Cheap VPS, Real Lessons

tailscale up defaults to --accept-dns=true. The docs describe MagicDNS as a convenience feature — resolve Tailscale nodes by short name instead of IP. Every Tailscale setup guide treats it as harmless. On laptops, it is. On servers, it replaces your only DNS resolver with a userspace forwarder that isn’t ready at boot and intermittently fails on public queries. TL;DR: MagicDNS silently rewrites /etc/resolv.conf to 100.100.100.100. On servers, this causes intermittent SERVFAIL on public domains and crash loops after reboot. Fix: disable DNS acceptance and set your own resolver. ...