Mac OSX Lion DNS lookup order [closed]

After upgrading to Mac OSX Lion I figured out that /etc/hosts is not looked up in first place for name resolution anymore. This leads to some side effects like:

  1. Entries in /etc/hosts are resolved painfully slow
  2. You can't not override existing domains, e.g. 127.0.0.1 www.google.com
  3. If you get search domain entries from DHCP, let say .lan, and some funny guy configured localhost.lan to something else then 127.0.0.1 in the local DNS you can not reach your localhost anymore.

Is this behavior intended? Does it make any sense? And most important, how can I come back to the old behavior.


Solution 1:

I think he matter is Lion handles .local TLD differently because it's reserved for some Multicast DNS features (used by Bonjour). The only way i found to solve this issue is using a different TLD for development hosts (ie: .dev). It works fine for me, hope it's gonna be helpful to others!

Solution 2:

With regards to overriding domains in the hosts file, I have found that in some circumstances, Lion queries the IPv6 address for a domain if it senses that a domain is unreachable over the IPv4 network.

I discovered this when I noticed some ads that I had never seen before on Snow Leopard because I had redirected the ad domains to 127.0.0.1. I fired up wireshark and noticed AAAA (IPv6 DNS records) queries following the IPv4 A queries (IPv4). The ad servers indeed have IPv6 addesses and were able to serve me their content.

The solution to this is have a

::1 mydomain.com

entry for every

127.0.0.1 mydomain.com

entry in your hosts file.

Interestingly, if you happen to have a local webserver running on 127.0.0.1:80 and your browser receives a response from the webserver (error or otherwise), no AAAA query is issued, as it seems to be satisfied that a TCP connection was at least possible.


On a related note, if you make heavy use of the hosts file (for adblocking, local web development, etc), you may want to look into running your own local DNS resolver. There is a considerable disk/CPU hit from having to read /etc/hosts on every request, so it is in your best interest to keep that file very light.

One advantage of running something like dnsmasq locally (besides the significant performance boost) is that you can redirect whole top-level domains back to your local machine. This allows you to have the whole *.dev namespace for development (for instance), without having to individually enter every domain you want resolved locally into /etc/hosts

Solution 3:

The problem was that I symlinked the /etc/hosts file. If /etc/hosts is a plain file everything is ok.

Solution 4:

Update(2): OSX 10.10.5 brings the return of mDNSResponder.

Update: OSX 10.10 Yosemite has replaced mDNSResponder with "discoveryd". I've not upgraded so I am not sure of the discoveryd behavior w/r/t DNS lookups and /etc/hosts.

The system DNS resolver on Lion is the mDNSResponder process.

You may be thinking "but mDNSResponder is the multicast dns responder." You're right; that's what it originally was for, and it still fulfills this function. However, on newer MacOS versions it also does standard host lookups.

In Lion, it does not appear to automatically re-read /etc/hosts when it changes, at least not always. Killing mDNSResponder (and allowing it to be automatically restarted) seems to fix the problem.

sudo killall mDNSResponder

should do the trick.

below is my original answer for posterity. I suppose it might still be an issue in some cases.

Make sure your /etc/hosts file is a unix style text file, with linefeeds as the ending rather than cr's.

Editing with TextWrangler or a unix text editor should preserve the file.

If your file is already messed up, try this to fix

tr '\015' '\012' < /etc/hosts > /tmp/hosts.$$
mv /etc/hosts /etc/hosts.bad
mv /tmp/hosts.$$ /etc/hosts
# fix up permissions while we are at it
chown root:wheel /etc/hosts
chmod 644 /etc/hosts

credit for this fix to:

http://techpatio.com/2011/guides-how-to/fixed-mac-osx-lion-etc-hosts-bugs-dns

Solution 5:

ive had this issue for a while, as im working a team of devs it became necessary to actually use .local rather then .dev or .localhost, i found this article to be very useful.

iTand.me - Lion local domains and etc hosts..

In summary;

But if you have to use .local, the most elegant solution I've found is the dscl utility. Using it is very straightforward. To add a host called mydev.local and point it to the localhost, just do this:

sudo dscl localhost -create /Local/Default/Hosts/mydev.local IPAddress 127.0.0.1

To see all the currently defined hosts and their IPs

sudo dscl localhost -list /Local/Default/Hosts IPAddress

And to remove a host:

sudo dscl localhost -delete /Local/Default/Hosts/mydev.local

Overall, pretty straightforward and works well. I still would prefer to be able to edit /etc/hosts instead, but this is a better alternative to having to rename all our .local servers.