tl;dr: If your custom DNS does not work in Safari, you might want to try disabling Advanced Tracking and Fingerprinting Protection.
A few weeks back, I set up AdGuard Home on my Synology NAS. I’ve been using it without any issues inside and outside of my home network thanks to Tailscale. There was one issue with this setup though: battery drainage on all of my mobile devices. I noticed that my battery usage went up by 25% on my phone.
From what I could find, the increased battery usage might have been caused by a few factors:
- Constant network connection: Tailscale maintains a persistent VPN connection
- Encryption overhead: The VPN encrypts and decrypts all traffic, which requires additional processing power
- Background processes: Tailscale might be doing some work in the background
To solve this issue, I decided to update my config so that I use VPN only when I’m not on my home network. My ISP-provided router does not allow me to change the default DNS, so my only option was to manually set it for each device.
Tailscale’s VPN On-Demand feature is just the tool for the job. It allows you to connect to your mesh network only when some specific rules are satisfied. For example, with the following configuration, my phone will connect to the VPN only when I’m not connected to my home network.
This setup worked beautifully. The battery issue was gone. Tailscale worked as advertised. I could still access my server from anywhere. The only issue was that AdGuard Home seemed to not work in private Safari tabs.
My first suspect was Private Relay. I toggled it on and off, but it didn’t fix the issue. The second suspect was the “Prevent cross-site tracking” setting. Still nothing. Finally, I found this thread that pointed me in the right direction. Turns out, the issue was caused by the Advanced Tracking and Fingerprinting Protection setting located in Advanced settings. Turning it off fixes the issue instantly.
iOS
macOS
