On iOS, you can only use one VPN app at a time. The problem is that apps like 1.1.1.1 that offer secure DNS-over-HTTPS are implemented as VPN apps, so we always have to choose whether to use Tailscale (and access our private nodes) or 1.1.1.1 (and prevent our ISP from spying on us via DNS then selling that data to advertisers).

Would it be possible in the Tailscale iOS app to be able to configure what DNS server is used as fallback when split DNS is enabled? Ideally with DoH/DoT support too :)

Note: this request is fairly different from #74 . The latter is about global DNS, in which the Tailscale DNS server makes upstream requests using DoT/DoH. In this case, the request is for the client itself to be configured to make split DNS requests using DoT/DoH when split DNS is being used.

Front conversations