Unlike macOS, iOS and Linux, Android does not support a CNAME to private domains (in this case a Tailscale ts.net) because its resolver doesn’t request after it encounters one; it just fails. A tad frustrating since it means a significantly more complicated DNS setup just for the one OS.
