Troubleshooting DNS

macos network dns

I don't know what might cause a problem like this, but I can give you some troubleshooting pointers.

  • First, try doing a manual query to 8.8.4.4 (dig google.com @8.8.4.4) -- dig, nslookup, and host all seem to use the first listed server, but the system resolver uses a weird round-robin-ish system that'll fail intermittently if some of the configured DNS servers don't work right. Similarly, you might try configuring the OS to use just 8.8.8.8 and see if that changes anything.

  • Speaking of the system resolver, it's possible it's gotten into some weird state, so restarting it may clear the problem. Actually, I'd reset both opendirectoryd (which dispatches all kinds of lookups) and mDNSResponder (which actually does the DNS part), just in case. sudo killall opendirectoryd mDNSResponder should do the trick. Note that both daemons will be restarted automatically.

  • You can get more info out of mDNSResponder by sending it signals. Probably the most useful is the packet logging feature, which makes it log each DNS packet sent & received to /var/log/system.log. You can toggle it on & off with sudo killall -USR2 mDNSResponder. The log entries should look something like this (for a successful lookup, that is):

     -- Sent UDP DNS Query (flags 0100) RCODE: NoErr (0) RD ID: 28215 25 bytes from port 61186 to 172.20.0.1:53 --
  1 Questions
  0 scanme.insecure.net. Addr
  0 Answers
  0 Authorities
  0 Additionals
 --------------
 -- Received UDP DNS Response (flags 8180) RCODE: NoErr (0) RD RA ID: 28215 272 bytes from 172.20.0.1:53 to 172.20.6.67:61186 --
  1 Questions
  0 scanme.insecure.net. Addr
  1 Answers
  0 TTL    3600    4 scanme.insecure.net. Addr 5.45.96.131
  4 Authorities
  0 TTL   86400   17 insecure.net. NS ns3.eurodns.com.
  1 TTL   86400   17 insecure.net. NS ns2.eurodns.com.
  2 TTL   86400   17 insecure.net. NS ns4.eurodns.com.
  3 TTL   86400   17 insecure.net. NS ns1.eurodns.com.
  7 Additionals
  0 TTL    3600    4 ns1.eurodns.com. Addr 80.92.65.2
  1 TTL    3600   16 ns1.eurodns.com. AAAA 2001:0B20:1001:0004:0000:0000:0000:0002
  2 TTL    3600    4 ns2.eurodns.com. Addr 80.92.89.242
  3 TTL    3600   16 ns2.eurodns.com. AAAA 2001:0B20:1001:0011:0000:0000:0000:0242
  4 TTL     600    4 ns3.eurodns.com. Addr 80.92.95.42
  5 TTL    3600    4 ns4.eurodns.com. Addr 192.174.68.100
  6 TTL    3600   16 ns4.eurodns.com. AAAA 2001:067C:01BC:0000:0000:0000:0000:0100
 --------------

You can also send it a USR1 signal to turn on debug logging (which seems to require you to know a lot about mDNSResponder's internals to make sense of), and the INFO signal makes it dump its internal state into the system log (probably informative, but lots of info to sort through).

Related

MacOS missing after using EaseUS partition on Bootcamp [duplicate]
Caffeinate : prevent screensaver (Catalina)
Shortcut to login to website using JavaScript
What is this icon with a square and a waveform in Apple Watch Control Center?
How to disable "Restored Session" message from appearing every time I run Terminal?
Question on automorphisms of shift dynamical systems and their inverses
Regarding "Sterntalers", related to the basis of a topology.
A problem on Minima. Proving sphere has minimum surface area for a given volume
Integrate an indicator against Brownian motion
How do i show that $\{m/2^n:m,n\in\mathbb{R}\}$ is dense in $\mathbb{R}$? [closed]
Final number after a skip-delete algorithm acting on a circular seating of numbers
union of cartesian products problem!