2 Replies Latest reply: Jun 25, 2013 7:17 AM by Appppppppppppppple
Appppppppppppppple Level 1 Level 1 (0 points)

We're having problems with 2 Mac Pro desktops on our network, and by the looks of it, at least one BYOD Macbook. DNS configuration is DHCP-assigned. The DHCP service is running on a Windows 2008 Server R2 machine. Windows (XP, 7) clients are picking up DHCP configuration (including DNS config) without trouble. The problem started yesterday, after I exported the config for a DHCP scope, altered the config file to create a /23 subnet (down from a /20), deleted the scope, and imported the config to create the new / adjusted scope. In all fairness, the problem may well be with the DHCP server--nothing changed configuration-wise on the Macs--but for the moment I'm grasping at straws.

The "problem" Macs receive their IP configuration. I'm able to ssh to the Macs, etc. I can also ping stuff (even public IP addresses on the Internet) from the Macs. However, the Macs don't seem to receive (or properly interpret/handle) DHCP option 6 (DNS Servers), because no DNS servers are set.

 

networksetup -getdnsservers "Ethernet 1"

 

returns: There aren't any DNS Servers set on Ethernet 1

 

So I tried manually setting DNS Servers on the interface: sudo networksetup -setdnsservers "Ethernet 1" 192.168.2.29 192.168.2.30

 

Now networksetup -getdnsservers "Ethernet 1" returns:

 

192.168.2.29

192.168.2.30

 

even after manually setting DNS servers, nslookup www.google.com results in:

;; connection timed out; no servers could be reached.

 

and if I go to the interactive nslookup prompt:

 

I simply get a bare prompt

 

>

 

and if I try a lookup, again:

 

;; connection timed out; no servers could be reached.

 

However, if I explicitly select a DNS server in nslookup:

 

> server 192.168.2.29

Default server: 192.168.2.29

Address: 192.168.2.29#53

>www.google.com

...

Non-authoritative answer:

Name:    www.google.com

Addresses:  2404:6800:4003:802::1013

          173.194.38.144

          173.194.38.145

          173.194.38.148

          173.194.38.146

          173.194.38.147

 

But I can't get name resolution to work otherwise.

 

The following appears repeatedly in system.log (HOSTNAME changed).

 

Jun 12 14:57:12: --- last message repeated 1 time ---

Jun 12 14:57:12 HOSTNAME UserEventAgent[11]: CaptiveNetworkSupport:CaptiveSCCopyWiFiDevices:388 WiFi Device Name == NULL

Jun 12 14:57:12 HOSTNAME configd[2080]: network configuration changed.

Jun 12 14:57:12 HOSTNAME mDNSResponder[12]: mDNSPlatformSetDNSConfig: Error: dns_configuration_copy returned NULL

Jun 12 14:57:14 HOSTNAME com.apple.launchd[1] (com.apple.configd[2080]): Job appears to have crashed: Trace/BPT trap: 5

Jun 12 14:57:14 HOSTNAME com.apple.launchd[1] (com.apple.configd): Throttling respawn: Will start in 9 seconds

Jun 12 14:57:14 HOSTNAME ReportCrash[2079]: Saved crash report for configd[2080] version ??? (???) to /Library/Logs/DiagnosticReports/configd_2013-06-12-145714_localhost.crash

Jun 12 14:57:14 HOSTNAME ReportCrash[2079]: Removing excessive log: file://localhost/Library/Logs/DiagnosticReports/configd_2013-06-12-145341_local host.crash

 

In kernel.log (possibly related):

 

Jun 12 14:19:36 HOSTNAME kernel[0]: Sandbox: kcm(527) deny file-read-metadata /private/etc/resolv.conf

Jun 12 14:19:59: --- last message repeated 8 times ---

 

The kernel.log entries appeared shortly after rebooting the system...not sure if it is from a service starting up or something I tried after the system restarted.

 

The Macs keep sending DHCP renewal requests every few seconds. Here is a sample DHCPREQUEST and a sample DHCPACK (HOSTNAME and domain search information changed):

 

---------------------------------------------------------------------------

  TIME: 15:27:00.469120

    IP: > (00:00:00:00:00:00) >  (ff:ff:ff:ff:ff:ff)

    OP: 1 (BOOTPREQUEST)

HTYPE: 1 (Ethernet)

  HLEN: 6

  HOPS: 0

   XID: 85613893

  SECS: 0

FLAGS: 0

CIADDR: 0.0.0.0

YIADDR: 0.0.0.0

SIADDR: 0.0.0.0

GIADDR: 0.0.0.0

CHADDR: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

OPTION:  53 (  1) DHCP message type         3 (DHCPREQUEST)

OPTION:  55 (  9) Parameter Request List      1 (Subnet mask)

                                              3 (Routers)

                                              6 (DNS server)

                                             15 (Domainname)

                                            119 (Domain Search)

                                             95 (LDAP)

                                            252 (MSFT - WinSock Proxy Auto Detect)

                                             44 (NetBIOS name server)

                                             46 (NetBIOS node type)

 

OPTION:  57 (  2) Maximum DHCP message size 1500

OPTION:  61 (  7) Client-identifier         00:00:00:00:00:00:00

OPTION:  50 (  4) Request IP address        192.168.2.177

OPTION:  51 (  4) IP address leasetime      7776000 (12w6d)

OPTION:  12 ( 14) Host name                 HOSTNAME

---------------------------------------------------------------------------

  TIME: 15:27:00.470767

    IP: > (00:00:00:00:00:00) >  (ff:ff:ff:ff:ff:ff)

    OP: 2 (BOOTPREPLY)

HTYPE: 1 (Ethernet)

  HLEN: 6

  HOPS: 0

   XID: 85613893

  SECS: 0

FLAGS: 0

CIADDR: 0.0.0.0

YIADDR: 192.168.2.177

SIADDR: 192.168.2.28

GIADDR: 0.0.0.0

CHADDR: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

SNAME: .

FNAME: boot\x64\wdsnbp.com.

OPTION:  53 (  1) DHCP message type         5 (DHCPACK)

OPTION:  58 (  4) T1                        14400 (4h)

OPTION:  59 (  4) T2                        25200 (7h)

OPTION:  51 (  4) IP address leasetime      28800 (8h)

OPTION:  54 (  4) Server identifier         192.168.2.28

OPTION:   1 (  4) Subnet mask               255.255.254.0

OPTION:   3 (  4) Routers                   192.168.2.1

OPTION:   6 (  8) DNS server                192.168.2.29,192.168.2.30

OPTION: 119 ( 18) Domain Search             0000000000000000 ........

                                            0000000000000000 ........

                                            0000             ..

OPTION:  44 (  4) NetBIOS name server       192.168.2.30

---------------------------------------------------------------------------

 

Known-affected systems include Lion and Mountain Lion. It looks like it's also affecting Snow Leopard, but need to confirm.

Suggestions for troubleshooting or guesses at the cause would be appreciated! :-)


Mac Pro, Mac OS X (10.7.5)
  • 1. Re: DNS isn't working
    Grant Bennet-Alder Level 8 Level 8 (49,250 points)

    There are few who are willing to delve into the Unix bowels of Mac OS X.

     

    If you lack DNS entries on this page:

    System preferences > Network > Ethernet > Advanced > DNS

     

    fat finger in the Open DNS numbers shown here (that 192 number is my home server) and be done with it.

     

    Screen shot 2013-06-12 at 4.59.29 PM.png

     

    .

  • 2. Re: DNS isn't working
    Appppppppppppppple Level 1 Level 1 (0 points)

    Grant Bennet-Alder wrote:

     

    There are few who are willing to delve into the Unix bowels of Mac OS X.

    Let alone convincing the fanbois to admit it does have bowels and occasionally takes a dump.

     

    In this case, it wasn't any fault of OS X, as I had guessed. It took me long enough, but I eventually found that my DHCP Option 119 (Domain search list) didn't import properly when I re-created my DHCP scope. It wasn't zeroed-out as my DHCPACK sample suggested (I manually zeroed-out that output to protect the "innocent" :-). But when I looked at this option, I noticed the hex values were nonsensical. After resetting Option 119 with the appropriate hex values (see http://www.mattzuba.com/2011/03/windows-2008-rc2-dhcp-server-option-119/), our Mac clients are happy with the DHCP offers they receive and receive the correct Search Domains configuration. After re-creating the DHCP scope, the Macs were apparently choking on the corrupted Option 119 and kept sending DHCPREQUESTs.

     

    Anyway, glad its working and hope this helps someone else along.