Safari seems to ignore my DNS Server

macos network dns safari big-sur

Safari is not doing anything untoward here. My DNS based block for reddit.com worked fine - but not www.reddit.com, old.reddit.com (even though the Eero block includes subdomains), and so on. From the command line:

$ nslookup www.reddit.com
Server:     192.168.4.1
Address:    192.168.4.1#53

Non-authoritative answer:
Name:   www.reddit.com
Address: 192.168.4.1

Because of that, I expected Safari to resolve www.reddit.com to 192.168.4.1. However, www.reddit.com (and others like old.reddit.com) are actually CNAMEs:

$ dig -t cname www.reddit.com
... snipped output ...
;; ANSWER SECTION:
www.reddit.com.     300 IN  CNAME   reddit.map.fastly.net.

So, it looks like Safari looks up www.reddit.com, sees that it is a CNAME for reddit.map.fastly.net, and then resolves reddit.map.fastly.net and is able to load the page - while displaying www.reddit.com in the URL bar.

I am not saying Safari is doing anything wrong here - this seems like totally reasonable behavior - it was just unexpected to me.

I have now added a DNS block for reddit.map.fastly.net, and everything works as expected.

Related

Mac book pro 2014 stuck in base system
How to easily forward/redirect all network traffics through local socks port 1080?
Hide file previews in Dock folders?
How can I see an iPhone Smart Battery Case serial number using macOS console?
Why does my Mac use so much swap space?
What's the maximum wattage that can be used to charge AirPods - both via Lightning and wirelessly?
Big Sur Safari issues with playback speed
How can I install Teams on iOS 9?
Are iOS 14 widgets animated / distracting?
iPhone downgrade - is it frozen?
Error on transferring photos from iPhone onto Photos on Mac
A collection of smooth manifolds with intersection property