search

tailscale / tailscale

The easiest, most secure way to use WireGuard and 2FA.
https://tailscale.com
BSD 3-Clause "New" or "Revised" License
19.16k stars 1.5k forks source link

DNS issues causing some Linux applications to fail to start #11620

Open christopherredden opened 7 months ago

christopherredden commented 7 months ago

What is the issue?

With a fresh install of Fedora 40 I've noticed that when tailscale is up, many applications were failing to start, such as Firefox which ships with Fedora 40 Workstation install by default. If I take tailscale down the application launches immediately.

Command used: sudo tailscale up --accept-routes

When viewing the tailscaled log I see this:

Apr 04 10:35:11 fedora tailscaled[2135]: dns udp query: context deadline exceeded Apr 04 10:35:22 fedora tailscaled[2135]: dns udp query: context deadline exceeded Apr 04 10:35:32 fedora tailscaled[2135]: dns udp query: context deadline exceeded Apr 04 10:35:43 fedora tailscaled[2135]: dns udp query: context deadline exceeded Apr 04 10:35:53 fedora tailscaled[2135]: dns udp query: context deadline exceeded Apr 04 10:36:04 fedora tailscaled[2135]: dns udp query: context deadline exceeded Apr 04 10:36:14 fedora tailscaled[2135]: dns udp query: context deadline exceeded

This seems to be related to https://github.com/tailscale/tailscale/issues/3786

If I launch tailscale with --accept-dns=false the problem doesn't appear.

Tailscale Version: 1.62.1 tailscale commit: 8ee5801a3d6b669620e38ee4fbe8b93d3b73af96 other commit: 76428ac0be84b1f0e26cc21f9db2b048dabe2059 go version: go1.22.1

Steps to reproduce

Clean install of Fedora 40 run sudo tailscale up --accept-routes launch Firefox Firefox freezes/fails to launch for many minutes, or until you take tailscale down (then it immediately launches)

Are there any recent changes that introduced the issue?

No response

OS

Linux

OS version

Fedora 40

Tailscale version

1.62.1

Other software

No response

Bug report

BUG-a1e250dbfceb78d1ecceac6837f49b1b049a6b6e0487e0f233b926d2b2f77f80-20240404083508Z-d2116bca48154a56

kelivel commented 6 months ago

2024-04-04 08:34:24 dns: resolver: forward: no upstream resolvers set, returning SERVFAIL

Looks like something is querying 100.100.100.100 and it can't resolve. Do you have something configured to point to 100.100.100.100? What does cat /run/systemd/resolve/resolv.conf show?

christopherredden commented 6 months ago

2024-04-04 08:34:24 dns: resolver: forward: no upstream resolvers set, returning SERVFAIL

Looks like something is querying 100.100.100.100 and it can't resolve. Do you have something configured to point to 100.100.100.100? What does cat /run/systemd/resolve/resolv.conf show?

nameserver 192.168.1.1 search

But none of these hostnames should be related to opening firefox, for example, right?

christopherredden commented 6 months ago

Also where can you see that it's trying to access 100.100.100.100?