Discoveryd Alternative to Replace mDNSResponder Argument?

macos network dns

This is a direct follow-on to this question. Before Yosemite, I'd add the "-AlwaysAppendSearchDomains" argument to the mDNSResponder plist file so that all local resolver lookups added the search domains, regardless of whether there was a period in the label to be looked up. For example, whether I try to ssh to hostname foo.bar or foo, the search domain of baz.com should be tried, not only for the latter case, as was (and is) the default behavior.

Now, it looks like the mDNSResponder is gone, replaced with discoveryd. I cannot find a similar option to get it to always appending the search domain. Suggestions? I'd rather not go the route of using a non-default local resolver, but I'd consider it as an option. For now, I'll just type in the long FQDNs, but I'd really rather not.

Thanks, Pete


Solution 1:

Since 10.10.1, the simplest way to fix this is to add --AlwaysAppendSearchDomains to ProgramArguments in plist file /System/Library/LaunchDaemons/com.apple.discoveryd.plist

Then restart com.apple.discoveryd.plist with:

sudo launchctl unload /System/Library/LaunchDaemons/com.apple.discoveryd.plist
sudo launchctl load /System/Library/LaunchDaemons/com.apple.discoveryd.plist

All this according to the help printed by:

/usr/libexec/discoveryd --help

That will do the same as it did for mDNSResponder as far as I can tell.

Solution 2:

Run sudo discoveryutil mdnsactivedirectory yes in Terminal. According to https://discussions.apple.com/message/26927843#26927843 it is the solution.

This can be made to run automatically whenever launching a terminal without a password:

  • sudo visudo
    • add a line to the bottom %admin ALL=NOPASSWD: /usr/sbin/discoveryutil
    • If admin group doesn't work, run groups at the terminal and use an appropriate group - perhaps 'staff' or 'everyone'. Or just use an individual username without the leading %
  • To test visudo change
    • sudo -k
    • sudo su and verify that you are asked for password. Then control-c without entering your password
    • sudo discoveryutil mdnsactivedirectory and verify that you aren't asked for password
  • Add a line to ~/.bash_profile sudo discoveryutil mdnsactivedirectory yes
  • Add Terminal to your user's Login Items
    • on 10.10: System Preferences->Users & Groups, Select User
    • Goto "Login Items" tab, and add /Applications/Utilities/Terminal

Solution 3:

No solution unfortunately, but I've found out you can at least check the resolver config using 'discoveryutil', like so:

mdbraber-mba:~ mdbraber$ sudo discoveryutil configresolver
Configuration Resolvers: Resolver domain [default], type Unicast, ifIndex 4, port 0, timeout 30, A yes, AAAA no, serviceID 0, scope None, order 0
    server 192.168.143.1
    search domain ourhouse
Configuration Resolvers: Resolver domain [default], type Unicast, ifIndex 4, port 0, timeout 30, A yes, AAAA no, serviceID 0, scope InterfaceID, order 0
    server 192.168.143.1

Apparently the first resolver lists a searchdomain, although it doesn't seem to work as under OS X < 10.10 versions. No idea why there is a second resolver without a search domain listed.

Solution 4:

Here is a hacked up solution using a local nameserver - works for me:

https://github.com/joedj/yosemite_dnsfix

Related

Why is my Macbook Pro getting so slow?
Disable storage of invisible files "._" on my cfs or smb network storage
What is the best way to clone a disk between two Macs?
Where are my iBooks stored in macOS?
How can I move virtual memory swap files to a different drive or partition?
Limit text length to n lines using CSS
How to download a file from server using SSH? [closed]
Bash tool to get nth line from a file
How can I show line numbers in Eclipse?
How can I combine two or more querysets in a Django view?
How to change the font size on a matplotlib plot
jQuery hasAttr checking to see if there is an attribute on an element [duplicate]