Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Dave Whitla
Dave Whitla Author
User level: Level 1
0 points

Lion has completely broken DNS resolution

I use a laptop as I frequently migrate between different offices and home.

Since discovering the feature on Tiger I have relied on /etc/resolver files to work around issues in various offices, usually the result of Windows DNS and DHCP servers. As a software developer who before Tiger used Linux exclusively for about 10 years, I also relied on /etc/hosts to intercede for remote DNS resolvers when running application servers locally.


Since installing Lion neither of these systems work at all. Whats more even "normal" DNS resolution is inconsistent from application to application.

For example, given the following output from scutil --dns (set by DHCP client):


dwhitla@dwhitla:~$ scutil --dns

DNS configuration



resolver #1

search domain[0] : secret.com

nameserver[0] : 10.0.1.16

nameserver[3] : 10.0.252.99



resolver #2

domain : local

options : mdns

timeout : 5

order : 300000



resolver #3

domain : 254.169.in-addr.arpa

options : mdns

timeout : 5

order : 300200



resolver #4

domain : 8.e.f.ip6.arpa

options : mdns

timeout : 5

order : 300400



resolver #5

domain : 9.e.f.ip6.arpa

options : mdns

timeout : 5

order : 300600



resolver #6

domain : a.e.f.ip6.arpa

options : mdns

timeout : 5

order : 300800



resolver #7

domain : b.e.f.ip6.arpa

options : mdns

timeout : 5

order : 301000



DNS configuration (for scoped queries)



resolver #1

search domain[0] : secret.com

nameserver[0] : 10.0.1.16

nameserver[1] : 10.0.252.99

if_index : 4 (en0)

flags : Scoped


I get the following behaviour:


dwhitla@dwhitla:~$ nslookup repo.test

Server: 10.0.1.16

Address: 10.0.1.16#53



Non-authoritative answer:

Name: repo.test.secret.com

Address: 10.160.254.100



dwhitla@dwhitla:~$ ping repo.test

ping: cannot resolve repo.test: Unknown host


I could install Bind or dnsmasq but the need for this annoys me. It's acceptable when you're using a free OS but my whole motivation for paying for a Mac and OSX was to spend more time getting work done and less time working around deficiencies in the operating system.


There is also no rational explanation for deliberately reversing the resolver order from that of previous OSX versions.


Apple please fix this.

Posted on Sep 21, 2011 5:17 PM

Reply
2 replies
User profile for user: Dave Whitla
Dave Whitla Author
User level: Level 1
0 points

Sep 21, 2011 5:50 PM in response to Dave Whitla

Just found this:


http://www.eigenspace.org/2011/07/fixing-osx-lion-dns-search-domains/


And from man 5 resolver:


ndots:n Sets a threshold for the number of dots which must appear in a name given to res_query (see resolver(3)) before an initial absolute query will be

made. The default for n is ``1'', meaning that if there are any dots in a name, the name will be tried first as an absolute name before any search

list elements are appended to it.


Clearly a bug.



Some people may find this useful also:


http://www.justincarmony.com/blog/2011/07/27/mac-os-x-lion-etc-hosts-bugs-and-dn s-resolution/

Reply

Lion has completely broken DNS resolution

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up