No DNS Resolution via SSH While Tailnet Connected

I went to run a script today (to update Tailscale, FWIW) and found that when I SSH in, the router can't resolve domain names. This is curious since I can absolutely perform DNS lookups on devices connected to the router (I'm using one of those devices right now). Further, I have identical devices that, to my knowledge, are configured 100% the same and I can SSH into those through my Tailnet and have no issues.

If I disconnect from my Tailnet and hit the router locally via SSH it's a non-issue (which I did to perform the update, after which, the problem persisted).

Any idea why this might be?

Hello,

what router model and firmware version you using?

what tailscale version you upgrade to?

We recommend using the tailscale version that comes with the GL firmware, we have not tested tailscale versions other than the non-firmware version, like if upgrade to latest version, which may cause some unstable situations.

This is on a GL-A1300 with the latest prod/release firmware. It was running whichever version of TS came with the firmware (I don't recall) and is now on 1.82.0 - but the problem existed previous to the upgrade (it was when attempting to upgrade that I realized the problem).

FWIW, I don't have any problem with the same config (GL-A1300 permanently connected to a tailnet, with upgrade script keeping my Tailscale updated to a newer than default version).

What are the DNS settings on your tailnet and your router(s)? Is your GL-A1300 using Tailscale's DNS servers? Any other DNS-modifying programs running on the GL-A1300, such as AdGuard, VPN, etc.?

What do you see when you check www.dnsleaktest.com from a client device connected to GL-A1300?

On the router, Google DNS is used. Not forcing clients. Nothing else modifying DNS settings (AdGuard, etc) other than Tailscale.

My Tailnet has Google set as the DNS.

DNSLeakTest.com from a client device comes back with all Google DNS servers.

It's really puzzling.