Frustrating DNS problem - works with Chrome, not with Safari

It's not openDNS, and no, I've not installed any software.

I suspect the issue has something to do with "Search Domains". At home, I noticed that there is an entry "localdomain", which does not appear when I connect to my network at my office.

However, even if I remove it at home, Safari still will not resolve any site unless 192.168.1.1 is in the DNS list. Desperate to understand why it's working this way...

I forgot to mention, at my office, there was no problem Safari and Chrome both were functioning properly.

It's only at home that I have the problem. When I check using IPLeak.net, it tells me I'm using my ISPs DNS server, even though I don't have that address in my DNS list. It is simply ignoring the other entries (which are first in the list) and just using (I assume) the 192.168.1.1 gateway....

First off, let me just say thank you for helping me troubleshoot this problem.

I did the steps you outlined above, and even in Safe mode, the behavior was identical. Chrome worked, Safari did not. Tests run at ipleak.net yielded the same results as before. I guess this rules out any add-ons, plug-ins, or extensions.

Is there no way to force Safari to use the DNS servers in the order they appear? From a terminal window, I ran scutil --dns, and it gave me the following at the end: (I XXd out part of the IP of the DNS server)

DNS configuration (for scoped queries)

resolver #1

search domain[0] : localdomain

nameserver[0] : 82.XXX.XX.XX

nameserver[1] : 192.168.1.1

if_index : 5 (en1)

flags : Scoped, Request A records

reach : Reachable

Removing the search domain changes nothing.

I have tried scouring google for a clue, but I can find nothing.

EDIT: One additional piece of information -- when I connect to my router directly via ethernet cable, it works fine. So, something is introduced via WiFi that causes it to ignore the DNS settings?

On ethernet, there's no need for a 192.168.1.1 in the DNS list -- Safari works fine, and uses the proper DNS.

It's only on WiFi that the 192.168.1.1 is needed. Without it, Safari can't resolve any addresses. But again, even though it's at the bottom of the list, it seems to be what's being used in Safari (based on the results of IPleak.net)

The network at work is a different ISP, and everything worked fine there.

That had no effect. Even tried several numbers in the range.

I decided to take a look at the console, to see if there were any obvious messages there.

Here are the differences between 1) starting Safari with 192.168.1.1 in the DNS list and 2) starting Safari without it in the DNS list. Most obvious difference is that when it is not present, configd sets a hostname....

I searched through the console messages for other things from configd, and I've pasted those below as well.

STARTUP SAFARI WITH 192.168.1.1 IN DNS LIST

9/9/15 01:53:35.581 storeaccountd[470]: AccountServiceDelegate: Accepting new connection <NSXPCConnection: 0x7fe189d03e10> connection from pid 3250 with interface <AccountServiceInterface: 0x7fe189e42070> (PID 3250)

9/9/15 01:53:35.734 com.apple.xpc.launchd[1]: (com.apple.imfoundation.IMRemoteURLConnectionAgent) The _DirtyJetsamMemoryLimit key is not available on this platform.

9/9/15 01:53:36.384 locationd[225]: Couldn't find a requirement string for masquerading client /System/Library/PrivateFrameworks/Parsec.framework

9/9/15 01:53:36.385 locationd[225]: could not get apple languages array, assuming english

9/9/15 01:53:37.358 com.apple.xpc.launchd[1]: (com.apple.imfoundation.IMRemoteURLConnectionAgent) The _DirtyJetsamMemoryLimit key is not available on this platform.

9/9/15 01:53:37.359 com.apple.xpc.launchd[1]: (com.apple.imfoundation.IMRemoteURLConnectionAgent) The _DirtyJetsamMemoryLimit key is not available on this platform.

9/9/15 01:53:37.405 com.apple.xpc.launchd[1]: (com.apple.imfoundation.IMRemoteURLConnectionAgent) The _DirtyJetsamMemoryLimit key is not available on this platform.

9/9/15 01:54:56.767 locationd[225]: Location icon should now be in state 'Active'

9/9/15 01:54:56.864 com.apple.xpc.launchd[1]: (com.apple.imfoundation.IMRemoteURLConnectionAgent) The _DirtyJetsamMemoryLimit key is not available on this platform.

9/9/15 01:54:58.314 locationd[225]: NETWORK: requery, 0, 0, 0, 0, 16, items, fQueryRetries, 0, fLastRetryTimestamp, 463449008.6

9/9/15 01:54:58.857 locationd[225]: Location icon should now be in state 'Region Monitoring'

9/9/15 01:55:08.404 com.apple.xpc.launchd[1]: (com.apple.auditd[3262]) Endpoint has been activated through legacy launch(3) APIs. Please switch to XPC or bootstrap_check_in(): com.apple.auditd

9/9/15 01:55:08.829 lsuseractivityd[388]: -[LSUserActivityClientProcess doUpdateUserActivityInfo:makeCurrent:completionHandler:], refusing to register user activity from client, and returning error Error Domain=LSContinuityErrorDomain Code=-108 "The operation couldn’t be completed. (LSContinuityErrorDomain error -108.)" for item <__NSConcreteUUID 0x7f8b78c248c0> 6E2FB4B1-EC0D-4203-9872-F6480A94D086 NSUserActivityTypeBrowsingWeb (LSUserActivityClientProcess.m #1148)

9/9/15 01:55:10.990 com.apple.xpc.launchd[1]: (com.apple.imfoundation.IMRemoteURLConnectionAgent) The _DirtyJetsamMemoryLimit key is not available on this platform.

9/9/15 01:57:04.717 com.apple.SecurityServer[87]: Session 100202 created

9/9/15 01:57:05.099 com.apple.xpc.launchd[1]: (com.apple.imfoundation.IMRemoteURLConnectionAgent) The _DirtyJetsamMemoryLimit key is not available on this platform.

9/9/15 01:58:10.737 com.apple.WebKit.WebContent[3271]: BUG in libdispatch: 14F27 - 2943 - 0x4

9/9/15 01:58:10.744 com.apple.xpc.launchd[1]: (com.apple.WebKit.WebContent.01B7E0A3-88FA-4A1B-B212-89E7DE0801B4[3271]) Service exited with abnormal code: 1

9/9/15 01:58:11.765 com.apple.xpc.launchd[1]: (com.apple.imfoundation.IMRemoteURLConnectionAgent) The _DirtyJetsamMemoryLimit key is not available on this platform.

STARTUP SAFARI WITHOUT 192.168.1.1 IN DNS LIST

9/9/15 01:37:23.421 storeaccountd[470]: AccountServiceDelegate: Accepting new connection <NSXPCConnection: 0x7fe189c8ec10> connection from pid 3139 with interface <AccountServiceInterface: 0x7fe189ca8c90> (PID 3139)

9/9/15 01:37:23.507 com.apple.xpc.launchd[1]: (com.apple.imfoundation.IMRemoteURLConnectionAgent) The _DirtyJetsamMemoryLimit key is not available on this platform.

9/9/15 01:37:23.871 locationd[225]: Couldn't find a requirement string for masquerading client /System/Library/PrivateFrameworks/Parsec.framework

9/9/15 01:37:23.871 locationd[225]: could not get apple languages array, assuming english

9/9/15 01:37:24.066 com.apple.xpc.launchd[1]: (com.apple.imfoundation.IMRemoteURLConnectionAgent) The _DirtyJetsamMemoryLimit key is not available on this platform.

9/9/15 01:37:24.943 com.apple.xpc.launchd[1]: (com.apple.imfoundation.IMRemoteURLConnectionAgent) The _DirtyJetsamMemoryLimit key is not available on this platform.

9/9/15 01:37:24.945 com.apple.xpc.launchd[1]: (com.apple.imfoundation.IMRemoteURLConnectionAgent) The _DirtyJetsamMemoryLimit key is not available on this platform.

9/9/15 01:37:44.070 configd[54]: setting hostname to "Andrews-MacBook-Pro.local"

9/9/15 01:37:44.269 digest-service[3149]: label: default

9/9/15 01:37:44.269 digest-service[3149]: dbname: od:/Local/Default

9/9/15 01:37:44.269 digest-service[3149]: mkey_file: /var/db/krb5kdc/m-key

9/9/15 01:37:44.269 digest-service[3149]: acl_file: /var/db/krb5kdc/kadmind.acl

9/9/15 01:37:44.305 digest-service[3149]: digest-request: uid=0

9/9/15 01:37:44.375 digest-service[3149]: digest-request: netr probe 0

9/9/15 01:37:44.376 digest-service[3149]: digest-request: init request

9/9/15 01:37:44.386 digest-service[3149]: digest-request: init return domain: ANDREWS-MBP server: ANDREWS-MACBOOK-PRO indomain was: <NULL>

9/9/15 01:37:44.492 digest-service[3149]: digest-request: uid=0

9/9/15 01:37:44.493 digest-service[3149]: digest-request: init request

9/9/15 01:37:44.497 digest-service[3149]: digest-request: init return domain: MACBOOKPRO-687A server: ANDREWS-MACBOOK-PRO indomain was: <NULL>

CONFIGD MESSAGES

9/9/15 01:22:36.819 configd[54]: network changed: v4(en1:192.168.1.3) DNS! Proxy SMB

9/9/15 01:26:34.218 configd[54]: network changed: v4(en1:192.168.1.3) DNS! Proxy SMB

9/9/15 01:27:04.288 configd[54]: setting hostname to "Andrews-MacBook-Pro.local"

9/9/15 01:32:24.361 configd[54]: network changed: v4(en1:192.168.1.3) DNS! Proxy SMB

9/9/15 01:32:40.687 configd[54]: setting hostname to "Andrews-MBP"

9/9/15 01:37:14.011 configd[54]: network changed: v4(en1:192.168.1.3) DNS! Proxy SMB

9/9/15 01:37:44.070 configd[54]: setting hostname to "Andrews-MacBook-Pro.local"

9/9/15 01:49:47.864 configd[54]: network changed: v4(en1:192.168.1.3) DNS! Proxy SMB

9/9/15 01:50:04.396 configd[54]: setting hostname to "Andrews-MBP

Also -- what do you mean by primary DNS server? I don't see that in the log.

If Chrome was also not working, then I would think it was indeed a router issue. But Chrome works fine without my gateway needed in the DNS list.

Is it something to do with mDNSResponder perhaps?

Sorry one last thing:

And one additional observation -- Safari won't even open a page if I enter an IP (apple: 17.172.224.47). With no name to resolve, why is it still failing to open the site? Again, this is only fixed if I add the gateway to the DNS list....

I don't think changing routers is an option -- I think I have to use the one o2 provided.

Is there *any* way that it can be explained why, on my home network, the router gateway must be present in the DNS list for Safari to load any page, either by name or IP?

What is the difference between Chrome and Safari in this regard? If Chrome has no problems, why does Safari?

When I don't have 192.168.1.1 in the DNS list, what precisely is failing, and how? Surely someone at Apple can answer this, yes?

Well...this is my home network, so that's not really an option. Perhaps there is some setting on the router I can change....difficult as the interface is all in German...