DNS in Tailscale
By default, Tailscale provides each device with a unique, stable IP address. However, IP addresses aren’t very memorable, and can be unwieldy to work with. Like the internet at large, it’s possible to map Tailscale IPs to human readable names by using DNS.
We’re currently working on a feature called “magic DNS,” which will automatically register DNS names for devices in your network. However, this feature is not available just yet. In the meantime, we have a few alternatives for setting up your DNS.
Using the DNS tab in the admin console
DNS IP addresses: these are the IP addresses of existing DNS servers you want your Tailscale nodes to use for lookups, whenever they are connected to your network. Many companies have internal private DNS servers with the names of their private machines. If so, you can add those DNS servers here. Note that unless your DNS servers are either public, or using Tailscale 100.x addresses, you will probably need to configure subnet routing so that your nodes can reach the private DNS server(s).
Search paths: these are default domain suffixes to search when looking up names. If your search path is “example.com” and you try to ping a machine named “hello”, then DNS on your node will search for “hello.example.com” automatically.
Using these settings, you can point your Tailscale nodes at a DNS server that you control, in a subdomain that you control. Then you can manually define DNS names that match the various servers you want to reach on your Tailscale network. It’s a bit tedious, but it works.
Using a public DNS subdomain
Alternatively, you can use the DNS admin console settings blank, and instead publish records on your public-facing DNS server, assuming you have one. The DNS names can be looked up (converted to a private IP address) by anyone on the Internet, but this is relatively harmless since they won’t be able to reach the private IP address anyway.
Almost every organization already has a public DNS server (so that they can route email, publish a web site, etc), so this is easier than setting up an internal private DNS server.
Tailscale does not offer a DNS server, so you will need to use one that you run yourself, or one offered by your cloud or domain host, or by some other DNS provider. Note that DNS names may take a while to propagate once you add them.