Tailscale Routing with PiHole DNS

On my Linux server, I have Tailscale running in a docker container as an exit node. I also have PiHole running in a docker container on the same Linux server.

I am using PiHole as my DNS server for devices on my internal network and for devices connected to my Tailnet. It works great. Now here’s where I am running to a wall.

I want to have my other docker services on the same Linux host (Nextcloud, portainer, home assistant, etc) available to connect to on Tailscale and on my home network using the same hostname. When I set an A record in PiHole DNS to the Tailscale IP of my server, I am able to connect fine when connected to tailscale (No Exit Node Selected). This is exactly what I want. However, when I disconnect from Tailscale on say my iPhone and am on my local network, the hostname can’t resolve. If I then change the PiHole record to point at my internal IP for the Linux server, then I can connect on my internal network. But I can only connect on Tailscale when connected through the exit node.

Is there such thing as a primary and secondary A record? Could I utilize that in PiHole DNS? I’d prefer not to leave tailscale running on my iPhone/iPad all day since it chews through battery life when idle. :frowning:

It would be great to use the same hostname for the two different scenarios. I don’t think it’s possible, but wanted to see if there are any ideas out there!

It sounds like you’re looking for Subnet router, not necessarily an exit node (note the --advertise-routes=...)

So you can access your home LAN IPs from a host not on your home LAN over Tailscale.

… or you might be looking for “split-horizon” (aka as I recently learned “split-brain” DNS). Where Tailscale hosts get the Tailscale IP and home network hosts get the home network IP.

For example, you could run a second pihole in a container for Tailscale only… or any other DNS server.

Very interesting. I think hosting another PiHole or DNS service just for tailscale is probably easiest. Didn’t even cross my mind. Thanks!