I have installed Ubuntu Server 24 on my Zimaboard and I’m trying to do a few things
- Pihole for the devices on my network
- Tailscale to access a VM I have and scrape some Prometheus data
- Other apps like homebridge, jellyfin, etc
I’m having trouble getting DNS under control. My router, a Fritz Box, is the DHCP server.
Here is my netplan configuration:
network:
version: 2
ethernets:
enp3s0:
dhcp4: no
dhcp6: no
addresses:
- 192.168.178.94/24
dhcp4-overrides:
use-dns: no
see that there is no DNS set whatsoever. I also configured resolve.conf like this:
[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
#DNS=
#FallbackDNS=
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
#StaleRetentionSec=0
#DNSStubListener=no
DNSStubListener=no
MulticastDNS=yes
LLMNR=no
DNSOverTLS=opportunistic
again, no DNS configuration but even like this, there are STILL nameserver coming from my router:
# This is /run/systemd/resolve/resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
nameserver 100.100.100.100
nameserver 2a02:8109:9f38:b900:2e3a:fdff:fea1:ee32
nameserver fd00::2e3a:fdff:fea1:ee32
search dolphin-marlin.ts.net fritz.box
this is a problem because the only way to get Tailscale to resolve other nodes is by removing any DNS from my configurations and let Tailscale overwrite the DNS via admin panel, hence the 100.100.100.100
on the top of the file.
If I add any DNS server via Netplan, this is what happens: my resolv.conf gets polluted with DNS servers from my router apparently
nameserver 1.1.1.1
nameserver fd00::2e3a:fdff:fea1:ee32
nameserver 2a02:8109:9f38:b900:2e3a:fdff:fea1:ee32
# Too many DNS servers configured, the following entries may be ignored.
nameserver 100.100.100.100
search fritz.box dolphin-marlin.ts.net
and Tailscale can’t resolve its nodes
kowa@homeserver:~$ nslookup google.com
Server: 1.1.1.1
Address: 1.1.1.1#53
Non-authoritative answer:
Name: google.com
Address: 142.251.143.78
Name: google.com
Address: 2a00:1450:401b:810::200e
kowa@homeserver:~$ nslookup accesories
Server: 1.1.1.1
Address: 1.1.1.1#53
** server can't find accesories: NXDOMAIN
If I then restart tailscaled
the Tailscale DNS server then gets added to the top of the list
nameserver 100.100.100.100
nameserver 1.1.1.1
nameserver fd00::2e3a:fdff:fea1:ee32
# Too many DNS servers configured, the following entries may be ignored.
nameserver 2a02:8109:9f38:b900:2e3a:fdff:fea1:ee32
search dolphin-marlin.ts.net fritz.box
and all works again but every lookup goes through Tailscale, which I don’t think its optimal, I wouldn’t want my server to crash if Tailscale infrastructure goes belly up (more likely than Cloudflare going under)
I’m not the smartest person when it comes to networking so appreciate if anyone could give me some insights