I have some services set up which i make available with tailscale and a domain name outside my lan. Inside my home network i set up adguard dns rewrites to use the same domain for devices which are not on my tailnet. I disabled dns rebind protection in my fritzbox for these domains.

Now my problem: I don’t leave my phone connected to tailscale all of the time because of high battery drain. Inside of my wifi the phone should still be able to access my services using the domain, but it is only able some of the time. My work laptop (not on my tailnet) is able to access the services.

Is the dns cached somehow in android? Is the private dns setting of android overwriting the dns i configured in my router? Where else could the problem lie? Any hints are appreciated :)

  • kossa@feddit.orgEnglish
    1·
    1 天前

    I kinda had a similar problem. Never found the root cause, but what did the trick for me was to put an OpenWRT Router between the default ISP router and my home network.

    As I said, I never figured out, why Android did not respect the DHCP settings of the default router, but here we are. Maybe it was some DNS shenanigans by the ISP’s config, maybe it was a wrong DNS/DHCP configs from my side, maybe it was IPv6 shenanigans. Those are the culprits I would investigate from your side.

  • rtxn@lemmy.worldEnglish
    2·
    4 天前

    private dns setting of android

    Probably. If that setting is enabled, Android (including Graphene) defaults to 8.8.8.8 if the higher-priority DNS servers (manual or received from DHCP) don’t support DNS-over-TLS or DNS-over-HTTPS.

    • marci@lemmy.worldOPEnglish
      1·
      2 天前

      I disabled private dns and it seemed to work yesterday, but today i can not connect to my services again. Any other ideas on how to pin down the issue?

      • rtxn@lemmy.worldEnglish
        2·
        2 天前

        Install Termux, then use either the dig or nslookup command to query the DNS name, and check which DNS server is queried. If it’s the private server’s address, you might be having connectivity issues. If it’s 100.100.100.100, the resolver is still trying to query Tailscale’s MagicDNS.