_dns", true)
Copy link
Contributor

@SuperSandro2000 SuperSandro2000 May 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think https://github.com/juanfont/headscale/pull/2438/files#r2046953908 is correct. I also just ran into this and needed to turn local dns override off.

@nblock nblock deleted the local_dns branch May 5, 2025 16:26
@fallingcats
Copy link

fallingcats commented May 14, 2025

This being on by default now immediately breaks old configs that didn't specify the option and don't have any global nameserver set. Was that intentional?

@nblock
Copy link
Collaborator Author

nblock commented May 15, 2025

This being on by default now immediately breaks old configs that didn't specify the option and don't have any global nameserver set. Was that intentional?

This was enabled (and enforced) for 0.23.x, 0.24.x and 0.25.x and an upgrade without adjusting the configuration will still have this option enabled. But using "Override local DNS" without specifying global nameservers is an error which is now checked for.

nblock added a commit to nblock/headscale that referenced this pull request May 15, 2025
@nblock
Document breaking change for dns.override_local_dns
9d3d223 
See: juanfont#2438
nblock added a commit to nblock/headscale that referenced this pull request May 15, 2025
@nblock
Document breaking change for dns.override_local_dns
adb27b0 
See: juanfont#2438
nblock added a commit to nblock/headscale that referenced this pull request May 15, 2025
@nblock
Document breaking change for dns.override_local_dns
300d78d 
See: juanfont#2438
nblock added a commit that referenced this pull request May 16, 2025
@nblock
Document breaking change for dns.override_local_dns
b50e10a 
See: #2438
@dotlambda dotlambda mentioned this pull request Jun 1, 2025
Merged
6 tasks
@z3ntu
Copy link

z3ntu commented Jun 4, 2025

To add my 2 cents, I think this has also broken the config for me, on Linux I couldn't resolve the hostnames anymore that are set up using extra_records. I believe for some reason the Android client still was able to resolve it, but maybe that was just a DNS cache, I didn't check much more.
With the headscale config updated to override_local_dns: true and restarting everything appears to make everything work again as expected.

qenya added a commit to qenya/nixfiles that referenced this pull request Dec 6, 2025
@qenya
headscale: Disable new dns.override_local_dns option
297d008 
For some reason this was enabled by default in 0.26.0 even though it
breaks existing configurations. ¯\_(ツ)_/¯
juanfont/headscale#2438
@sysedwinistrator sysedwinistrator mentioned this pull request Dec 27, 2025
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kradalby kradalby kradalby approved these changes

@ohdearaugustin ohdearaugustin Awaiting requested review from ohdearaugustin ohdearaugustin is a code owner

@juanfont juanfont Awaiting requested review from juanfont juanfont is a code owner

+2 more reviewers

@SuperSandro2000 SuperSandro2000 SuperSandro2000 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

v0.26.0

Development

Successfully merging this pull request may close these issues.

[Feature] Adding an option to prevent tailscale clients adding ~. to its DNS search domains for systemd-resolved.

5 participants

@nblock @fallingcats @z3ntu @kradalby @SuperSandro2000