Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Level 1

0 points

Snow Leopard mini having DNS issues

I installed Snow Leopard yesterday and everything seems to work pretty well, but I'm having an intermittent issue with DNS. The DNS in my home network is supplied by a Leopard Server, my 10.5.8 macs have no problem access and getting information about the other machines, however, on my snow leopard machine, I can execute a nslookup and get the proper information returned just fine, but then if I try to ping the same machine I just looked up, I'm told it can't resolve the hostname..weird. It will also occasionally fail when trying to us cmd-k to connect to my fileserver, again the same leopard server.
Also, I run a wiki on that same leopard server and all of my leopard machines can access and load the pages just fine. Snow leopard, probably because of DNS issues, can't find or sometimes just load, the pages.
Anyone have any ideas. I'm running a leopard server, with Open Directory, DNS, DHCP, Web, AFP, etc. None of my 10.5 systems have any trouble accessing the services, but my 10.6 mini continues to have DNS issues, and they're intermittent. Had none of these problems with I was running 10.5.8, so its not something that was a pre-existing condition.
Any ideas would certainly be appreciated.

mini, Mac OS X (10.6), Lots of mac stuff

Posted on Aug 29, 2009 6:10 AM

101 replies

Sep 8, 2009 9:22 AM in response to Snoop Dogg

I tried scutil --dns both while the problem is occurring and when things are working OK and I get the same results:

DNS configuration

resolver #1
domain : 7bp.com
nameserver[0] : 192.168.168.240
nameserver[1] : 207.191.50.10
order : 200000

resolver #2
domain : local
options : mdns
timeout : 2
order : 300000

resolver #3
domain : 254.169.in-addr.arpa
options : mdns
timeout : 2
order : 300200

resolver #4
domain : 8.e.f.ip6.arpa
options : mdns
timeout : 2
order : 300400

resolver #5
domain : 9.e.f.ip6.arpa
options : mdns
timeout : 2
order : 300600

resolver #6
domain : a.e.f.ip6.arpa
options : mdns
timeout : 2
order : 300800

resolver #7
domain : b.e.f.ip6.arpa
options : mdns
timeout : 2
order : 301000

radellaf

Level 1

14 points

Sep 11, 2009 2:29 AM in response to jlann

Well, was hoping the 10.6.1 update would fix this problem, but no dice. A shame that a "tuned up" OS appears to be anything but, when judging by Safari's performance.

Dogcow-Moof

Level 8

36,299 points

Sep 11, 2009 3:08 AM in response to jmarsan67

Bottom line, mDNSResponder occasionally switches around the order in which it queries DNS servers.

/etc/resolv.conf is no longer used except by those few programs that directly query BIND like dig, host and nslookup.

In fact their man pages even state this:

Mac OS X NOTICE
The dig command does not use the host name and address resolution or
the DNS query routing mechanisms used by other processes running on Mac
OS X. The results of name or address queries printed by dig may differ
from those found by other processes that use the Mac OS X native name
and address resolution mechanisms. The results of DNS queries may also
differ from queries that use the Mac OS X DNS routing library.

as does /etc/resolv.conf:

# # Mac OS X Notice # # This file is not used by the host name and address resolution # or the DNS query routing mechanisms used by most processes on # this Mac OS X system. # # This file is automatically generated. #

Is the DNS server rotation a bug? A feature? It's unknown.

I filed a bug with Apple on this a while back and to date they have neither asked me for further information nor closed it as either not a bug or a duplicate of a known issue.

radellaf

Level 1

14 points

Sep 11, 2009 7:15 PM in response to Dogcow-Moof

The rotation I do not think is causing my problems, as on my home router the DHCP given DNS is only 192.168.1.1 (Netgear). The other house has a LinkSys that passes on the two ISP DNS IPs, but either of those should work fine.

No, there's something that at least on some systems is causing legit DNS lookups to fail, maybe those "blank entries" mentioned earlier? If there's a workaround, I'd love to find one.

Dogcow-Moof

Level 8

36,299 points

Sep 11, 2009 7:26 PM in response to radellaf

I haven't seen legitimate DNS requests fail with proper DNS servers.

Since you're using your router as a forwarding DNS server, try manually specifying the OpenDNS DNS servers on your system ( 208.67.222.222 and 208.67.220.220) and see if your problems go away.

Sep 11, 2009 7:43 PM in response to Dogcow-Moof

William Kucharski wrote:
Bottom line, mDNSResponder occasionally switches around the order in which it queries DNS servers.

/etc/resolv.conf is no longer used except by those few programs that directly query BIND like dig, host and nslookup.

In fact their man pages even state this:

as does /etc/resolv.conf:

# # Mac OS X Notice # # This file is not used by the host name and address resolution # or the DNS query routing mechanisms used by most processes on # this Mac OS X system. # # This file is automatically generated. #

Is the DNS server rotation a bug? A feature? It's unknown.

I filed a bug with Apple on this a while back and to date they have neither asked me for further information nor closed it as either not a bug or a duplicate of a known issue.

Well, that pretty much nails it. I'm going to call it a bug and file a bug report as well.

Dogcow-Moof

Level 8

36,299 points

Sep 12, 2009 2:09 AM in response to jpgoldberg

Don't bother, it's already been filed.

I haven't yet heard back as to what Apple's take on it is (bug or feature.)

However, feel free to log a call to AppleCare about it; you get 90 days of free phone support with the purchase of Snow Leopard.

Note that ignoring /etc/resolv.conf in favor of the Mac OS X internal resolver and mDNSResponder is not a bug, it's a feature.

The only thing that is either a bug or feature is whether mDNSResponder is supposed to occasionally swap the order of DNS servers in order to provide a pseudo-round robin client, or if there's something else causing it to swap them around.

Sep 12, 2009 7:43 AM in response to Dogcow-Moof

William Kucharski wrote:
However, feel free to log a call to AppleCare about it; you get 90 days of free phone support with the purchase of Snow Leopard.

Well, that's a thought.

The only thing that is either a bug or feature is whether mDNSResponder is supposed to occasionally swap the order of DNS servers in order to provide a pseudo-round robin client, or if there's something else causing it to swap them around.

I do understand. It probably is a feature. It very well may be that the trick of relying on the order in which DNS servers are specified may have been unsound from the very beginning, and people like me are finally getting caught out on that. But that still doesn't mean I have to like this.

radellaf

Level 1

14 points

Sep 12, 2009 6:42 PM in response to Dogcow-Moof

I thought there were some issues with DNS servers and certain TTL settings. In any case, I set up the routers in both houses to use OpenDNS. Seems like that may be a good idea for other reasons as well.

So far, no problems.

radellaf

Level 1

14 points

Sep 14, 2009 7:53 PM in response to radellaf

I spoke too soon. Back to occasional 10+ second delays while Safari is "Contacting" the server. Usually gets through, but can take a minute or more. G4 running 10.5.8, no problems. XP bootcamp on this machine, no problems. Maybe I'll make a genius bar appointment and let them tell me to do a clean install...

Anyone else from this thread still having issues?

Sep 14, 2009 9:51 PM in response to radellaf

Ugh. I'm seeing these delays as well although mine aren't occasional they are constant.

I thought this was a Time Warner issue but now it seems to be specific to a few Macs running 10.5.8.

Dogcow-Moof

Level 8

36,299 points

Sep 16, 2009 3:49 PM in response to ThreeProng

Apple's investigating it as bug.

Sep 16, 2009 4:17 PM in response to jpgoldberg

jpgoldberg wrote:

I'm going to call it a bug and file a bug report as well.

It would probably be a violation of the bug reporting Non-disclosure agreement for me to say that, unsurprisingly, my bug report got acknowledged as a duplicate. So I won't say that.

mhorn

Level 1

0 points

Sep 19, 2009 5:15 PM in response to jlann

I hope Apple fixes this soon. I have a Linux box as a DNS server for my home network which I have listed as the first DNS server and the my ISP's two DNS servers as backups.
Since the Snow Leopard update my Mac now can't resolve my in-house domain because it is using the IPS DNS servers first.

This breaks a lot of services I have running on my Linux box and on my Filer like web servers, Subversion repository, etc. 😟

I guess I could use IP address, but the whole reason I setup a DNS server was to avoid that hassle.

Sep 20, 2009 5:53 PM in response to mhorn

mhorn wrote:
I hope Apple fixes this soon. I have a Linux box as a DNS server for my home network which I have listed as the first DNS server and the my ISP's two DNS servers as backups.

I had the same set-up (except that I used FreeBSD instead of Linux)

Since the Snow Leopard update my Mac now can't resolve my in-house domain because it is using the IPS DNS servers first.

What I did as a temporary workaround was simply remove the ISP DNS servers from /etc/resolv.conf (well actually from the DHCP server configuration). I assume that your local DNS server forwards requests for non-authoritative domains to your ISP's nameservers.

However the problem is that you no longer have any name server fail over if your local DNS server goes goes down. Anyway, what I've just finished doing is setting up a slave on another host on my local network.

Also (I haven't tried this yet) you can probably set up your router/firewall to forward DNS queries to your local name server first and then failover to your ISPs.

I guess I could use IP address, but the whole reason I setup a DNS server was to avoid that hassle.

Although none of the workarounds are fully satisfactory, I think you really can keep your local nameserver.

Snow Leopard mini having DNS issues