List DNS servers in Mavericks

First, if networksetup -getdnsservers <service name> does not show anything, you don't have anything listed in System Preferences > Netowrk under "DNS Servers:".

Second, it is important to note that OS X does not handle DNS like most systems. Per https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man5/resolver.5.html Essentially this means that OS X has multiple DNS clients depending on your configuration. The result of these multiple services means that there are situations whereby using Safari to access a website (http://www.example.com) will take you to an IP address that OS X has retrieved from DNS (say 1.2.3.4) while at the same time, performing a dig

$ dig www.example.com  

will return different results. (perhaps 2.3.4.5)

The reason for this lies in the way that OS X handles DNS.

If you run $ man dig you get among other things, the following:

Mac OS X NOTICE The dig command does not use the host name and address resolution or the DNS query routing mechanisms used by other processes running on Mac OS X. The results of name or address queries printed by dig may differ from those found by other processes that use the Mac OS X native name and address resolution mechanisms. The results of DNS queries may also differ from queries that use the Mac OS X DNS routing library.

Also $man nslookup will return something similar

Mac OS X NOTICE The nslookup command does not use the host name and address resolution or the DNS query routing mechanisms used by other processes running on Mac OS X. The results of name or address queries printed by nslookup may differ from those found by other processes that use the Mac OS X native name and address resolution mechanisms. The results of DNS queries may also differ from queries that use the Mac OS X DNS routing library.

All this is really a rather lengthy way of saying, the best way to see what DNS servers are being used is to look at System Preferences > Network

The "DNS Server:" entires are usually there, and "Search Domains:" will allow you to search for incomplete addresses.

If "DNS Server:" is not present, then OS X will try to use the address in "Router:" for DNS.

AND, on top of all this fun, there are utilities and other processes that may not be using the OS X DNS Routing Library, and they will be hitting the contents of /etc/resolv.conf directly.

The short short answer is this:

  1. If you go by the contents of System Preferences > Network, you are looking at the same thing that most processes are using.
  2. The Contents of System Preferences > Network, should populate /etc/resolv.conf, but not always.
  3. Some other processes (like dig and nslookup) are accessing /etc/resolv.conf directly.

And, on top of all this - If you are not using the VPN clients built in to OS X, it is possible that additional routes and DNS servers are being used that networksetup -getdnsservers <service name> will not show. Your VPN client may have the ability to show you the routes and DNS servers, I know that mine does.

I know that this does not precisely answer your question, but hopefully this helps you realize that it is not always easy to find out what the "truth" is regarding DNS on a Mac. Generally you are safe assuming that the contents of System Preferences > Network, or the contents of networksetup -getdnsservers <service name> are where you are getting your DNS from. However if things seem weird, keep in mind that there are other possibilities too. Use dig to help determine if there are differences afoot.

Last, for those readers who are wondering how to get the <service name> in networksetup -getdnsservers <service name>, try using networksetup -listallnetworkservices

Bill


in OSX Mavericks (10.9 - actually 10.6.3 up, I believe) if you want to see the active DNS configuration:

scutil --dns

The -first- entry (resolver #1) is reportedly the active configuration...though I've seen plenty of cases where that's not the case.

from man scutil

 The --dns option reports the current DNS configuration.  The first listed
 resolver(5) configuration is considered to be the "default" configura-
 tion.  Additional "supplemental" configurations follow.  Those containing
 a "domain" name will be used for queries matching the specified domain.
 Those without will be used as a "default" configuration in addition to
 the first listed.

IME, if what you see here doesn't match what you expect (ie, network > advanced > dns), you may need to disable/enable the appropriate network adaptor for it to refresh...

Other tips in recent OSX:

With 10.7 or 10.8, search domains dont apply to lookups with a dot in them. ie - www.test won't append search domains at all, where www will. there's a fix:

sudo vim /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
Add <string>-AlwaysAppendSearchDomains</string>after line 16
    <key>ProgramArguments</key>
    <array>
        <string>/usr/sbin/mDNSResponder</string>
        <string>-launchd</string>
        <string>-AlwaysAppendSearchDomains</string>
    </array>

Now unload and reload the mDNSResponder service: sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist

the network > advanced > dns config is -PER INTERFACE-. So if you use wireless and wired...you have to setup both.

there's another way, too - /etc/resolver - one example in here: Do /etc/resolver/ files work in Mountain Lion for DNS resolution? and more here: https://www.dforge.net/2013/01/30/osx-domain-specific-dns-servers-etcresolver/

As for trying to do an nslookup - it's well known that nslookup (and host and dig) doesn't follow the (extremely unique and mixed up) OSX resolution mechanism. Use ping.


I would normally use (on unix environments, and this is possibly a bit old school) something like the following examples.

Firstly, you can lookup an IP address or DNS name entry individually, and it will report back the server that was used to provide the answer. You can lookup a single entry on the command line, or enter the nslookup program and lookup several entries without having to re-enter the command:

nslookup

Default Server:  redacted.organisation.com
Address:  10.47.xxx.xxx

> ibm.com
Server:  redacted.organisation.com
address:  10.47.xxx.xxx

Non-authoritative answer:
Name:    ibm.com
Address:  129.42.38.1

> sun.com (etc etc, use quit or exit to get out)

Secondly this command (note I ran this on a windows box, on unix/OS X the command ipconfig /all is instead ifconfig -a and output results may differ slightly) which lists ip config data for each interface on your system, physical ports, wireless connections, VNCs etc, displaying what DNS and IP data is associated with each route out of the machine, you will get lots of entries back, one for each genuine network port/adapter, and also various amounts of virtual ports too depending on your configuration, in my example I removed most of the results but showed my VPN adapter and the (redacted) DNS entries it has.

C:\Users\dawilkin>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : XXX-XXXXX
   Primary Dns Suffix  . . . . . . . : XX.XXXXX.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : XXX.com
                                       XX.XXX.com
                                       XX.XXX.com
                                       XXX.co.uk
                                       XXX.com

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . : XXX.com
   Description . . . . . . . . . . . : Cisco AnyConnect VPN Virtual Miniport Ada
pter for Windows x64
   Physical Address. . . . . . . . . : 00-XX-9A-XX-XX-00
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.47.XX.XX(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.240.0
   Default Gateway . . . . . . . . . : 10.47.XX.X
   DNS Servers . . . . . . . . . . . : 10.47.XX.X
                                       10.31.XX.X
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) 82579LM Gigabit Network Connecti
on
   Physical Address. . . . . . . . . : 3C-97-XX-XX-XX-3C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #
2
   Physical Address. . . . . . . . . : A4-4E-31-42-33-41
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

What does nslookup tell you? It gives me my DNS server on the second line.

$ nslookup stackexchange.com
Server:     8.8.8.8
Address:    8.8.8.8#53

Non-authoritative answer:
Name:   stackexchange.com
Address: 198.252.206.16