Let's say, i am using a private domain: "domain.org"
This is not a public domain
I have many services running under this domain in x3000
I use haproxy to serve multiple services for this domain, examples are:
news.domain.org, mail.domain.org, photos.domain.org, files.domain.org...etc
I use letsencrypt to serve SSL for "domain.org" and it works great
While i am in the local network, when tailscale in turned on in x3000, smartphone is NOT connected to tailscale, i have no issues in connecting to these websites, from my smartphone.
But, when i turn on tailscale on smarphone, i am unable to reach any of these websites with the names (news.domain.org etc). I can reach them using internal IP address (such as 192.168.10.22) as well as IP addresse assigned by tailscale (such as 100.1.2.3)
I have tried splitDNS as well as magicDNS on tailscale admin page but no solution yet.
What may i be missing here?
Please help.
bruce
2
Hi,
This question perhaps beyond our support, but I d like to provide some advice to say:
Base on your network topology:
News/Mail/Photos/Files... Server + Haproxy —— X3000 + TS —— Internet (TS) ——
...—— Phone
TS enable the Split DNS, example:
If the haproxy is a DNS proxy server under the X3000, if the phone initiate a domain name resolution request, can the haproxy receive the request from phone?
Try to capture the network package of the TS interface of the X3000 to check: 'tcpdump' tool in opkg.
Since if the haproxy listen the DNS 53 port the handle the domain.org.
I added the nameserver domain.org
But i am still not able to get to any of the internal websites
If i use IP address of these websites, then it works
Also, if i at my home network, connected to home wifi and have tailscale turned off on my smartphone, i can access all the websites with just their names
bruce
4
That is confirmed, I see.
But this issue is related to the Tailscale DNS service for the remote tailscale connected devices, I cannot sure if tailscale support it, please ask Tailscale team to continue.
