| 18 May 2026 |
 matthewcroughan | and I've bumped a few times, no real changes | 13:47:22 |
| matthewcroughan | IPs can still be pinged at all times, if I restart tailscaled then magicdns works again | 13:47:52 |
| matthewcroughan | Then after some time, a few minutes, magicdns stops working | 13:49:18 |
| matthewcroughan | resolvectl
Global
Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Current DNS Server: 1.1.1.1#cloudflare-dns.com
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 8.8.8.8#dns.google 9.9.9.9#dns.quad9.net 1.0.0.1#cloudflare-dns.com 8.8.4.4#dns.google 149.112.112.112#dns.quad9.net 2606:4700:4700::1111#cloudflare-dns.com 2001:4860:4860::8888#dns.google 2620:fe::fe#dns.quad9.net 2606:4700:4700::1001#cloudflare-dns.com 2001:4860:4860::8844#dns.google 2620:fe::9#dns.quad9.net
Link 50 (enp199s0f4u1u4)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.5.1
DNS Servers: 192.168.5.1
Default Route: yes
Link 49 (tailscale0)
Current Scopes: DNS
Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 199.247.155.53
DNS Servers: 199.247.155.53 2620:111:8007::53
DNS Domain: tail91ecf.ts.net ~ts.net
Default Route: no
Link 2 (enp196s0)
Current Scopes: none
Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Default Route: no
Link 5 (wlan0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.5.1
DNS Servers: 192.168.5.1
Default Route: yes
| 13:50:39 |
| matthewcroughan | this is what it looks like when magicdns is not working | 13:51:08 |
| matthewcroughan | Then, if I restart tailscaled:
user: matthew nixcfg on master [$✘»!+?⇡]
❯ sudo systemctl restart tailscaled
[sudo] password for matthew:
user: matthew nixcfg on master [$✘»!+?⇡] took 2s
❯ resolvectl
Global
Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Current DNS Server: 1.1.1.1#cloudflare-dns.com
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 8.8.8.8#dns.google 9.9.9.9#dns.quad9.net 1.0.0.1#cloudflare-dns.com 8.8.4.4#dns.google 149.112.112.112#dns.quad9.net 2606:4700:4700::1111#cloudflare-dns.com 2001:4860:4860::8888#dns.google 2620:fe::fe#dns.quad9.net 2606:4700:4700::1001#cloudflare-dns.com 2001:4860:4860::8844#dns.google 2620:fe::9#dns.quad9.net
Link 50 (enp199s0f4u1u4)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.5.1
DNS Servers: 192.168.5.1
Default Route: yes
Link 51 (tailscale0)
Current Scopes: DNS
Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 100.100.100.100
DNS Servers: 100.100.100.100 fd7a:115c:a1e0::53
DNS Domain: tail91ecf.ts.net ~0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa ~100.100.in-addr.arpa ~101.100.in-addr.arpa ~102.100.in-addr.arpa ~103.100.in-addr.arpa ~104.100.in-addr.arpa ~105.100.in-addr.arpa ~106.100.in-addr.arpa ~107.100.in-addr.arpa ~108.100.in-addr.arpa ~109.100.in-addr.arpa ~110.100.in-addr.arpa ~111.100.in-addr.arpa ~112.100.in-addr.arpa ~113.100.in-addr.arpa
~114.100.in-addr.arpa ~115.100.in-addr.arpa ~116.100.in-addr.arpa ~117.100.in-addr.arpa ~118.100.in-addr.arpa ~119.100.in-addr.arpa ~120.100.in-addr.arpa ~121.100.in-addr.arpa ~122.100.in-addr.arpa ~123.100.in-addr.arpa ~124.100.in-addr.arpa ~125.100.in-addr.arpa ~126.100.in-addr.arpa ~127.100.in-addr.arpa ~64.100.in-addr.arpa ~65.100.in-addr.arpa
~66.100.in-addr.arpa ~67.100.in-addr.arpa ~68.100.in-addr.arpa ~69.100.in-addr.arpa ~70.100.in-addr.arpa ~71.100.in-addr.arpa ~72.100.in-addr.arpa ~73.100.in-addr.arpa ~74.100.in-addr.arpa ~75.100.in-addr.arpa ~76.100.in-addr.arpa ~77.100.in-addr.arpa ~78.100.in-addr.arpa ~79.100.in-addr.arpa ~80.100.in-addr.arpa ~81.100.in-addr.arpa ~82.100.in-addr.arpa
~83.100.in-addr.arpa ~84.100.in-addr.arpa ~85.100.in-addr.arpa ~86.100.in-addr.arpa ~87.100.in-addr.arpa ~88.100.in-addr.arpa ~89.100.in-addr.arpa ~90.100.in-addr.arpa ~91.100.in-addr.arpa ~92.100.in-addr.arpa ~93.100.in-addr.arpa ~94.100.in-addr.arpa ~95.100.in-addr.arpa ~96.100.in-addr.arpa ~97.100.in-addr.arpa ~98.100.in-addr.arpa ~99.100.in-addr.arpa
~ts.net
Default Route: no
Link 2 (enp196s0)
Current Scopes: none
Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Default Route: no
Link 5 (wlan0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.5.1
DNS Servers: 192.168.5.1
Default Route: yes
| 13:51:30 |
| matthewcroughan | You can see tailscale0 has tons more in it, including the correct dns server 100.100.100.100 | 13:51:50 |
| matthewcroughan | then after some time it reverts back to the broken state, which sees the DNS servers being wrong | 13:52:04 |
| matthewcroughan | Redacted or Malformed Event | 13:53:43 |
| matthewcroughan | Redacted or Malformed Event | 13:53:55 |
| matthewcroughan | https://github.com/tailscale/tailscale/issues/16558 | 13:56:00 |
| matthewcroughan | Yeah IDK then | 13:57:26 |
| matthewcroughan | how diagnose resolved, I can't use nslookup because resolved takes over | 13:57:42 |
| matthewcroughan | May 18 15:09:03 p4 tailscaled[2394634]: LinkChange: major, rebinding: old: interfaces.State{defaultRoute=enp199s0f4u1u4 ifs={enp199s0f4u1u4:[192.168.5.133/24 /64 /64 llu6] wlan0:[192.168.5.176/24 /64 llu6]} v4=true v6=true} new: interfaces.State{defaultRoute=enp199s0f4u1u4 ifs={enp199s0f4u1u4:[192.168.5.133/24 /64 /64 llu6] tailscale0:[100.75.160.14/32 fd7a:115c:a1e0::fd01:a011/128 llu6] wlan0:[192.168.5.176/24 /64 llu6]} v4=true v6=true} diff: ips tailscale0: [fe80::a95c:c3ea:5f16:dbf4/64]->[100.75.160.14/32 fd7a:115c:a1e0::fd01:a011/128 fe80::a95c:c3ea:5f16:dbf4/64] rebind-reason=[ips-changed]
May 18 15:09:03 p4 tailscaled[2394634]: dns: Set: {DefaultResolvers:[] Routes:{ts.net.:[199.247.155.53 2620:111:8007::53]} SearchDomains:[tail91ecf.ts.net.] Hosts:30}
May 18 15:09:03 p4 tailscaled[2394634]: dns: Resolvercfg: {Routes:{} Hosts:30 LocalDomains:[]}
May 18 15:09:03 p4 tailscaled[2394634]: dns: OScfg: {Nameservers:[199.247.155.53 2620:111:8007::53] SearchDomains:[tail91ecf.ts.net.] MatchDomains:[ts.net.]}
May 18 15:09:03 p4 tailscaled[2394634]: wgengine: set DNS config again after major link change
May 18 15:09:03 p4 tailscaled[2394634]: router: portUpdate(port=41641, network=udp6)
May 18 15:09:03 p4 tailscaled[2394634]: router: portUpdate(port=41641, network=udp4)
May 18 15:09:03 p4 tailscaled[2394634]: Rebind; defIf="enp199s0f4u1u4", ips=[192.168.5.133/24 /64 /64 fe80::2e0:4cff:fe68:67/64]
May 18 15:09:03 p4 tailscaled[2394634]: magicsock: 1 active derp conns: derp-8=cr3m0s,wr1m0s
| 14:16:39 |
| matthewcroughan | This is what is logged when the failure begins | 14:16:57 |
| matthewcroughan | Can't tell if client bug or bug in my router config | 14:17:44 |
| matthewcroughan | Like hwy is there even a "major link change" ? | 14:20:13 |
| matthewcroughan | I'm not changing anything | 14:20:17 |
| matthewcroughan | * Like why is there even a "major link change" ? | 14:20:23 |
| matthewcroughan | https://www.reddit.com/r/Tailscale/comments/1tco20x/problem_after_updating_to_1981/ | 14:24:36 |
| matthewcroughan | oh, okay then :/ | 14:24:40 |
 K900 | Fixed in 1.98.2 according to https://tailscale.com/changelog | 14:33:35 |
| matthewcroughan | Yes but that's in staging-next | 19:24:33 |
| matthewcroughan | so people are going to suffer for a while | 19:24:38 |
| 19 May 2026 |
 Sandro 🐧 | We should stop updating to tailscale releases that are not marked as latest | 14:47:00 |
| K900 | You mean tags that are not marked as releases? | 14:47:45 |
| K900 | They're really weird about it | 14:47:48 |
| K900 | Half the time there's fixes in there and half the time it explodes | 14:47:57 |
 mjm | cool way to do releases | 19:06:25 |
| matthewcroughan | I'm just services.tailscale.package = (builtins.getFlake "github:nixos/nixpkgs/877385b0455ab6a3bad5c19e7ef0789849d1bf50").legacyPackages.${pkgs.hostPlatform.system}.tailscale; ng | 19:21:56 |
